Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TroganANVH or Zeroaccess.b


  • This topic is locked This topic is locked
44 replies to this topic

#1 lilylee

lilylee

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 23 January 2012 - 11:37 PM

According to my Webroot Secure Anywhere virus protection I am infected with W32.Zeroaccess.B. However, my machine was not running poorly. This was on 1-22-12.The first time it identified it, it did put it in quarantine and I was able to delete it from quarantine. The machine rebooted. The webroot found it again but no longer put it in quarantine and stayed in a loop of scanning to remove. i can stop the scanning but it still seems present. I next went and downloaded the malwarebytes you have on avg site. It identified three items not called the same and it deleted them. Webroot remained sure the threat had not left. I then downloaded the 30 day trial of the avg antivirus. It found what it identified as atrojan ANVH I think. It whitelisted it and stated it could not be removed. I then ran the avg virus remover for zero access twice but it could not find it. I ran kaposky's (sp?) killer that was to kill trojans and rootkits. It deleted what it identified as a medium threat but was not the same name as the trojan or zero access. Webroot still identified the threat. From what I could read about the virus, it stated you had to kill it or it would destroy the system. So I started the process to get the logs for the forum. I had troubes with the gmer log. It ran for hours. I was able to save after a about three hours running this morning but it was not done. About that time, my machine shut down. I think finally the webroot and avg discovered eachh other. My machine would not start and did a repair on itself and started to an earlier time. It seemed to remove the gmer and the avg from the machine. However, webroot still says there is a threat. What should I do next? I have found the reinstallation disks for the computer in case it is needed. Thanks



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Owner at 23:48:22 on 2012-01-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1303 [GMT -5:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://news.google.com/nwshp?ie=UTF-8&hl=en&tab=wn
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080605
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe"
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Apoint] "c:\program files\delltpad\Apoint.exe"
mRun: [OEM02Mon.exe] "c:\windows\OEM02Mon.exe"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Broadcom Wireless Manager UI] "c:\windows\system32\WLTRAY.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [SigmatelSysTrayApp] "c:\program files\sigmatel\c-major audio\wdm\sttray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5A32CDA9-64A9-46A6-A4E9-CDA942645964} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2011-10-10 109072]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-4 73728]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-22 652872]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2012-1-22 869216]
R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2011-10-10 647184]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 111616]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-22 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-5 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-9 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-6-4 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-5 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
.
=============== Created Last 30 ================
.
2012-01-23 03:24:11 -------- d-----w- C:\TDSSKiller_Quarantine
2012-01-23 00:16:24 -------- d-----w- c:\users\owner\appdata\roaming\AVG2012
2012-01-23 00:14:33 -------- d-----w- c:\programdata\AVG Secure Search
2012-01-23 00:12:44 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-01-23 00:12:27 -------- d-----w- c:\program files\AVG Secure Search
2012-01-23 00:10:56 -------- d--h--w- c:\programdata\Common Files
2012-01-23 00:09:32 -------- d-----w- c:\windows\system32\drivers\AVG
2012-01-23 00:09:32 -------- d-----w- c:\programdata\AVG2012
2012-01-23 00:08:07 -------- d-----w- c:\program files\AVG
2012-01-23 00:02:50 -------- d-----w- c:\programdata\MFAData
2012-01-22 21:26:23 -------- d-----w- c:\users\owner\appdata\roaming\Malwarebytes
2012-01-22 21:26:16 -------- d-----w- c:\programdata\Malwarebytes
2012-01-22 21:26:13 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-22 21:26:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-21 00:23:13 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e6effd1-45b6-4de8-a7c5-367b45e7a178}\mpengine.dll
2012-01-11 04:12:46 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 04:12:46 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 04:12:45 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 04:12:44 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 04:12:43 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 04:12:42 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 04:12:41 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 04:12:41 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-04 00:31:00 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-01-04 00:31:00 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2012-01-04 00:31:00 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2012-01-04 00:29:47 -------- d-----w- c:\program files\Bookworm Deluxe
.
==================== Find3M ====================
.
2012-01-17 00:06:47 145592 ----a-w- c:\windows\system32\WRusr.dll
2012-01-17 00:06:47 109072 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 02:38:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-15 19:29:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
.
============= FINISH: 23:48:52.34 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 27 January 2012 - 12:53 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 27 January 2012 - 08:35 PM

