Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirects


  • Please log in to reply
3 replies to this topic

#1 Gormil

Gormil

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:50 PM

Posted 22 January 2012 - 10:45 PM

EDIT: Split from http://www.bleepingcomputer.com/forums/topic438825.html ~Budapest

I have the same problem. i got the "fake security 2012 virus" and after reinstall windows 7 i have many problems. My system is starting very slow.i had a after the reinstallation of windows bug: "memory line XYZ..." (cant remember).. but i didnt use a internet explorer. but after updating the newest windows version this bug is gone. i use A/V and alrdy checked my system with "Malewarebytes Anti-Malware" and "TDSS rootkit removing tool". I hoped i can solve the problem with this topic and i found the same rootkit: Rootkit.Boot.Pihar.b
But i have still this problem with google (http://209.85.145.103/webhp?hl=en)

Anti-Maleware found this:

Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.23.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Gormil :: GORMIL-PC [Administrator]

Schutz: Aktiviert

23.01.2012 04:12:20
mbam-log-2012-01-23 (04-12-20).txt

Art des Suchlaufs: Flash-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Registrierung | Dateisystem | P2P
Durchsuchte Objekte: 160062
Laufzeit: 19 Sekunde(n)

Infizierte Speicherprozesse: 5
C:\Windows\svchost.exe (Trojan.Agent) -> 4136 -> Löschen bei Neustart.
C:\Windows\svchost.exe (Trojan.Agent) -> 4152 -> Löschen bei Neustart.
C:\Windows\svchost.exe (Trojan.Agent) -> 4160 -> Löschen bei Neustart.
C:\Windows\svchost.exe (Trojan.Agent) -> 4244 -> Löschen bei Neustart.
C:\Windows\svchost.exe (Trojan.Agent) -> 4260 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Löschen bei Neustart.

(Ende)


and:

2012/01/23 04:08:15 +0100 GORMIL-PC Gormil MESSAGE Starting protection
2012/01/23 04:08:17 +0100 GORMIL-PC Gormil MESSAGE Protection started successfully
2012/01/23 04:08:20 +0100 GORMIL-PC Gormil MESSAGE Starting IP protection
2012/01/23 04:08:20 +0100 GORMIL-PC Gormil MESSAGE IP Protection started successfully
2012/01/23 04:08:28 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50532, Process: svchost.exe)
2012/01/23 04:08:28 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50533, Process: svchost.exe)
2012/01/23 04:09:32 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50550, Process: svchost.exe)
2012/01/23 04:09:32 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50551, Process: svchost.exe)
2012/01/23 04:09:32 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50552, Process: svchost.exe)
2012/01/23 04:09:32 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50553, Process: svchost.exe)
2012/01/23 04:10:29 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50566, Process: svchost.exe)
2012/01/23 04:10:29 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50567, Process: svchost.exe)
2012/01/23 04:11:33 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50569, Process: svchost.exe)
2012/01/23 04:11:33 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50570, Process: svchost.exe)
2012/01/23 04:12:30 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50575, Process: svchost.exe)
2012/01/23 04:12:30 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50576, Process: svchost.exe)
2012/01/23 04:13:27 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50580, Process: svchost.exe)
2012/01/23 04:13:27 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 50581, Process: svchost.exe)
2012/01/23 04:14:57 +0100 GORMIL-PC Gormil MESSAGE Starting protection
2012/01/23 04:15:01 +0100 GORMIL-PC Gormil MESSAGE Protection started successfully
2012/01/23 04:15:04 +0100 GORMIL-PC Gormil MESSAGE Starting IP protection
2012/01/23 04:15:04 +0100 GORMIL-PC Gormil MESSAGE IP Protection started successfully
2012/01/23 04:17:21 +0100 GORMIL-PC Gormil IP-BLOCK 141.136.16.151 (Type: outgoing, Port: 49335, Process: svchost.exe)
2012/01/23 04:17:45 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49336, Process: svchost.exe)
2012/01/23 04:17:45 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49337, Process: svchost.exe)
2012/01/23 04:18:41 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49387, Process: svchost.exe)
2012/01/23 04:18:41 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49388, Process: svchost.exe)
2012/01/23 04:19:22 +0100 GORMIL-PC Gormil IP-BLOCK 141.136.16.152 (Type: outgoing, Port: 49462, Process: svchost.exe)
2012/01/23 04:19:46 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49464, Process: svchost.exe)
2012/01/23 04:19:46 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49465, Process: svchost.exe)
2012/01/23 04:20:42 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49470, Process: svchost.exe)
2012/01/23 04:20:42 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49471, Process: svchost.exe)
2012/01/23 04:21:23 +0100 GORMIL-PC Gormil IP-BLOCK 141.136.16.152 (Type: outgoing, Port: 49480, Process: svchost.exe)
2012/01/23 04:21:47 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49485, Process: svchost.exe)
2012/01/23 04:21:47 +0100 GORMIL-PC Gormil IP-BLOCK 178.238.233.154 (Type: outgoing, Port: 49486, Process: svchost.exe)
2012/01/23 04:25:13 +0100 GORMIL-PC Gormil MESSAGE Starting protection
2012/01/23 04:25:15 +0100 GORMIL-PC Gormil MESSAGE Protection started successfully
2012/01/23 04:25:18 +0100 GORMIL-PC Gormil MESSAGE Starting IP protection
2012/01/23 04:25:19 +0100 GORMIL-PC Gormil MESSAGE IP Protection started successfully



A new scan with TDDS rootkit.. give this log:


04:27:23.0096 5344 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
04:27:23.0253 5344 ============================================================
04:27:23.0253 5344 Current date / time: 2012/01/23 04:27:23.0253
04:27:23.0253 5344 SystemInfo:
04:27:23.0253 5344
04:27:23.0253 5344 OS Version: 6.1.7600 ServicePack: 0.0
04:27:23.0253 5344 Product type: Workstation
04:27:23.0253 5344 ComputerName: GORMIL-PC
04:27:23.0253 5344 UserName: Gormil
04:27:23.0253 5344 Windows directory: C:\Windows
04:27:23.0253 5344 System windows directory: C:\Windows
04:27:23.0253 5344 Running under WOW64
04:27:23.0253 5344 Processor architecture: Intel x64
04:27:23.0253 5344 Number of processors: 4
04:27:23.0253 5344 Page size: 0x1000
04:27:23.0253 5344 Boot type: Normal boot
04:27:23.0253 5344 ============================================================
04:27:23.0634 5344 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:27:23.0678 5344 Initialize success
04:27:32.0287 1836 ============================================================
04:27:32.0287 1836 Scan started
04:27:32.0287 1836 Mode: Manual; SigCheck; TDLFS;
04:27:32.0287 1836 ============================================================
04:27:32.0794 1836 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
04:27:32.0933 1836 1394ohci - ok
04:27:33.0106 1836 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
04:27:33.0117 1836 ACPI - ok
04:27:33.0261 1836 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
04:27:33.0379 1836 AcpiPmi - ok
04:27:33.0522 1836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
04:27:33.0535 1836 adp94xx - ok
04:27:33.0718 1836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
04:27:33.0729 1836 adpahci - ok
04:27:33.0904 1836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
04:27:33.0920 1836 adpu320 - ok
04:27:34.0114 1836 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
04:27:34.0227 1836 AFD - ok
04:27:34.0414 1836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
04:27:34.0421 1836 agp440 - ok
04:27:34.0651 1836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
04:27:34.0658 1836 aliide - ok
04:27:34.0808 1836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
04:27:34.0814 1836 amdide - ok
04:27:34.0959 1836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
04:27:35.0035 1836 AmdK8 - ok
04:27:35.0272 1836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
04:27:35.0305 1836 AmdPPM - ok
04:27:35.0454 1836 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
04:27:35.0464 1836 amdsata - ok
04:27:35.0560 1836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
04:27:35.0572 1836 amdsbs - ok
04:27:35.0667 1836 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
04:27:35.0674 1836 amdxata - ok
04:27:35.0790 1836 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
04:27:35.0823 1836 AppID - ok
04:27:35.0948 1836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
04:27:35.0956 1836 arc - ok
04:27:36.0049 1836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
04:27:36.0064 1836 arcsas - ok
04:27:36.0128 1836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
04:27:36.0283 1836 AsyncMac - ok
04:27:36.0375 1836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
04:27:36.0382 1836 atapi - ok
04:27:36.0469 1836 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
04:27:36.0475 1836 AthBTPort - ok
04:27:36.0710 1836 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
04:27:36.0783 1836 athr - ok
04:27:36.0906 1836 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
04:27:36.0969 1836 avgntflt - ok
04:27:37.0086 1836 avipbb (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
04:27:37.0097 1836 avipbb - ok
04:27:37.0174 1836 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
04:27:37.0174 1836 avkmgr - ok
04:27:37.0313 1836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
04:27:37.0346 1836 b06bdrv - ok
04:27:37.0439 1836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
04:27:37.0471 1836 b57nd60a - ok
04:27:37.0567 1836 b57xdbd (2618e15514736fb469b105ce729b6d9d) C:\Windows\system32\DRIVERS\b57xdbd.sys
04:27:37.0577 1836 b57xdbd - ok
04:27:37.0661 1836 b57xdmp (baba4f0e2978b69b4e0b260ef7150dd6) C:\Windows\system32\DRIVERS\b57xdmp.sys
04:27:37.0668 1836 b57xdmp - ok
04:27:37.0754 1836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
04:27:37.0822 1836 Beep - ok
04:27:37.0924 1836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
04:27:37.0939 1836 blbdrive - ok
04:27:38.0027 1836 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
04:27:38.0069 1836 bowser - ok
04:27:38.0153 1836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
04:27:38.0169 1836 BrFiltLo - ok
04:27:38.0246 1836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
04:27:38.0283 1836 BrFiltUp - ok
04:27:38.0371 1836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
04:27:38.0386 1836 Brserid - ok
04:27:38.0479 1836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
04:27:38.0520 1836 BrSerWdm - ok
04:27:38.0610 1836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
04:27:38.0635 1836 BrUsbMdm - ok
04:27:38.0714 1836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
04:27:38.0733 1836 BrUsbSer - ok
04:27:38.0822 1836 bScsiMSa (65349b60f2f5325759525199e26da1a6) C:\Windows\system32\DRIVERS\bScsiMSa.sys
04:27:38.0829 1836 bScsiMSa - ok
04:27:38.0907 1836 bScsiSDa (e6cc56662f6c6b787a1fbea4cd247ae0) C:\Windows\system32\DRIVERS\bScsiSDa.sys
04:27:38.0916 1836 bScsiSDa - ok
04:27:39.0004 1836 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys
04:27:39.0015 1836 BTATH_A2DP - ok
04:27:39.0111 1836 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
04:27:39.0120 1836 BTATH_BUS - ok
04:27:39.0195 1836 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
04:27:39.0206 1836 BTATH_HCRP - ok
04:27:39.0283 1836 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
04:27:39.0291 1836 BTATH_LWFLT - ok
04:27:39.0383 1836 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
04:27:39.0392 1836 BTATH_RCP - ok
04:27:39.0492 1836 BtFilter (486720da2b3bb13d1080c83140c18b56) C:\Windows\system32\DRIVERS\btfilter.sys
04:27:39.0503 1836 BtFilter - ok
04:27:39.0600 1836 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
04:27:39.0634 1836 BthEnum - ok
04:27:39.0741 1836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
04:27:39.0777 1836 BTHMODEM - ok
04:27:39.0872 1836 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
04:27:39.0891 1836 BthPan - ok
04:27:40.0002 1836 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
04:27:40.0036 1836 BTHPORT - ok
04:27:40.0148 1836 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
04:27:40.0170 1836 BTHUSB - ok
04:27:40.0260 1836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
04:27:40.0327 1836 cdfs - ok
04:27:40.0451 1836 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
04:27:40.0483 1836 cdrom - ok
04:27:40.0595 1836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
04:27:40.0640 1836 circlass - ok
04:27:40.0753 1836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
04:27:40.0771 1836 CLFS - ok
04:27:40.0881 1836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
04:27:40.0901 1836 CmBatt - ok
04:27:40.0977 1836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
04:27:40.0986 1836 cmdide - ok
04:27:41.0104 1836 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
04:27:41.0130 1836 CNG - ok
04:27:41.0224 1836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
04:27:41.0235 1836 Compbatt - ok
04:27:41.0313 1836 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
04:27:41.0348 1836 CompositeBus - ok
04:27:41.0477 1836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
04:27:41.0488 1836 crcdisk - ok
04:27:41.0628 1836 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
04:27:41.0671 1836 DfsC - ok
04:27:41.0759 1836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
04:27:41.0801 1836 discache - ok
04:27:41.0914 1836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
04:27:41.0921 1836 Disk - ok
04:27:42.0041 1836 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
04:27:42.0072 1836 dot4 - ok
04:27:42.0168 1836 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
04:27:42.0191 1836 Dot4Print - ok
04:27:42.0264 1836 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
04:27:42.0294 1836 Dot4Scan - ok
04:27:42.0384 1836 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
04:27:42.0394 1836 dot4usb - ok
04:27:42.0474 1836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
04:27:42.0504 1836 drmkaud - ok
04:27:42.0644 1836 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
04:27:42.0664 1836 DXGKrnl - ok
04:27:42.0814 1836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
04:27:42.0894 1836 ebdrv - ok
04:27:43.0004 1836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
04:27:43.0014 1836 elxstor - ok
04:27:43.0114 1836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
04:27:43.0134 1836 ErrDev - ok
04:27:43.0244 1836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
04:27:43.0314 1836 exfat - ok
04:27:43.0404 1836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
04:27:43.0454 1836 fastfat - ok
04:27:43.0564 1836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
04:27:43.0594 1836 fdc - ok
04:27:43.0704 1836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
04:27:43.0714 1836 FileInfo - ok
04:27:43.0814 1836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
04:27:43.0874 1836 Filetrace - ok
04:27:44.0004 1836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
04:27:44.0034 1836 flpydisk - ok
04:27:44.0114 1836 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
04:27:44.0124 1836 FltMgr - ok
04:27:44.0214 1836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
04:27:44.0224 1836 FsDepends - ok
04:27:44.0294 1836 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
04:27:44.0304 1836 Fs_Rec - ok
04:27:44.0414 1836 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
04:27:44.0434 1836 fvevol - ok
04:27:44.0504 1836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
04:27:44.0514 1836 gagp30kx - ok
04:27:44.0594 1836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
04:27:44.0624 1836 hcw85cir - ok
04:27:44.0714 1836 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
04:27:44.0754 1836 HdAudAddService - ok
04:27:44.0834 1836 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:27:44.0884 1836 HDAudBus - ok