It maybe Sunday Jan 29 (due to heavy work schedule) before I will be able to do the fix, so please do not give up on me. Thanks

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 28 January 2012 - 02:57 AM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 29 January 2012 - 06:48 PM

I turned off everything. I tried to run combo fix twice. The first time it said I had not shut down webroot. I did again. It ran for over an hour and no log. I tried to run it again. It ran for 30 minutes but no logs. I do know what to do next. Thanks

#6 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 29 January 2012 - 06:50 PM

I do have another question? Would the virus/trojan be killed if I just reinstalled everything? If so what would I have to do? the machine does seem to run hard at times for no reason. I have been leaving it off for most of the time.

#7 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 29 January 2012 - 06:54 PM

I did forget one odd thing that started during the second combo fix run and once afte. I was sent a note that the recycle bin for this disk was corrupted and did I want to delete it. I agreed each time asked. The first time I thought it was a combofix thing. The second was after it was done and seemed odd.

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 29 January 2012 - 08:08 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 31 January 2012 - 12:28 AM

I ran Kaspersky TDSSKiller. the first time thru if found nothing. The second time I changed the parameters and it found a medium threat. It had skip and I hit the continue button.



23:42:11.0293 5028 TDSS rootkit removing tool 2.7.8.0 Jan 30 2012 16:39:36
23:42:11.0870 5028 ============================================================
23:42:11.0870 5028 Current date / time: 2012/01/30 23:42:11.0870
23:42:11.0870 5028 SystemInfo:
23:42:11.0870 5028
23:42:11.0870 5028 OS Version: 6.0.6002 ServicePack: 2.0
23:42:11.0870 5028 Product type: Workstation
23:42:11.0870 5028 ComputerName: OWNER-PC
23:42:11.0870 5028 UserName: Owner
23:42:11.0870 5028 Windows directory: C:\Windows
23:42:11.0870 5028 System windows directory: C:\Windows
23:42:11.0870 5028 Processor architecture: Intel x86
23:42:11.0870 5028 Number of processors: 2
23:42:11.0870 5028 Page size: 0x1000
23:42:11.0870 5028 Boot type: Normal boot
23:42:11.0870 5028 ============================================================
23:42:12.0385 5028 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:42:12.0385 5028 \Device\Harddisk0\DR0:
23:42:12.0385 5028 MBR used
23:42:12.0385 5028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
23:42:12.0385 5028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x1B929168
23:42:12.0525 5028 Initialize success
23:42:12.0525 5028 ============================================================
23:42:16.0534 0416 ============================================================
23:42:16.0534 0416 Scan started
23:42:16.0534 0416 Mode: Manual;
23:42:16.0534 0416 ============================================================
23:42:18.0406 0416 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
23:42:18.0406 0416 ACPI - ok
23:42:18.0656 0416 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
23:42:18.0672 0416 adp94xx - ok
23:42:18.0796 0416 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
23:42:18.0796 0416 adpahci - ok
23:42:19.0249 0416 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
23:42:19.0249 0416 adpu160m - ok
23:42:19.0420 0416 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
23:42:19.0420 0416 adpu320 - ok
23:42:19.0545 0416 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
23:42:19.0545 0416 AFD - ok
23:42:19.0748 0416 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
23:42:19.0748 0416 agp440 - ok
23:42:19.0857 0416 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:42:19.0857 0416 aic78xx - ok
23:42:19.0951 0416 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
23:42:19.0951 0416 aliide - ok
23:42:20.0060 0416 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
23:42:20.0060 0416 amdagp - ok
23:42:20.0154 0416 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
23:42:20.0154 0416 amdide - ok
23:42:20.0247 0416 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
23:42:20.0247 0416 AmdK7 - ok
23:42:20.0341 0416 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
23:42:20.0341 0416 AmdK8 - ok
23:42:20.0450 0416 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
23:42:20.0450 0416 ApfiltrService - ok
23:42:20.0606 0416 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
23:42:20.0606 0416 arc - ok
23:42:20.0700 0416 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
23:42:20.0700 0416 arcsas - ok
23:42:20.0824 0416 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
23:42:20.0824 0416 AsyncMac - ok
23:42:20.0965 0416 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
23:42:20.0965 0416 atapi - ok
23:42:21.0183 0416 BCM42RLY - ok