04:27:44.0964 1836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
04:27:44.0984 1836 HidBatt - ok
04:27:45.0064 1836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
04:27:45.0094 1836 HidBth - ok
04:27:45.0164 1836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
04:27:45.0194 1836 HidIr - ok
04:27:45.0294 1836 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
04:27:45.0324 1836 HidUsb - ok
04:27:45.0404 1836 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
04:27:45.0424 1836 HpSAMD - ok
04:27:45.0514 1836 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
04:27:45.0574 1836 HTTP - ok
04:27:45.0654 1836 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
04:27:45.0664 1836 hwpolicy - ok
04:27:45.0764 1836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
04:27:45.0774 1836 i8042prt - ok
04:27:45.0844 1836 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
04:27:45.0864 1836 iaStor - ok
04:27:46.0034 1836 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
04:27:46.0044 1836 iaStorV - ok
04:27:46.0394 1836 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
04:27:46.0574 1836 igfx - ok
04:27:46.0674 1836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
04:27:46.0674 1836 iirsp - ok
04:27:46.0824 1836 IntcAzAudAddService (dd1fc331286a33f396945115ae4e5e8a) C:\Windows\system32\drivers\RTKVHD64.sys
04:27:46.0864 1836 IntcAzAudAddService - ok
04:27:46.0964 1836 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
04:27:47.0014 1836 IntcDAud - ok
04:27:47.0084 1836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
04:27:47.0094 1836 intelide - ok
04:27:47.0214 1836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
04:27:47.0264 1836 intelppm - ok
04:27:47.0384 1836 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:27:47.0434 1836 IpFilterDriver - ok
04:27:47.0534 1836 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
04:27:47.0554 1836 IPMIDRV - ok
04:27:47.0634 1836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
04:27:47.0674 1836 IPNAT - ok
04:27:47.0764 1836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
04:27:47.0794 1836 IRENUM - ok
04:27:47.0914 1836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
04:27:47.0914 1836 isapnp - ok
04:27:48.0014 1836 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
04:27:48.0024 1836 iScsiPrt - ok
04:27:48.0104 1836 k57nd60a (81458a917f8cc7a5171759218d64fa3a) C:\Windows\system32\DRIVERS\k57nd60a.sys
04:27:48.0114 1836 k57nd60a - ok
04:27:48.0204 1836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
04:27:48.0204 1836 kbdclass - ok
04:27:48.0284 1836 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
04:27:48.0314 1836 kbdhid - ok
04:27:48.0434 1836 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
04:27:48.0444 1836 KSecDD - ok
04:27:48.0534 1836 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
04:27:48.0544 1836 KSecPkg - ok
04:27:48.0644 1836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
04:27:48.0694 1836 ksthunk - ok
04:27:48.0824 1836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
04:27:48.0884 1836 lltdio - ok
04:27:49.0014 1836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
04:27:49.0024 1836 LSI_FC - ok
04:27:49.0134 1836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
04:27:49.0144 1836 LSI_SAS - ok
04:27:49.0254 1836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
04:27:49.0264 1836 LSI_SAS2 - ok
04:27:49.0384 1836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
04:27:49.0394 1836 LSI_SCSI - ok
04:27:49.0474 1836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
04:27:49.0514 1836 luafv - ok
04:27:49.0634 1836 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
04:27:49.0644 1836 MBAMProtector - ok
04:27:49.0744 1836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
04:27:49.0754 1836 megasas - ok
04:27:49.0844 1836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
04:27:49.0854 1836 MegaSR - ok
04:27:49.0934 1836 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
04:27:49.0944 1836 MEIx64 - ok
04:27:50.0014 1836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
04:27:50.0064 1836 Modem - ok
04:27:50.0214 1836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
04:27:50.0234 1836 monitor - ok
04:27:50.0374 1836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
04:27:50.0384 1836 mouclass - ok
04:27:50.0504 1836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
04:27:50.0524 1836 mouhid - ok
04:27:50.0664 1836 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
04:27:50.0674 1836 mountmgr - ok
04:27:50.0814 1836 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
04:27:50.0824 1836 mpio - ok
04:27:50.0924 1836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
04:27:51.0024 1836 mpsdrv - ok
04:27:51.0124 1836 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
04:27:51.0154 1836 MRxDAV - ok
04:27:51.0254 1836 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:27:51.0304 1836 mrxsmb - ok
04:27:51.0434 1836 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:27:51.0464 1836 mrxsmb10 - ok
04:27:51.0574 1836 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:27:51.0604 1836 mrxsmb20 - ok
04:27:51.0754 1836 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
04:27:51.0764 1836 msahci - ok
04:27:51.0854 1836 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
04:27:51.0864 1836 msdsm - ok
04:27:51.0984 1836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
04:27:52.0044 1836 Msfs - ok
04:27:52.0204 1836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
04:27:52.0244 1836 mshidkmdf - ok
04:27:52.0334 1836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
04:27:52.0344 1836 msisadrv - ok
04:27:52.0434 1836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
04:27:52.0464 1836 MSKSSRV - ok
04:27:52.0564 1836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
04:27:52.0604 1836 MSPCLOCK - ok
04:27:52.0694 1836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
04:27:52.0744 1836 MSPQM - ok
04:27:52.0864 1836 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
04:27:52.0884 1836 MsRPC - ok
04:27:53.0074 1836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
04:27:53.0074 1836 mssmbios - ok
04:27:53.0194 1836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
04:27:53.0264 1836 MSTEE - ok
04:27:53.0444 1836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
04:27:53.0474 1836 MTConfig - ok
04:27:53.0574 1836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
04:27:53.0584 1836 Mup - ok
04:27:53.0694 1836 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
04:27:53.0704 1836 mwlPSDFilter - ok
04:27:53.0854 1836 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
04:27:53.0854 1836 mwlPSDNServ - ok
04:27:53.0984 1836 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
04:27:53.0994 1836 mwlPSDVDisk - ok
04:27:54.0164 1836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
04:27:54.0194 1836 NativeWifiP - ok
04:27:54.0554 1836 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
04:27:54.0574 1836 NDIS - ok
04:27:54.0734 1836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
04:27:54.0804 1836 NdisCap - ok
04:27:54.0994 1836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
04:27:55.0054 1836 NdisTapi - ok
04:27:55.0234 1836 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
04:27:55.0294 1836 Ndisuio - ok
04:27:55.0384 1836 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:27:55.0444 1836 NdisWan - ok
04:27:55.0574 1836 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
04:27:55.0634 1836 NDProxy - ok
04:27:55.0764 1836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
04:27:55.0794 1836 NetBIOS - ok
04:27:55.0984 1836 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
04:27:56.0054 1836 NetBT - ok
04:27:56.0184 1836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
04:27:56.0234 1836 nfrd960 - ok
04:27:56.0464 1836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
04:27:56.0494 1836 Npfs - ok
04:27:56.0574 1836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
04:27:56.0624 1836 nsiproxy - ok
04:27:56.0864 1836 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
04:27:56.0894 1836 Ntfs - ok
04:27:57.0114 1836 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
04:27:57.0124 1836 NTIDrvr - ok
04:27:57.0334 1836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
04:27:57.0394 1836 Null - ok
04:27:57.0564 1836 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
04:27:57.0614 1836 nusb3hub - ok
04:27:57.0784 1836 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
04:27:57.0844 1836 nusb3xhc - ok
04:27:58.0714 1836 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
04:27:58.0894 1836 nvlddmkm - ok
04:27:59.0044 1836 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
04:27:59.0054 1836 nvpciflt - ok
04:27:59.0184 1836 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
04:27:59.0194 1836 nvraid - ok
04:27:59.0454 1836 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
04:27:59.0464 1836 nvstor - ok
04:27:59.0654 1836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
04:27:59.0664 1836 nv_agp - ok
04:27:59.0774 1836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
04:27:59.0784 1836 ohci1394 - ok
04:27:59.0914 1836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
04:27:59.0924 1836 Parport - ok
04:28:00.0024 1836 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
04:28:00.0024 1836 partmgr - ok
04:28:00.0214 1836 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
04:28:00.0224 1836 pci - ok
04:28:00.0364 1836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
04:28:00.0364 1836 pciide - ok
04:28:00.0454 1836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
04:28:00.0464 1836 pcmcia - ok
04:28:00.0554 1836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
04:28:00.0564 1836 pcw - ok
04:28:00.0684 1836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
04:28:00.0724 1836 PEAUTH - ok
04:28:00.0864 1836 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
04:28:00.0914 1836 PptpMiniport - ok
04:28:01.0054 1836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
04:28:01.0064 1836 Processor - ok
04:28:01.0264 1836 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
04:28:01.0324 1836 Psched - ok
04:28:01.0434 1836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