23:42:21.0480 0416 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:42:21.0511 0416 BCM43XX - ok
23:42:21.0729 0416 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
23:42:21.0760 0416 Beep - ok
23:42:21.0901 0416 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
23:42:21.0901 0416 blbdrive - ok
23:42:22.0104 0416 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
23:42:22.0104 0416 bowser - ok
23:42:22.0275 0416 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:42:22.0275 0416 BrFiltLo - ok
23:42:22.0525 0416 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:42:22.0525 0416 BrFiltUp - ok
23:42:22.0774 0416 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\Windows\System32\drivers\BrPar.sys
23:42:22.0790 0416 BrPar - ok
23:42:22.0884 0416 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:42:22.0884 0416 Brserid - ok
23:42:22.0977 0416 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:42:22.0977 0416 BrSerWdm - ok
23:42:23.0086 0416 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:42:23.0086 0416 BrUsbMdm - ok
23:42:23.0180 0416 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:42:23.0180 0416 BrUsbSer - ok
23:42:23.0289 0416 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:42:23.0289 0416 BTHMODEM - ok
23:42:23.0383 0416 catchme - ok
23:42:23.0554 0416 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
23:42:23.0554 0416 cdfs - ok
23:42:23.0851 0416 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
23:42:23.0851 0416 cdrom - ok
23:42:23.0960 0416 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
23:42:23.0960 0416 circlass - ok
23:42:24.0303 0416 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
23:42:24.0303 0416 CLFS - ok
23:42:24.0412 0416 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
23:42:24.0428 0416 CmBatt - ok
23:42:24.0522 0416 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
23:42:24.0522 0416 cmdide - ok
23:42:24.0615 0416 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
23:42:24.0615 0416 Compbatt - ok
23:42:24.0740 0416 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
23:42:24.0740 0416 crcdisk - ok
23:42:24.0865 0416 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
23:42:24.0880 0416 Crusoe - ok
23:42:25.0036 0416 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
23:42:25.0036 0416 DfsC - ok
23:42:25.0239 0416 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
23:42:25.0239 0416 disk - ok
23:42:25.0520 0416 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
23:42:25.0520 0416 Dot4 - ok
23:42:25.0723 0416 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:42:25.0723 0416 Dot4Print - ok
23:42:26.0596 0416 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
23:42:26.0596 0416 dot4usb - ok
23:42:26.0706 0416 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
23:42:26.0706 0416 drmkaud - ok
23:42:26.0893 0416 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
23:42:26.0924 0416 DXGKrnl - ok
23:42:27.0626 0416 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
23:42:27.0626 0416 e1express - ok
23:42:27.0720 0416 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:42:27.0735 0416 E1G60 - ok
23:42:27.0985 0416 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
23:42:28.0000 0416 Ecache - ok
23:42:28.0219 0416 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
23:42:28.0219 0416 elxstor - ok
23:42:28.0312 0416 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
23:42:28.0312 0416 ErrDev - ok
23:42:28.0593 0416 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
23:42:28.0593 0416 exfat - ok
23:42:29.0498 0416 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
23:42:29.0498 0416 fastfat - ok
23:42:29.0654 0416 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
23:42:29.0654 0416 fdc - ok
23:42:29.0763 0416 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
23:42:29.0763 0416 FileInfo - ok
23:42:29.0919 0416 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
23:42:29.0919 0416 Filetrace - ok
23:42:30.0013 0416 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
23:42:30.0013 0416 flpydisk - ok
23:42:30.0153 0416 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
23:42:30.0153 0416 FltMgr - ok
23:42:30.0340 0416 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
23:42:30.0340 0416 fssfltr - ok
23:42:30.0450 0416 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
23:42:30.0450 0416 Fs_Rec - ok
23:42:30.0559 0416 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
23:42:30.0559 0416 gagp30kx - ok
23:42:30.0808 0416 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:42:30.0824 0416 HDAudBus - ok
23:42:30.0980 0416 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:42:30.0980 0416 HidBth - ok
23:42:31.0074 0416 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:42:31.0074 0416 HidIr - ok
23:42:31.0230 0416 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
23:42:31.0245 0416 HidUsb - ok
23:42:31.0339 0416 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
23:42:31.0339 0416 HpCISSs - ok
23:42:31.0479 0416 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:42:31.0495 0416 HSF_DPV - ok
23:42:31.0651 0416 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:42:31.0651 0416 HSXHWAZL - ok
23:42:31.0807 0416 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
23:42:31.0822 0416 HTTP - ok
23:42:31.0963 0416 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
23:42:31.0963 0416 i2omp - ok
23:42:32.0072 0416 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
23:42:32.0072 0416 i8042prt - ok
23:42:32.0181 0416 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
23:42:32.0181 0416 iaStor - ok
23:42:32.0290 0416 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
23:42:32.0290 0416 iaStorV - ok
23:42:32.0431 0416 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:42:32.0493 0416 igfx - ok
23:42:32.0665 0416 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:42:32.0680 0416 iirsp - ok
23:42:32.0774 0416 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
23:42:32.0790 0416 IntcHdmiAddService - ok
23:42:32.0883 0416 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
23:42:32.0883 0416 intelide - ok
23:42:32.0992 0416 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
23:42:32.0992 0416 intelppm - ok
23:42:33.0102 0416 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:42:33.0102 0416 IpFilterDriver - ok
23:42:33.0180 0416 IpInIp - ok
23:42:33.0273 0416 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
23:42:33.0273 0416 IPMIDRV - ok
23:42:33.0382 0416 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
23:42:33.0382 0416 IPNAT - ok
23:42:33.0476 0416 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
23:42:33.0476 0416 IRENUM - ok
23:42:33.0616 0416 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
23:42:33.0616 0416 isapnp - ok
23:42:33.0866 0416 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
23:42:33.0866 0416 iScsiPrt - ok
23:42:33.0960 0416 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:42:33.0960 0416 iteatapi - ok
23:42:34.0069 0416 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:42:34.0069 0416 iteraid - ok
23:42:34.0162 0416 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:42:34.0162 0416 kbdclass - ok
23:42:34.0303 0416 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
23:42:34.0318 0416 kbdhid - ok
23:42:34.0677 0416 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
23:42:34.0677 0416 KSecDD - ok
23:42:34.0958 0416 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
23:42:34.0958 0416 lltdio - ok
23:42:35.0161 0416 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
23:42:35.0161 0416 LSI_FC - ok
23:42:35.0426 0416 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
23:42:35.0426 0416 LSI_SAS - ok
23:42:35.0613 0416 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
23:42:35.0613 0416 LSI_SCSI - ok
23:42:35.0847 0416 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
23:42:35.0847 0416 luafv - ok
23:42:35.0988 0416 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
23:42:35.0988 0416 MBAMProtector - ok
23:42:36.0112 0416 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:42:36.0112 0416 mdmxsdk - ok
23:42:36.0222 0416 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
23:42:36.0222 0416 megasas - ok
23:42:36.0331 0416 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
23:42:36.0331 0416 MegaSR - ok
23:42:36.0440 0416 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
23:42:36.0440 0416 Modem - ok
23:42:36.0534 0416 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
23:42:36.0534 0416 monitor - ok
23:42:36.0643 0416 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
23:42:36.0643 0416 mouclass - ok
23:42:36.0736 0416 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
23:42:36.0736 0416 mouhid - ok
23:42:36.0846 0416 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
23:42:36.0846 0416 MountMgr - ok
23:42:36.0986 0416 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
23:42:36.0986 0416 mpio - ok
23:42:37.0095 0416 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
23:42:37.0095 0416 mpsdrv - ok
23:42:37.0204 0416 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:42:37.0204 0416 Mraid35x - ok
23:42:37.0360 0416 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
23:42:37.0360 0416 MRxDAV - ok
23:42:37.0750 0416 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:42:37.0750 0416 mrxsmb - ok
23:42:37.0922 0416 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:42:37.0922 0416 mrxsmb10 - ok
23:42:38.0125 0416 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:42:38.0125 0416 mrxsmb20 - ok
23:42:38.0296 0416 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
23:42:38.0296 0416 msahci - ok
23:42:38.0452 0416 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
23:42:38.0452 0416 msdsm - ok
23:42:38.0671 0416 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