04:28:01.0464 1836 ql2300 - ok
04:28:01.0584 1836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
04:28:01.0584 1836 ql40xx - ok
04:28:01.0694 1836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
04:28:01.0704 1836 QWAVEdrv - ok
04:28:01.0814 1836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
04:28:01.0854 1836 RasAcd - ok
04:28:01.0994 1836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
04:28:02.0064 1836 RasAgileVpn - ok
04:28:02.0144 1836 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:28:02.0194 1836 Rasl2tp - ok
04:28:02.0314 1836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
04:28:02.0374 1836 RasPppoe - ok
04:28:02.0484 1836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
04:28:02.0524 1836 RasSstp - ok
04:28:02.0654 1836 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
04:28:02.0694 1836 rdbss - ok
04:28:02.0834 1836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
04:28:02.0864 1836 rdpbus - ok
04:28:02.0964 1836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:28:03.0034 1836 RDPCDD - ok
04:28:03.0134 1836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
04:28:03.0174 1836 RDPENCDD - ok
04:28:03.0364 1836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
04:28:03.0404 1836 RDPREFMP - ok
04:28:03.0544 1836 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
04:28:03.0584 1836 RDPWD - ok
04:28:03.0684 1836 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
04:28:03.0694 1836 rdyboost - ok
04:28:03.0954 1836 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
04:28:03.0994 1836 RFCOMM - ok
04:28:04.0224 1836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
04:28:04.0254 1836 rspndr - ok
04:28:04.0434 1836 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
04:28:04.0444 1836 sbp2port - ok
04:28:04.0554 1836 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
04:28:04.0624 1836 scfilter - ok
04:28:04.0724 1836 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
04:28:04.0734 1836 sdbus - ok
04:28:04.0884 1836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
04:28:04.0934 1836 secdrv - ok
04:28:05.0064 1836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
04:28:05.0094 1836 Serenum - ok
04:28:05.0214 1836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
04:28:05.0244 1836 Serial - ok
04:28:05.0344 1836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
04:28:05.0374 1836 sermouse - ok
04:28:05.0554 1836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
04:28:05.0654 1836 sffdisk - ok
04:28:05.0944 1836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
04:28:05.0974 1836 sffp_mmc - ok
04:28:06.0174 1836 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
04:28:06.0204 1836 sffp_sd - ok
04:28:06.0274 1836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
04:28:06.0314 1836 sfloppy - ok
04:28:06.0614 1836 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
04:28:06.0624 1836 Sftfs - ok
04:28:06.0764 1836 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
04:28:06.0764 1836 Sftplay - ok
04:28:07.0024 1836 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
04:28:07.0024 1836 Sftredir - ok
04:28:07.0154 1836 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
04:28:07.0164 1836 Sftvol - ok
04:28:07.0724 1836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
04:28:07.0734 1836 SiSRaid2 - ok
04:28:07.0864 1836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
04:28:07.0874 1836 SiSRaid4 - ok
04:28:08.0034 1836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
04:28:08.0074 1836 Smb - ok
04:28:08.0154 1836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
04:28:08.0164 1836 spldr - ok
04:28:08.0214 1836 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
04:28:08.0274 1836 srv - ok
04:28:08.0484 1836 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
04:28:08.0514 1836 srv2 - ok
04:28:08.0694 1836 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
04:28:08.0714 1836 srvnet - ok
04:28:08.0964 1836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
04:28:08.0974 1836 stexstor - ok
04:28:09.0064 1836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
04:28:09.0074 1836 swenum - ok
04:28:09.0274 1836 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
04:28:09.0294 1836 SynTP - ok
04:28:09.0644 1836 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
04:28:09.0674 1836 Tcpip - ok
04:28:09.0884 1836 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
04:28:09.0914 1836 TCPIP6 - ok
04:28:10.0014 1836 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
04:28:10.0064 1836 tcpipreg - ok
04:28:10.0174 1836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
04:28:10.0224 1836 TDPIPE - ok
04:28:10.0334 1836 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
04:28:10.0374 1836 TDTCP - ok
04:28:10.0474 1836 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
04:28:10.0524 1836 tdx - ok
04:28:10.0604 1836 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
04:28:10.0614 1836 TermDD - ok
04:28:10.0734 1836 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:28:10.0784 1836 tssecsrv - ok
04:28:11.0024 1836 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
04:28:11.0054 1836 tunnel - ok
04:28:11.0154 1836 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
04:28:11.0154 1836 TurboB - ok
04:28:11.0244 1836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
04:28:11.0254 1836 uagp35 - ok
04:28:11.0354 1836 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
04:28:11.0354 1836 UBHelper - ok
04:28:11.0495 1836 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
04:28:11.0533 1836 udfs - ok
04:28:11.0627 1836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
04:28:11.0634 1836 uliagpkx - ok
04:28:11.0715 1836 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
04:28:11.0742 1836 umbus - ok
04:28:11.0839 1836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
04:28:11.0848 1836 UmPass - ok
04:28:11.0957 1836 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
04:28:11.0966 1836 usbccgp - ok
04:28:12.0052 1836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
04:28:12.0089 1836 usbcir - ok
04:28:12.0166 1836 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
04:28:12.0185 1836 usbehci - ok
04:28:12.0305 1836 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
04:28:12.0316 1836 usbhub - ok
04:28:12.0419 1836 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
04:28:12.0447 1836 usbohci - ok
04:28:12.0552 1836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
04:28:12.0581 1836 usbprint - ok
04:28:12.0689 1836 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
04:28:12.0699 1836 USBSTOR - ok
04:28:12.0803 1836 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
04:28:12.0820 1836 usbuhci - ok
04:28:12.0936 1836 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
04:28:12.0983 1836 usbvideo - ok
04:28:13.0091 1836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
04:28:13.0098 1836 vdrvroot - ok
04:28:13.0213 1836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
04:28:13.0224 1836 vga - ok
04:28:13.0326 1836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
04:28:13.0376 1836 VgaSave - ok
04:28:13.0466 1836 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
04:28:13.0476 1836 vhdmp - ok
04:28:13.0566 1836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
04:28:13.0576 1836 viaide - ok
04:28:13.0656 1836 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
04:28:13.0666 1836 volmgr - ok
04:28:13.0706 1836 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
04:28:13.0716 1836 volmgrx - ok
04:28:13.0806 1836 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
04:28:13.0816 1836 volsnap - ok
04:28:13.0996 1836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
04:28:14.0006 1836 vsmraid - ok
04:28:14.0096 1836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
04:28:14.0106 1836 vwifibus - ok
04:28:14.0216 1836 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
04:28:14.0266 1836 vwififlt - ok
04:28:14.0416 1836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
04:28:14.0486 1836 WacomPen - ok
04:28:14.0706 1836 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
04:28:14.0736 1836 WANARP - ok
04:28:14.0776 1836 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
04:28:14.0796 1836 Wanarpv6 - ok
04:28:14.0956 1836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
04:28:14.0956 1836 Wd - ok
04:28:15.0076 1836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
04:28:15.0086 1836 Wdf01000 - ok
04:28:15.0206 1836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
04:28:15.0246 1836 WfpLwf - ok
04:28:15.0366 1836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
04:28:15.0366 1836 WIMMount - ok
04:28:15.0516 1836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
04:28:15.0576 1836 WmiAcpi - ok
04:28:15.0756 1836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
04:28:15.0806 1836 ws2ifsl - ok
04:28:15.0896 1836 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
04:28:15.0936 1836 WudfPf - ok
04:28:16.0066 1836 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:28:16.0116 1836 WUDFRd - ok
04:28:16.0156 1836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
04:28:16.0426 1836 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
04:28:16.0426 1836 \Device\Harddisk0\DR0 - detected TDSS File System (1)
04:28:16.0436 1836 Boot (0x1200) (9ae607c3dd9eea4a37f548b300f6671e) \Device\Harddisk0\DR0\Partition0
04:28:16.0436 1836 \Device\Harddisk0\DR0\Partition0 - ok
04:28:16.0446 1836 Boot (0x1200) (2b3c7c87aca14f145e3c1b0bee52da62) \Device\Harddisk0\DR0\Partition1
04:28:16.0446 1836 \Device\Harddisk0\DR0\Partition1 - ok
04:28:16.0446 1836 ============================================================
04:28:16.0446 1836 Scan finished
04:28:16.0446 1836 ============================================================
04:28:16.0456 3544 Detected object count: 1
04:28:16.0456 3544 Actual detected object count: 1
04:28:36.0396 3544 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
04:28:36.0436 3544 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
04:28:36.0446 3544 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
04:28:36.0446 3544 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
04:28:36.0456 3544 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