23:42:38.0671 0416 Msfs - ok
23:42:38.0796 0416 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
23:42:38.0796 0416 msisadrv - ok
23:42:38.0920 0416 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
23:42:38.0920 0416 MSKSSRV - ok
23:42:39.0014 0416 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
23:42:39.0014 0416 MSPCLOCK - ok
23:42:39.0139 0416 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
23:42:39.0139 0416 MSPQM - ok
23:42:39.0357 0416 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
23:42:39.0357 0416 MsRPC - ok
23:42:39.0669 0416 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
23:42:39.0685 0416 mssmbios - ok
23:42:39.0700 0416 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
23:42:39.0716 0416 MSTEE - ok
23:42:39.0810 0416 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
23:42:39.0810 0416 Mup - ok
23:42:39.0919 0416 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
23:42:39.0934 0416 NativeWifiP - ok
23:42:40.0028 0416 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
23:42:40.0028 0416 NDIS - ok
23:42:40.0075 0416 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
23:42:40.0075 0416 NdisTapi - ok
23:42:40.0153 0416 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
23:42:40.0153 0416 Ndisuio - ok
23:42:40.0293 0416 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:42:40.0293 0416 NdisWan - ok
23:42:40.0418 0416 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
23:42:40.0418 0416 NDProxy - ok
23:42:40.0496 0416 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
23:42:40.0512 0416 NetBIOS - ok
23:42:40.0621 0416 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:42:40.0621 0416 nfrd960 - ok
23:42:40.0855 0416 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
23:42:40.0855 0416 Npfs - ok
23:42:40.0964 0416 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
23:42:40.0964 0416 nsiproxy - ok
23:42:41.0182 0416 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
23:42:41.0214 0416 Ntfs - ok
23:42:41.0463 0416 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:42:41.0463 0416 ntrigdigi - ok
23:42:41.0572 0416 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
23:42:41.0572 0416 NuidFltr - ok
23:42:41.0806 0416 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
23:42:41.0806 0416 Null - ok
23:42:41.0931 0416 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
23:42:41.0931 0416 nvraid - ok
23:42:42.0103 0416 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
23:42:42.0103 0416 nvstor - ok
23:42:42.0243 0416 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
23:42:42.0243 0416 nv_agp - ok
23:42:42.0259 0416 NwlnkFlt - ok
23:42:42.0274 0416 NwlnkFwd - ok
23:42:42.0446 0416 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
23:42:42.0446 0416 OEM02Dev - ok
23:42:42.0618 0416 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
23:42:42.0618 0416 OEM02Vfx - ok
23:42:42.0805 0416 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
23:42:42.0805 0416 ohci1394 - ok
23:42:42.0992 0416 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:42:42.0992 0416 Parport - ok
23:42:43.0148 0416 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
23:42:43.0148 0416 partmgr - ok
23:42:43.0304 0416 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:42:43.0304 0416 Parvdm - ok
23:42:43.0491 0416 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
23:42:43.0491 0416 pci - ok
23:42:43.0663 0416 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
23:42:43.0663 0416 pciide - ok
23:42:43.0866 0416 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
23:42:43.0866 0416 pcmcia - ok
23:42:44.0068 0416 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:42:44.0084 0416 PEAUTH - ok
23:42:44.0474 0416 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
23:42:44.0474 0416 PptpMiniport - ok
23:42:44.0708 0416 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
23:42:44.0724 0416 Processor - ok
23:42:44.0848 0416 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
23:42:44.0848 0416 PSched - ok
23:42:44.0973 0416 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
23:42:44.0973 0416 PxHelp20 - ok
23:42:45.0082 0416 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
23:42:45.0098 0416 ql2300 - ok
23:42:45.0301 0416 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:42:45.0301 0416 ql40xx - ok
23:42:45.0410 0416 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
23:42:45.0410 0416 QWAVEdrv - ok
23:42:45.0878 0416 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
23:42:45.0909 0416 R300 - ok
23:42:46.0284 0416 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
23:42:46.0284 0416 RasAcd - ok
23:42:46.0330 0416 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:42:46.0330 0416 Rasl2tp - ok
23:42:46.0440 0416 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
23:42:46.0440 0416 RasPppoe - ok
23:42:46.0674 0416 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
23:42:46.0674 0416 RasSstp - ok
23:42:47.0173 0416 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
23:42:47.0188 0416 rdbss - ok
23:42:47.0391 0416 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:42:47.0391 0416 RDPCDD - ok
23:42:47.0625 0416 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
23:42:47.0625 0416 rdpdr - ok
23:42:47.0828 0416 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
23:42:47.0828 0416 RDPENCDD - ok
23:42:47.0968 0416 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
23:42:47.0968 0416 RDPWD - ok
23:42:48.0062 0416 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
23:42:48.0062 0416 rimmptsk - ok
23:42:48.0156 0416 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
23:42:48.0156 0416 rimsptsk - ok
23:42:48.0312 0416 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
23:42:48.0312 0416 rismxdp - ok
23:42:48.0358 0416 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
23:42:48.0374 0416 rspndr - ok
23:42:48.0421 0416 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:42:48.0421 0416 sbp2port - ok
23:42:48.0577 0416 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
23:42:48.0577 0416 sdbus - ok
23:42:48.0733 0416 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:42:48.0733 0416 secdrv - ok
23:42:48.0764 0416 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:42:48.0764 0416 Serenum - ok
23:42:48.0795 0416 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:42:48.0795 0416 Serial - ok
23:42:48.0858 0416 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
23:42:48.0858 0416 sermouse - ok
23:42:49.0014 0416 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
23:42:49.0014 0416 sffdisk - ok
23:42:49.0045 0416 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
23:42:49.0045 0416 sffp_mmc - ok
23:42:49.0185 0416 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:42:49.0185 0416 sffp_sd - ok
23:42:49.0528 0416 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
23:42:49.0528 0416 sfloppy - ok
23:42:49.0981 0416 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
23:42:49.0981 0416 sisagp - ok
23:42:50.0293 0416 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
23:42:50.0293 0416 SiSRaid2 - ok
23:42:50.0496 0416 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
23:42:50.0496 0416 SiSRaid4 - ok
23:42:50.0714 0416 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
23:42:50.0714 0416 Smb - ok
23:42:50.0870 0416 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
23:42:50.0870 0416 spldr - ok
23:42:51.0151 0416 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
23:42:51.0151 0416 srv - ok
23:42:51.0276 0416 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
23:42:51.0276 0416 srv2 - ok
23:42:51.0447 0416 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
23:42:51.0463 0416 srvnet - ok
23:42:51.0541 0416 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
23:42:51.0541 0416 STHDA - ok
23:42:51.0619 0416 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
23:42:51.0619 0416 swenum - ok
23:42:51.0681 0416 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:42:51.0681 0416 Symc8xx - ok
23:42:51.0728 0416 SymIM - ok
23:42:51.0744 0416 SymIMMP - ok
23:42:51.0806 0416 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:42:51.0806 0416 Sym_hi - ok
23:42:51.0837 0416 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:42:51.0837 0416 Sym_u3 - ok
23:42:52.0087 0416 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
23:42:52.0087 0416 Tcpip - ok
23:42:52.0165 0416 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
23:42:52.0165 0416 Tcpip6 - ok
23:42:52.0352 0416 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
23:42:52.0352 0416 tcpipreg - ok
23:42:52.0399 0416 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
23:42:52.0399 0416 TDPIPE - ok
23:42:52.0461 0416 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
23:42:52.0461 0416 TDTCP - ok
23:42:52.0633 0416 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
23:42:52.0633 0416 tdx - ok
23:42:52.0820 0416 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
23:42:52.0820 0416 TermDD - ok
23:42:53.0023 0416 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:42:53.0023 0416 tssecsrv - ok
23:42:53.0210 0416 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
23:42:53.0210 0416 tunmp - ok
23:42:53.0475 0416 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
23:42:53.0491 0416 tunnel - ok
23:42:53.0553 0416 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
23:42:53.0553 0416 uagp35 - ok
23:42:53.0865 0416 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
23:42:53.0881 0416 udfs - ok
23:42:54.0052 0416 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
23:42:54.0052 0416 uliagpkx - ok
23:42:54.0099 0416 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
23:42:54.0099 0416 uliahci - ok
23:42:54.0162 0416 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:42:54.0162 0416 UlSata - ok