04:28:36.0466 3544 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
04:28:36.0476 3544 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
04:28:36.0516 3544 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
04:28:36.0526 3544 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
04:28:36.0526 3544 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
04:28:36.0526 3544 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
04:28:36.0526 3544 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
04:29:15.0856 5640 ============================================================
04:29:15.0856 5640 Scan started
04:29:15.0856 5640 Mode: Manual; SigCheck; TDLFS;
04:29:15.0856 5640 ============================================================
04:29:16.0606 5640 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
04:29:16.0616 5640 1394ohci - ok
04:29:16.0906 5640 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
04:29:16.0916 5640 ACPI - ok
04:29:17.0116 5640 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
04:29:17.0126 5640 AcpiPmi - ok
04:29:17.0386 5640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
04:29:17.0396 5640 adp94xx - ok
04:29:17.0496 5640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
04:29:17.0506 5640 adpahci - ok
04:29:17.0636 5640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
04:29:17.0646 5640 adpu320 - ok
04:29:17.0806 5640 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
04:29:17.0826 5640 AFD - ok
04:29:18.0066 5640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
04:29:18.0076 5640 agp440 - ok
04:29:18.0376 5640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
04:29:18.0386 5640 aliide - ok
04:29:18.0456 5640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
04:29:18.0466 5640 amdide - ok
04:29:18.0586 5640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
04:29:18.0596 5640 AmdK8 - ok
04:29:18.0736 5640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
04:29:18.0746 5640 AmdPPM - ok
04:29:18.0846 5640 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
04:29:18.0856 5640 amdsata - ok
04:29:18.0970 5640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
04:29:18.0978 5640 amdsbs - ok
04:29:19.0077 5640 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
04:29:19.0084 5640 amdxata - ok
04:29:19.0167 5640 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
04:29:19.0180 5640 AppID - ok
04:29:19.0292 5640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
04:29:19.0299 5640 arc - ok
04:29:19.0387 5640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
04:29:19.0394 5640 arcsas - ok
04:29:19.0506 5640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
04:29:19.0535 5640 AsyncMac - ok
04:29:19.0675 5640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
04:29:19.0682 5640 atapi - ok
04:29:19.0769 5640 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
04:29:19.0774 5640 AthBTPort - ok
04:29:19.0921 5640 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
04:29:19.0950 5640 athr - ok
04:29:20.0060 5640 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
04:29:20.0060 5640 avgntflt - ok
04:29:20.0200 5640 avipbb (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
04:29:20.0210 5640 avipbb - ok
04:29:20.0290 5640 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
04:29:20.0300 5640 avkmgr - ok
04:29:20.0430 5640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
04:29:20.0450 5640 b06bdrv - ok
04:29:20.0580 5640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
04:29:20.0590 5640 b57nd60a - ok
04:29:20.0760 5640 b57xdbd (2618e15514736fb469b105ce729b6d9d) C:\Windows\system32\DRIVERS\b57xdbd.sys
04:29:20.0770 5640 b57xdbd - ok
04:29:20.0900 5640 b57xdmp (baba4f0e2978b69b4e0b260ef7150dd6) C:\Windows\system32\DRIVERS\b57xdmp.sys
04:29:20.0910 5640 b57xdmp - ok
04:29:21.0060 5640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
04:29:21.0090 5640 Beep - ok
04:29:21.0190 5640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
04:29:21.0200 5640 blbdrive - ok
04:29:21.0340 5640 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
04:29:21.0350 5640 bowser - ok
04:29:21.0440 5640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
04:29:21.0450 5640 BrFiltLo - ok
04:29:21.0540 5640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
04:29:21.0550 5640 BrFiltUp - ok
04:29:21.0690 5640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
04:29:21.0700 5640 Brserid - ok
04:29:21.0820 5640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
04:29:21.0830 5640 BrSerWdm - ok
04:29:22.0020 5640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
04:29:22.0030 5640 BrUsbMdm - ok
04:29:22.0200 5640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
04:29:22.0210 5640 BrUsbSer - ok
04:29:22.0360 5640 bScsiMSa (65349b60f2f5325759525199e26da1a6) C:\Windows\system32\DRIVERS\bScsiMSa.sys
04:29:22.0370 5640 bScsiMSa - ok
04:29:22.0470 5640 bScsiSDa (e6cc56662f6c6b787a1fbea4cd247ae0) C:\Windows\system32\DRIVERS\bScsiSDa.sys
04:29:22.0470 5640 bScsiSDa - ok
04:29:22.0590 5640 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys
04:29:22.0600 5640 BTATH_A2DP - ok
04:29:22.0720 5640 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
04:29:22.0720 5640 BTATH_BUS - ok
04:29:22.0870 5640 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
04:29:22.0870 5640 BTATH_HCRP - ok
04:29:22.0990 5640 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
04:29:23.0000 5640 BTATH_LWFLT - ok
04:29:23.0110 5640 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
04:29:23.0120 5640 BTATH_RCP - ok
04:29:23.0260 5640 BtFilter (486720da2b3bb13d1080c83140c18b56) C:\Windows\system32\DRIVERS\btfilter.sys
04:29:23.0270 5640 BtFilter - ok
04:29:23.0450 5640 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
04:29:23.0460 5640 BthEnum - ok
04:29:23.0590 5640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
04:29:23.0600 5640 BTHMODEM - ok
04:29:23.0700 5640 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
04:29:23.0710 5640 BthPan - ok
04:29:23.0860 5640 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
04:29:23.0880 5640 BTHPORT - ok
04:29:24.0030 5640 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
04:29:24.0040 5640 BTHUSB - ok
04:29:24.0210 5640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
04:29:24.0240 5640 cdfs - ok
04:29:24.0410 5640 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
04:29:24.0420 5640 cdrom - ok
04:29:24.0570 5640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
04:29:24.0580 5640 circlass - ok
04:29:24.0700 5640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
04:29:24.0710 5640 CLFS - ok
04:29:24.0890 5640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
04:29:24.0900 5640 CmBatt - ok
04:29:25.0010 5640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
04:29:25.0010 5640 cmdide - ok
04:29:25.0190 5640 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
04:29:25.0200 5640 CNG - ok
04:29:25.0310 5640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
04:29:25.0310 5640 Compbatt - ok
04:29:25.0470 5640 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
04:29:25.0490 5640 CompositeBus - ok
04:29:25.0620 5640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
04:29:25.0620 5640 crcdisk - ok
04:29:25.0780 5640 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
04:29:25.0790 5640 DfsC - ok
04:29:25.0920 5640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
04:29:25.0950 5640 discache - ok
04:29:26.0110 5640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
04:29:26.0120 5640 Disk - ok
04:29:26.0280 5640 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
04:29:26.0290 5640 dot4 - ok
04:29:26.0420 5640 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
04:29:26.0430 5640 Dot4Print - ok
04:29:26.0540 5640 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
04:29:26.0560 5640 Dot4Scan - ok
04:29:26.0660 5640 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
04:29:26.0670 5640 dot4usb - ok
04:29:26.0780 5640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
04:29:26.0790 5640 drmkaud - ok
04:29:26.0960 5640 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
04:29:26.0980 5640 DXGKrnl - ok
04:29:27.0120 5640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
04:29:27.0160 5640 ebdrv - ok
04:29:27.0260 5640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
04:29:27.0270 5640 elxstor - ok
04:29:27.0350 5640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
04:29:27.0370 5640 ErrDev - ok
04:29:27.0440 5640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
04:29:27.0470 5640 exfat - ok
04:29:27.0560 5640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
04:29:27.0590 5640 fastfat - ok
04:29:27.0680 5640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
04:29:27.0690 5640 fdc - ok
04:29:27.0850 5640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
04:29:27.0850 5640 FileInfo - ok
04:29:28.0070 5640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
04:29:28.0090 5640 Filetrace - ok
04:29:28.0180 5640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
04:29:28.0190 5640 flpydisk - ok
04:29:28.0440 5640 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
04:29:28.0450 5640 FltMgr - ok
04:29:28.0650 5640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
04:29:28.0660 5640 FsDepends - ok
04:29:28.0800 5640 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
04:29:28.0800 5640 Fs_Rec - ok
04:29:28.0940 5640 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
04:29:28.0950 5640 fvevol - ok
04:29:29.0070 5640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
04:29:29.0080 5640 gagp30kx - ok
04:29:29.0270 5640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
04:29:29.0280 5640 hcw85cir - ok
04:29:29.0510 5640 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
04:29:29.0520 5640 HdAudAddService - ok
04:29:29.0650 5640 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:29:29.0670 5640 HDAudBus - ok
04:29:29.0890 5640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
04:29:29.0900 5640 HidBatt - ok
04:29:30.0050 5640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
04:29:30.0060 5640 HidBth - ok
04:29:30.0220 5640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
04:29:30.0230 5640 HidIr - ok
04:29:30.0320 5640 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
04:29:30.0330 5640 HidUsb - ok