23:42:54.0193 0416 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:42:54.0193 0416 ulsata2 - ok
23:42:54.0208 0416 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
23:42:54.0208 0416 umbus - ok
23:42:54.0240 0416 USBAAPL - ok
23:42:54.0271 0416 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
23:42:54.0271 0416 usbccgp - ok
23:42:54.0286 0416 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:42:54.0286 0416 usbcir - ok
23:42:54.0318 0416 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
23:42:54.0318 0416 usbehci - ok
23:42:54.0458 0416 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
23:42:54.0458 0416 usbhub - ok
23:42:54.0645 0416 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
23:42:54.0645 0416 usbohci - ok
23:42:54.0910 0416 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
23:42:54.0910 0416 usbprint - ok
23:42:55.0004 0416 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
23:42:55.0004 0416 usbscan - ok
23:42:55.0113 0416 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:42:55.0113 0416 USBSTOR - ok
23:42:55.0222 0416 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
23:42:55.0222 0416 usbuhci - ok
23:42:55.0456 0416 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
23:42:55.0456 0416 vga - ok
23:42:55.0519 0416 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
23:42:55.0519 0416 VgaSave - ok
23:42:55.0722 0416 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
23:42:55.0722 0416 viaagp - ok
23:42:55.0846 0416 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
23:42:55.0846 0416 ViaC7 - ok
23:42:55.0893 0416 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
23:42:55.0893 0416 viaide - ok
23:42:56.0096 0416 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
23:42:56.0096 0416 volmgr - ok
23:42:56.0299 0416 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
23:42:56.0299 0416 volmgrx - ok
23:42:56.0502 0416 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
23:42:56.0502 0416 volsnap - ok
23:42:56.0658 0416 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
23:42:56.0658 0416 vsmraid - ok
23:42:56.0845 0416 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:42:56.0845 0416 WacomPen - ok
23:42:56.0938 0416 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:56.0938 0416 Wanarp - ok
23:42:56.0954 0416 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:56.0954 0416 Wanarpv6 - ok
23:42:57.0126 0416 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
23:42:57.0126 0416 Wd - ok
23:42:57.0313 0416 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
23:42:57.0313 0416 Wdf01000 - ok
23:42:57.0531 0416 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:42:57.0531 0416 winachsf - ok
23:42:57.0828 0416 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:42:57.0828 0416 WmiAcpi - ok
23:42:58.0108 0416 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
23:42:58.0108 0416 WpdUsb - ok
23:42:59.0278 0416 WRkrn (85186d540e12130ae3f697e353960192) C:\Windows\system32\drivers\WRkrn.sys
23:42:59.0278 0416 WRkrn - ok
23:43:00.0090 0416 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
23:43:00.0090 0416 ws2ifsl - ok
23:43:01.0119 0416 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:43:01.0119 0416 WUDFRd - ok
23:43:02.0149 0416 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
23:43:02.0149 0416 XAudio - ok
23:43:02.0492 0416 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
23:43:02.0492 0416 yukonwlh - ok
23:43:02.0539 0416 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
23:43:02.0773 0416 \Device\Harddisk0\DR0 - ok
23:43:02.0788 0416 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
23:43:02.0788 0416 \Device\Harddisk0\DR0\Partition0 - ok
23:43:02.0804 0416 Boot (0x1200) (41dbb759b57d680d16c70a93c45a090f) \Device\Harddisk0\DR0\Partition1
23:43:02.0804 0416 \Device\Harddisk0\DR0\Partition1 - ok
23:43:02.0804 0416 ============================================================
23:43:02.0804 0416 Scan finished
23:43:02.0804 0416 ============================================================
23:43:02.0820 1636 Detected object count: 0
23:43:02.0820 1636 Actual detected object count: 0
23:43:38.0419 3148 ============================================================
23:43:38.0419 3148 Scan started
23:43:38.0419 3148 Mode: Manual; SigCheck; TDLFS;
23:43:38.0419 3148 ============================================================
23:43:38.0762 3148 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
23:43:38.0918 3148 ACPI - ok
23:43:38.0980 3148 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
23:43:38.0996 3148 adp94xx - ok
23:43:39.0058 3148 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
23:43:39.0074 3148 adpahci - ok
23:43:39.0121 3148 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
23:43:39.0136 3148 adpu160m - ok
23:43:39.0183 3148 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
23:43:39.0214 3148 adpu320 - ok