04:29:30.0450 5640 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
04:29:30.0460 5640 HpSAMD - ok
04:29:30.0590 5640 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
04:29:30.0630 5640 HTTP - ok
04:29:30.0770 5640 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
04:29:30.0770 5640 hwpolicy - ok
04:29:30.0860 5640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
04:29:30.0870 5640 i8042prt - ok
04:29:30.0970 5640 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
04:29:30.0980 5640 iaStor - ok
04:29:31.0100 5640 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
04:29:31.0110 5640 iaStorV - ok
04:29:31.0500 5640 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
04:29:31.0620 5640 igfx - ok
04:29:31.0710 5640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
04:29:31.0720 5640 iirsp - ok
04:29:31.0880 5640 IntcAzAudAddService (dd1fc331286a33f396945115ae4e5e8a) C:\Windows\system32\drivers\RTKVHD64.sys
04:29:31.0920 5640 IntcAzAudAddService - ok
04:29:32.0010 5640 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
04:29:32.0020 5640 IntcDAud - ok
04:29:32.0130 5640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
04:29:32.0130 5640 intelide - ok
04:29:32.0230 5640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
04:29:32.0240 5640 intelppm - ok
04:29:32.0330 5640 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:29:32.0360 5640 IpFilterDriver - ok
04:29:32.0500 5640 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
04:29:32.0510 5640 IPMIDRV - ok
04:29:32.0670 5640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
04:29:32.0700 5640 IPNAT - ok
04:29:32.0820 5640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
04:29:32.0830 5640 IRENUM - ok
04:29:32.0940 5640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
04:29:32.0950 5640 isapnp - ok
04:29:33.0090 5640 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
04:29:33.0100 5640 iScsiPrt - ok
04:29:33.0220 5640 k57nd60a (81458a917f8cc7a5171759218d64fa3a) C:\Windows\system32\DRIVERS\k57nd60a.sys
04:29:33.0230 5640 k57nd60a - ok
04:29:33.0410 5640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
04:29:33.0420 5640 kbdclass - ok
04:29:33.0660 5640 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
04:29:33.0660 5640 kbdhid - ok
04:29:33.0750 5640 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
04:29:33.0760 5640 KSecDD - ok
04:29:33.0950 5640 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
04:29:33.0960 5640 KSecPkg - ok
04:29:34.0070 5640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
04:29:34.0100 5640 ksthunk - ok
04:29:34.0200 5640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
04:29:34.0220 5640 lltdio - ok
04:29:34.0350 5640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
04:29:34.0360 5640 LSI_FC - ok
04:29:34.0490 5640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
04:29:34.0500 5640 LSI_SAS - ok
04:29:34.0600 5640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
04:29:34.0610 5640 LSI_SAS2 - ok
04:29:34.0740 5640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
04:29:34.0750 5640 LSI_SCSI - ok
04:29:34.0830 5640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
04:29:34.0860 5640 luafv - ok
04:29:35.0000 5640 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
04:29:35.0000 5640 MBAMProtector - ok
04:29:35.0100 5640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
04:29:35.0110 5640 megasas - ok
04:29:35.0260 5640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
04:29:35.0270 5640 MegaSR - ok
04:29:35.0360 5640 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
04:29:35.0360 5640 MEIx64 - ok
04:29:35.0450 5640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
04:29:35.0480 5640 Modem - ok
04:29:35.0580 5640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
04:29:35.0590 5640 monitor - ok
04:29:35.0700 5640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
04:29:35.0700 5640 mouclass - ok
04:29:35.0790 5640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
04:29:35.0790 5640 mouhid - ok
04:29:35.0940 5640 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
04:29:35.0950 5640 mountmgr - ok
04:29:36.0020 5640 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
04:29:36.0030 5640 mpio - ok
04:29:36.0240 5640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
04:29:36.0270 5640 mpsdrv - ok
04:29:36.0350 5640 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
04:29:36.0370 5640 MRxDAV - ok
04:29:36.0490 5640 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:29:36.0500 5640 mrxsmb - ok
04:29:36.0590 5640 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:29:36.0600 5640 mrxsmb10 - ok
04:29:36.0760 5640 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:29:36.0770 5640 mrxsmb20 - ok
04:29:36.0970 5640 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
04:29:36.0970 5640 msahci - ok
04:29:37.0130 5640 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
04:29:37.0140 5640 msdsm - ok
04:29:37.0250 5640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
04:29:37.0270 5640 Msfs - ok
04:29:37.0410 5640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
04:29:37.0440 5640 mshidkmdf - ok
04:29:37.0510 5640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
04:29:37.0520 5640 msisadrv - ok
04:29:37.0680 5640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
04:29:37.0710 5640 MSKSSRV - ok
04:29:37.0840 5640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
04:29:37.0870 5640 MSPCLOCK - ok
04:29:37.0960 5640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
04:29:37.0990 5640 MSPQM - ok
04:29:38.0110 5640 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
04:29:38.0120 5640 MsRPC - ok
04:29:38.0270 5640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
04:29:38.0280 5640 mssmbios - ok
04:29:38.0400 5640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
04:29:38.0420 5640 MSTEE - ok
04:29:38.0580 5640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
04:29:38.0590 5640 MTConfig - ok
04:29:38.0830 5640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
04:29:38.0840 5640 Mup - ok
04:29:38.0870 5640 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
04:29:38.0880 5640 mwlPSDFilter - ok
04:29:38.0920 5640 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
04:29:38.0920 5640 mwlPSDNServ - ok
04:29:39.0090 5640 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
04:29:39.0090 5640 mwlPSDVDisk - ok
04:29:39.0260 5640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
04:29:39.0280 5640 NativeWifiP - ok
04:29:39.0550 5640 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
04:29:39.0570 5640 NDIS - ok
04:29:39.0640 5640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
04:29:39.0680 5640 NdisCap - ok
04:29:39.0860 5640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
04:29:39.0890 5640 NdisTapi - ok
04:29:40.0230 5640 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
04:29:40.0260 5640 Ndisuio - ok
04:29:40.0490 5640 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:29:40.0520 5640 NdisWan - ok
04:29:40.0710 5640 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
04:29:40.0740 5640 NDProxy - ok
04:29:40.0830 5640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
04:29:40.0860 5640 NetBIOS - ok
04:29:40.0970 5640 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
04:29:41.0000 5640 NetBT - ok
04:29:41.0130 5640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
04:29:41.0140 5640 nfrd960 - ok
04:29:41.0220 5640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
04:29:41.0250 5640 Npfs - ok
04:29:41.0400 5640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
04:29:41.0430 5640 nsiproxy - ok
04:29:41.0690 5640 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
04:29:41.0710 5640 Ntfs - ok
04:29:41.0790 5640 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
04:29:41.0800 5640 NTIDrvr - ok
04:29:41.0900 5640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
04:29:41.0930 5640 Null - ok
04:29:42.0030 5640 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
04:29:42.0040 5640 nusb3hub - ok
04:29:42.0120 5640 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
04:29:42.0130 5640 nusb3xhc - ok
04:29:42.0750 5640 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
04:29:42.0930 5640 nvlddmkm - ok
04:29:43.0050 5640 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
04:29:43.0050 5640 nvpciflt - ok
04:29:43.0170 5640 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
04:29:43.0180 5640 nvraid - ok
04:29:43.0460 5640 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
04:29:43.0470 5640 nvstor - ok
04:29:43.0520 5640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
04:29:43.0530 5640 nv_agp - ok
04:29:43.0570 5640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
04:29:43.0580 5640 ohci1394 - ok
04:29:43.0640 5640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
04:29:43.0650 5640 Parport - ok
04:29:43.0700 5640 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
04:29:43.0700 5640 partmgr - ok
04:29:43.0760 5640 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
04:29:43.0770 5640 pci - ok
04:29:43.0800 5640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
04:29:43.0810 5640 pciide - ok
04:29:43.0870 5640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
04:29:43.0880 5640 pcmcia - ok
04:29:43.0920 5640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
04:29:43.0930 5640 pcw - ok
04:29:44.0000 5640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
04:29:44.0030 5640 PEAUTH - ok
04:29:44.0090 5640 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
04:29:44.0120 5640 PptpMiniport - ok
04:29:44.0160 5640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
04:29:44.0170 5640 Processor - ok
04:29:44.0230 5640 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
04:29:44.0260 5640 Psched - ok
04:29:44.0340 5640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
04:29:44.0370 5640 ql2300 - ok
04:29:44.0430 5640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
04:29:44.0440 5640 ql40xx - ok
04:29:44.0460 5640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
04:29:44.0470 5640 QWAVEdrv - ok
04:29:44.0540 5640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
04:29:44.0570 5640 RasAcd - ok
04:29:44.0600 5640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
04:29:44.0620 5640 RasAgileVpn - ok
04:29:44.0730 5640 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:29:44.0760 5640 Rasl2tp - ok
04:29:44.0880 5640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
04:29:44.0900 5640 RasPppoe - ok
04:29:44.0990 5640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
04:29:45.0020 5640 RasSstp - ok
04:29:45.0220 5640 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
04:29:45.0250 5640 rdbss - ok
04:29:45.0410 5640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
04:29:45.0420 5640 rdpbus - ok
04:29:45.0510 5640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:29:45.0540 5640 RDPCDD - ok
04:29:45.0650 5640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
04:29:45.0670 5640 RDPENCDD - ok
04:29:45.0860 5640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
04:29:45.0890 5640 RDPREFMP - ok
04:29:46.0040 5640 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
04:29:46.0070 5640 RDPWD - ok
04:29:46.0250 5640 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
04:29:46.0260 5640 rdyboost - ok
04:29:46.0340 5640 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
04:29:46.0360 5640 RFCOMM - ok
04:29:46.0510 5640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
04:29:46.0530 5640 rspndr - ok
04:29:46.0630 5640 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
04:29:46.0660 5640 sbp2port - ok
04:29:46.0730 5640 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
04:29:46.0760 5640 scfilter - ok
04:29:46.0840 5640 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
04:29:46.0850 5640 sdbus - ok
04:29:46.0860 5640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
04:29:46.0890 5640 secdrv - ok
04:29:47.0070 5640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
04:29:47.0070 5640 Serenum - ok
04:29:47.0210 5640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
04:29:47.0220 5640 Serial - ok
04:29:47.0300 5640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
04:29:47.0310 5640 sermouse - ok
04:29:47.0430 5640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
04:29:47.0440 5640 sffdisk - ok
04:29:47.0520 5640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
04:29:47.0530 5640 sffp_mmc - ok
04:29:47.0650 5640 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
04:29:47.0660 5640 sffp_sd - ok
04:29:47.0790 5640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
04:29:47.0790 5640 sfloppy - ok
04:29:47.0960 5640 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
04:29:47.0970 5640 Sftfs - ok
04:29:48.0130 5640 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
04:29:48.0130 5640 Sftplay - ok
04:29:48.0310 5640 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
04:29:48.0310 5640 Sftredir - ok
04:29:48.0530 5640 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
04:29:48.0540 5640 Sftvol - ok
04:29:48.0790 5640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
04:29:48.0800 5640 SiSRaid2 - ok
04:29:48.0940 5640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
04:29:48.0950 5640 SiSRaid4 - ok
04:29:49.0160 5640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
04:29:49.0180 5640 Smb - ok
04:29:49.0400 5640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
04:29:49.0410 5640 spldr - ok
04:29:49.0580 5640 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
04:29:49.0590 5640 srv - ok
04:29:49.0850 5640 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
04:29:49.0860 5640 srv2 - ok
04:29:50.0110 5640 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
04:29:50.0120 5640 srvnet - ok
04:29:50.0240 5640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
04:29:50.0250 5640 stexstor - ok
04:29:50.0330 5640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
04:29:50.0340 5640 swenum - ok
04:29:50.0510 5640 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
04:29:50.0530 5640 SynTP - ok
04:29:50.0710 5640 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
04:29:50.0740 5640 Tcpip - ok
04:29:50.0970 5640 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
04:29:51.0000 5640 TCPIP6 - ok
04:29:51.0220 5640 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
04:29:51.0240 5640 tcpipreg - ok
04:29:51.0500 5640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
04:29:51.0530 5640 TDPIPE - ok
04:29:51.0590 5640 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
04:29:51.0610 5640 TDTCP - ok
04:29:51.0680 5640 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
04:29:51.0710 5640 tdx - ok
04:29:51.0730 5640 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
04:29:51.0730 5640 TermDD - ok
04:29:51.0810 5640 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:29:51.0840 5640 tssecsrv - ok
04:29:51.0870 5640 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
04:29:51.0910 5640 tunnel - ok
04:29:51.0970 5640 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
04:29:51.0980 5640 TurboB - ok
04:29:52.0010 5640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
04:29:52.0020 5640 uagp35 - ok
04:29:52.0190 5640 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
04:29:52.0190 5640 UBHelper - ok
04:29:52.0300 5640 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
04:29:52.0330 5640 udfs - ok
04:29:52.0430 5640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
04:29:52.0440 5640 uliagpkx - ok
04:29:52.0570 5640 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
04:29:52.0570 5640 umbus - ok
04:29:52.0700 5640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
04:29:52.0710 5640 UmPass - ok
04:29:52.0810 5640 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
04:29:52.0820 5640 usbccgp - ok
04:29:52.0910 5640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
04:29:52.0930 5640 usbcir - ok
04:29:53.0150 5640 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
04:29:53.0160 5640 usbehci - ok
04:29:53.0290 5640 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
04:29:53.0300 5640 usbhub - ok
04:29:53.0500 5640 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
04:29:53.0510 5640 usbohci - ok
04:29:53.0680 5640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
04:29:53.0690 5640 usbprint - ok
04:29:53.0830 5640 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
04:29:53.0840 5640 USBSTOR - ok
04:29:54.0020 5640 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
04:29:54.0030 5640 usbuhci - ok
04:29:54.0150 5640 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
04:29:54.0160 5640 usbvideo - ok
04:29:54.0260 5640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
04:29:54.0270 5640 vdrvroot - ok
04:29:54.0400 5640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
04:29:54.0410 5640 vga - ok
04:29:54.0610 5640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
04:29:54.0640 5640 VgaSave - ok
04:29:54.0760 5640 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
04:29:54.0770 5640 vhdmp - ok
04:29:54.0890 5640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
04:29:54.0900 5640 viaide - ok
04:29:55.0010 5640 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
04:29:55.0020 5640 volmgr - ok
04:29:55.0180 5640 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
04:29:55.0190 5640 volmgrx - ok
04:29:55.0330 5640 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
04:29:55.0340 5640 volsnap - ok
04:29:55.0390 5640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
04:29:55.0400 5640 vsmraid - ok
04:29:55.0450 5640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
04:29:55.0460 5640 vwifibus - ok
04:29:55.0560 5640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
04:29:55.0570 5640 vwififlt - ok
04:29:55.0730 5640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
04:29:55.0740 5640 WacomPen - ok
04:29:55.0910 5640 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
04:29:55.0930 5640 WANARP - ok
04:29:55.0940 5640 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
04:29:55.0960 5640 Wanarpv6 - ok
04:29:56.0140 5640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
04:29:56.0150 5640 Wd - ok
04:29:56.0210 5640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
04:29:56.0220 5640 Wdf01000 - ok
04:29:56.0310 5640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
04:29:56.0340 5640 WfpLwf - ok
04:29:56.0470 5640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
04:29:56.0480 5640 WIMMount - ok
04:29:56.0650 5640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
04:29:56.0660 5640 WmiAcpi - ok
04:29:56.0760 5640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
04:29:56.0790 5640 ws2ifsl - ok
04:29:56.0940 5640 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
04:29:56.0970 5640 WudfPf - ok
04:29:57.0070 5640 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:29:57.0100 5640 WUDFRd - ok
04:29:57.0120 5640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
04:29:57.0800 5640 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
04:29:57.0800 5640 \Device\Harddisk0\DR0 - detected TDSS File System (1)
04:29:57.0800 5640 Boot (0x1200) (9ae607c3dd9eea4a37f548b300f6671e) \Device\Harddisk0\DR0\Partition0
04:29:57.0800 5640 \Device\Harddisk0\DR0\Partition0 - ok
04:29:57.0810 5640 Boot (0x1200) (2b3c7c87aca14f145e3c1b0bee52da62) \Device\Harddisk0\DR0\Partition1
04:29:57.0810 5640 \Device\Harddisk0\DR0\Partition1 - ok
04:29:57.0810 5640 ============================================================
04:29:57.0810 5640 Scan finished
04:29:57.0810 5640 ============================================================
04:29:57.0820 1108 Detected object count: 1
04:29:57.0820 1108 Actual detected object count: 1
04:30:08.0100 1108 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
04:30:08.0150 1108 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
04:30:08.0250 1108 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
04:30:08.0310 1108 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
04:30:08.0310 1108 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
04:30:08.0320 1108 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
04:30:08.0330 1108 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
04:30:08.0380 1108 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
04:30:08.0390 1108 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
04:30:08.0390 1108 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
04:30:08.0390 1108 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
04:30:08.0390 1108 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

Edited by Gormil, 22 January 2012 - 11:27 PM.


BC AdBot (Login to Remove)

 


#2 Gormil

Gormil
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:50 PM

Posted 22 January 2012 - 11:01 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Avira Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 30
Adobe Flash Player 11.1.102.55
Mozilla Firefox (x86 de..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Symantec Norton Online Backup NOBuAgent.exe
``````````End of Log````````````




Farbar Service Scanner Version: 18-01-2012 01
Ran by Gormil (administrator) on 23-01-2012 at 04:53:37
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 01:09] - [2009-07-14 02:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll
[2009-07-14 01:09] - [2009-07-14 02:40] - 0703488 ____A (Microsoft Corporation) 4992C609A6315671463E30F6512BC022

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 00:36] - [2009-07-14 02:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe
[2009-07-14 00:39] - [2009-07-14 02:39] - 1598976 ____A (Microsoft Corporation) 787898BF9FB6D7BD87A36E2D95C899BA

C:\Windows\System32\wscsvc.dll
[2012-01-10 17:39] - [2010-12-21 07:16] - 0097280 ____A (Microsoft Corporation) 8F9F3969933C02DA96EB0F84576DB43E

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-14 01:36] - [2009-07-14 02:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll
[2009-07-14 00:46] - [2009-07-14 02:41] - 0848384 ____A (Microsoft Corporation) 7F0C323FE3DA28AA4AA1BDA3F575707F

C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2009-07-14 00:49] - [2009-07-14 02:40] - 0175104 ____A (Microsoft Corporation) 8C57411B66282C01533CB776F98AD384

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****






MiniToolBox by Farbar Version: 18-01-2012
Ran by Gormil (administrator) on 23-01-2012 at 04:54:47
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = LAN-Verbindung (Connected)
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Hardware not present)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

Hostname . . . . . . . . . . . . : Gormil-PC
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein

Ethernet-Adapter LAN-Verbindung* 2:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physikalische Adresse . . . . . . : 00-FF-10-60-C3-0D
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja

Ethernet-Adapter LAN-Verbindung:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physikalische Adresse . . . . . . : 1C-75-08-D4-67-4C
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::946b:b6f3:1343:2ea9%11(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.1.35(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Montag, 23. Januar 2012 04:23:04
Lease l„uft ab. . . . . . . . . . : Donnerstag, 26. Januar 2012 04:23:03
Standardgateway . . . . . . . . . : 192.168.1.1
DHCP-Server . . . . . . . . . . . : 192.168.1.1
DHCPv6-IAID . . . . . . . . . . . : 236745992
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-9C-C8-C7-1C-75-08-D4-67-4C
DNS-Server . . . . . . . . . . . : 192.168.1.1
193.189.244.194
193.189.244.202
NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter isatap.{7D93FAC1-2CC9-4CB1-8089-2298FD814A3B}:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

Tunneladapter isatap.{2CCD3B6D-5321-49D7-8135-6192E5C4C0CF}:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

Tunneladapter Teredo Tunneling Pseudo-Interface:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fd:2c76:c814:b24a:ade9(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::2c76:c814:b24a:ade9%15(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.69.105
173.194.69.103
173.194.69.99
173.194.69.147
173.194.69.104
173.194.69.106


Ping wird ausgefhrt fr google.com [173.194.69.99] mit 32 Bytes Daten:
Antwort von 173.194.69.99: Bytes=32 Zeit=22ms TTL=47
Antwort von 173.194.69.99: Bytes=32 Zeit=21ms TTL=47

Ping-Statistik fr 173.194.69.99:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 21ms, Maximum = 22ms, Mittelwert = 21ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43


Ping wird ausgefhrt fr yahoo.com [98.139.180.149] mit 32 Bytes Daten:
Antwort von 98.139.180.149: Bytes=32 Zeit=130ms TTL=49
Antwort von 98.139.180.149: Bytes=32 Zeit=110ms TTL=49

Ping-Statistik fr 98.139.180.149:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 110ms, Maximum = 130ms, Mittelwert = 120ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Ping wird ausgefhrt fr bleepingcomputer.com [208.43.87.2] mit 32 Bytes Daten:
Antwort von 208.43.87.2: Zielhost nicht erreichbar.
Antwort von 208.43.87.2: Zielhost nicht erreichbar.

Ping-Statistik fr 208.43.87.2:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit=2ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit=1ms TTL=128

Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 1ms, Maximum = 2ms, Mittelwert = 1ms
===========================================================================
Schnittstellenliste
23...00 ff 10 60 c3 0d ......Juniper Network Connect Virtual Adapter
11...1c 75 08 d4 67 4c ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
17...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.35 20
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.1.0 255.255.255.0 Auf Verbindung 192.168.1.35 276
192.168.1.35 255.255.255.255 Auf Verbindung 192.168.1.35 276
192.168.1.255 255.255.255.255 Auf Verbindung 192.168.1.35 276
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.1.35 276
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.1.35 276
===========================================================================
St„ndige Routen:
Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
15 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
15 58 2001::/32 Auf Verbindung
15 306 2001:0:5ef5:79fd:2c76:c814:b24a:ade9/128
Auf Verbindung
11 276 fe80::/64 Auf Verbindung
15 306 fe80::/64 Auf Verbindung
15 306 fe80::2c76:c814:b24a:ade9/128
Auf Verbindung
11 276 fe80::946b:b6f3:1343:2ea9/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
15 306 ff00::/8 Auf Verbindung
11 276 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/23/2012 03:24:24 AM) (Source: MsiInstaller) (User: Gormil)Gormil
Description: Produkt: Java™ 6 Update 30 -- Fehler 25025. Eine vorherige Deinstallation von Java wurde nicht abgeschlossen. Starten Sie den Computer vor der Installation von Java neu.

Error: (01/22/2012 11:08:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/21/2012 06:07:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/18/2012 02:27:46 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}

Error: (01/17/2012 08:21:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/17/2012 07:49:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/17/2012 07:43:33 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Der Server lieferte eine ungültige oder unbekannte Rückmeldung.
ErrorCode: 14007(0x36b7).

Error: (01/10/2012 06:46:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NOBuAgent.exe, Version: 2.1.17869.0, Zeitstempel: 0x4c056009
Name des fehlerhaften Moduls: NOBuAgent.exe, Version: 2.1.17869.0, Zeitstempel: 0x4c056009
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000011e006
ID des fehlerhaften Prozesses: 0x4ac
Startzeit der fehlerhaften Anwendung: 0xNOBuAgent.exe0
Pfad der fehlerhaften Anwendung: NOBuAgent.exe1
Pfad des fehlerhaften Moduls: NOBuAgent.exe2
Berichtskennung: NOBuAgent.exe3

Error: (01/10/2012 05:45:59 AM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13e0

Startzeit: 01cccf52a78f31c5

Endzeit: 2

Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

Berichts-ID: fbd7065d-3b45-11e1-9246-1c7508d4674c

Error: (01/10/2012 00:30:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (01/23/2012 03:00:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2556532)

Error: (01/23/2012 00:19:23 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7D93FAC1-2CC9-4CB1-8089-2298FD814A3B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/22/2012 06:20:54 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0xffffffffc0000005, 0xfffff80002c647e7, 0x0000000000000000, 0x000000007efa0000)C:\Windows\MEMORY.DMP012212-28236-01

Error: (01/22/2012 06:20:49 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?22.?01.?2012 um 18:19:05 unerwartet heruntergefahren.

Error: (01/22/2012 02:53:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2556532)

Error: (01/21/2012 08:33:46 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7D93FAC1-2CC9-4CB1-8089-2298FD814A3B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/21/2012 07:32:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2556532)

Error: (01/21/2012 00:28:53 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7D93FAC1-2CC9-4CB1-8089-2298FD814A3B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (01/21/2012 00:26:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2556532)

Error: (01/20/2012 09:57:25 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{7D93FAC1-2CC9-4CB1-8089-2298FD814A3B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.


Microsoft Office Sessions:
=========================
Error: (01/23/2012 03:24:24 AM) (Source: MsiInstaller)(User: Gormil)Gormil
Description: Produkt: Java™ 6 Update 30 -- Fehler 25025. Eine vorherige Deinstallation von Java wurde nicht abgeschlossen. Starten Sie den Computer vor der Installation von Java neu.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/22/2012 11:08:51 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/21/2012 06:07:54 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/18/2012 02:27:46 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/17/2012 08:21:42 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/17/2012 07:49:28 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/17/2012 07:43:33 PM) (Source: CVHSVC)(User: )
Description: Error: Der Server lieferte eine ungültige oder unbekannte Rückmeldung.
ErrorCode: 14007(0x36b7).

Error: (01/10/2012 06:46:57 PM) (Source: Application Error)(User: )
Description: NOBuAgent.exe2.1.17869.04c056009NOBuAgent.exe2.1.17869.04c056009c0000409000000000011e0064ac01cccfbfcfbd15c1C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe16f134f2-3bb3-11e1-864c-c73c0e28741a

Error: (01/10/2012 05:45:59 AM) (Source: Application Hang)(User: )
Description: rads_user_kernel.exe0.0.0.013e001cccf52a78f31c52C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exefbd7065d-3b45-11e1-9246-1c7508d4674c

Error: (01/10/2012 00:30:17 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Acer Backup Manager (Version: 3.0.0.69)
Acer Crystal Eye Webcam (Version: 1.0.1306)
Acer ePower Management (Version: 6.00.3000)
Acer eRecovery Management (Version: 5.00.3002)
Acer GameZone Console (Version: 6.1.0.9)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.1130.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Airport Mania First Flight
Amazonia
Avira Free Antivirus (Version: 12.0.0.872)
Backup Manager V3 (Version: 3.0.0.69)
Bluetooth Win7 Suite (64) (Version: 7.2.0.45)
Broadcom Card Reader Driver Installer (Version: 14.4.9.3)
Broadcom Gigabit NetLink Controller (Version: 14.4.8.3)
Cake Mania
CambridgeSoft Activation Client (Version: 12.0)
CambridgeSoft ChemDraw Ultra 12.0 (Version: 12.0)
clear.fi (Version: 1.0.1223.00)
clear.fi (Version: 9.0.7209)
clear.fi Client (Version: 1.00.3008)
D3DX10 (Version: 15.4.2368.0902)
Dota 2
Dream Day First Home
eBay Worldwide (Version: 2.1.0901)
eSobi v2 (Version: 2.0.4.000274)
Evochron Mercenary
Farm Frenzy 2
Galapago
Google Chrome (Version: 16.0.912.75)
Heroes of Hellas
Identity Card (Version: 1.00.3003)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2272)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Juniper Networks Network Connect 7.0.0 (Version: 7.0.0.17289)
Juniper Networks Setup Client (Version: 2.2.4.9429)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.0)
League of Legends (Version: 1.02.0000)
Malwarebytes Anti-Malware Version 1.60.0.1800 (Version: 1.60.0.1800)
MediaEspresso (Version: 1.0.1210_33255)
Merriam Websters Spell Jam
Mesh Runtime (Version: 15.4.5722.2)
MestReNova LITE 5.2.5-5780 (Version: 5.2.5-5780)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 9.0.1 (x86 de) (Version: 9.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.11)
MyWinLocker 4 (Version: 4.0.14.11)
MyWinLocker Suite (Version: 4.0.14.11)
Norton Online Backup (Version: 2.1.17869)
NTI Media Maker 9 (Version: 9.0.2.8939)
NVIDIA Grafiktreiber 285.62 (Version: 285.62)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA Optimus 1.5.20 (Version: 1.5.20)
NVIDIA PhysX-Systemsoftware 9.11.0621 (Version: 9.11.0621)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA Systemsteuerung 285.62 (Version: 285.62)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Pando Media Booster (Version: 2.6.0.1)
Poker Pop
Realtek High Definition Audio Driver (Version: 6.0.1.6276)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shredder (Version: 2.0.8.7)
Sid Meier's Civilization V
Skype™ 5.5 (Version: 5.5.124)
Spin & Win
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
TeamSpeak 3 Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Welcome Center (Version: 1.02.3007)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
World of Warcraft (Version: 4.3.0.15050)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8043.86 MB
Available physical RAM: 5579.02 MB
Total Pagefile: 16085.87 MB
Available Pagefile: 13268.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.79 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:586 GB) NTFS
2 Drive d: (COMMANDOS2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

========================= Users: ========================================

Benutzerkonten fr \\GORMIL-PC

Administrator Gast Gormil
UpdatusUser
Der Befehl wurde erfolgreich ausgefhrt.


**** End of log ****



aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-23 04:56:27
-----------------------------
04:56:27.598 OS Version: Windows x64 6.1.7600
04:56:27.598 Number of processors: 4 586 0x2A07
04:56:27.598 ComputerName: GORMIL-PC UserName: Gormil
04:56:30.422 Initialize success
04:57:08.086 AVAST engine defs: 12012201
04:57:11.721 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
04:57:11.721 Disk 0 Vendor: TOSHIBA_ GN00 Size: 715404MB BusType: 3
04:57:11.737 Disk 0 MBR read successfully
04:57:11.737 Disk 0 MBR scan
04:57:11.737 Disk 0 Windows 7 default MBR code
04:57:11.752 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
04:57:11.768 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
04:57:11.783 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 699942 MB offset 31664128
04:57:11.783 Service scanning
04:57:16.370 Modules scanning
04:57:16.370 Disk 0 trace - called modules:
04:57:16.385 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
04:57:16.385 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009c82060]
04:57:16.401 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007dca050]
04:57:19.927 AVAST engine scan C:\Windows
04:57:22.407 AVAST engine scan C:\Windows\system32
04:59:01.864 AVAST engine scan C:\Windows\system32\drivers
04:59:11.458 AVAST engine scan C:\Users\Gormil
05:07:35.677 AVAST engine scan C:\ProgramData
05:08:20.652 Scan finished successfully
05:09:30.431 Disk 0 MBR has been saved successfully to "C:\Users\Gormil\Desktop\MBR.dat"
05:09:30.446 The log file has been saved successfully to "C:\Users\Gormil\Desktop\aswMBR.txt"

Edited by Gormil, 22 January 2012 - 11:11 PM.


#3 Gormil

Gormil
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:50 PM

Posted 22 January 2012 - 11:39 PM

Internet Explorer: i have no redirects
Firefox: redirects
Google Chrome: redirects

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:50 PM

Posted 04 February 2012 - 09:22 PM

Hello ,i see we lost you. If you still need help.....
Are you on a router? Are other machines on it,if so are they redirecting?


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users