23:43:39.0261 3148 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
23:43:39.0339 3148 AFD - ok
23:43:39.0386 3148 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
23:43:39.0402 3148 agp440 - ok
23:43:39.0433 3148 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:43:39.0448 3148 aic78xx - ok
23:43:39.0480 3148 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
23:43:39.0495 3148 aliide - ok
23:43:39.0542 3148 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
23:43:39.0558 3148 amdagp - ok
23:43:39.0589 3148 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
23:43:39.0604 3148 amdide - ok
23:43:39.0620 3148 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
23:43:39.0682 3148 AmdK7 - ok
23:43:39.0729 3148 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
23:43:39.0776 3148 AmdK8 - ok
23:43:39.0823 3148 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
23:43:39.0854 3148 ApfiltrService - ok
23:43:39.0885 3148 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
23:43:39.0901 3148 arc - ok
23:43:39.0916 3148 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
23:43:39.0932 3148 arcsas - ok
23:43:39.0948 3148 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
23:43:39.0994 3148 AsyncMac - ok
23:43:40.0041 3148 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
23:43:40.0057 3148 atapi - ok
23:43:40.0088 3148 BCM42RLY - ok
23:43:40.0150 3148 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:43:40.0244 3148 BCM43XX - ok
23:43:40.0291 3148 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
23:43:40.0353 3148 Beep - ok
23:43:40.0400 3148 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
23:43:40.0447 3148 blbdrive - ok
23:43:40.0494 3148 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
23:43:40.0525 3148 bowser - ok
23:43:40.0556 3148 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:43:40.0587 3148 BrFiltLo - ok
23:43:40.0618 3148 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:43:40.0665 3148 BrFiltUp - ok
23:43:40.0728 3148 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\Windows\System32\drivers\BrPar.sys
23:43:40.0743 3148 BrPar ( UnsignedFile.Multi.Generic ) - warning
23:43:40.0743 3148 BrPar - detected UnsignedFile.Multi.Generic (1)
23:43:40.0790 3148 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:43:40.0868 3148 Brserid - ok
23:43:40.0915 3148 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:43:40.0993 3148 BrSerWdm - ok
23:43:41.0024 3148 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:43:41.0086 3148 BrUsbMdm - ok
23:43:41.0133 3148 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:43:41.0196 3148 BrUsbSer - ok
23:43:41.0242 3148 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:43:41.0305 3148 BTHMODEM - ok
23:43:41.0398 3148 catchme - ok
23:43:41.0430 3148 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
23:43:41.0492 3148 cdfs - ok
23:43:41.0523 3148 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
23:43:41.0570 3148 cdrom - ok
23:43:41.0617 3148 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
23:43:41.0664 3148 circlass - ok
23:43:41.0710 3148 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
23:43:41.0742 3148 CLFS - ok
23:43:41.0757 3148 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
23:43:41.0804 3148 CmBatt - ok
23:43:41.0835 3148 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
23:43:41.0851 3148 cmdide - ok
23:43:41.0866 3148 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
23:43:41.0882 3148 Compbatt - ok
23:43:41.0898 3148 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
23:43:41.0913 3148 crcdisk - ok
23:43:41.0929 3148 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
23:43:41.0960 3148 Crusoe - ok
23:43:42.0007 3148 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
23:43:42.0069 3148 DfsC - ok
23:43:42.0147 3148 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
23:43:42.0163 3148 disk - ok
23:43:42.0225 3148 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
23:43:42.0288 3148 Dot4 - ok
23:43:42.0334 3148 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:43:42.0366 3148 Dot4Print - ok
23:43:42.0412 3148 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
23:43:42.0475 3148 dot4usb - ok
23:43:42.0522 3148 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
23:43:42.0568 3148 drmkaud - ok
23:43:42.0631 3148 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
23:43:42.0662 3148 DXGKrnl - ok
23:43:42.0709 3148 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
23:43:42.0740 3148 e1express - ok
23:43:42.0771 3148 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:43:42.0818 3148 E1G60 - ok
23:43:42.0880 3148 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
23:43:42.0880 3148 Ecache - ok
23:43:42.0927 3148 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
23:43:42.0958 3148 elxstor - ok
23:43:42.0990 3148 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
23:43:43.0021 3148 ErrDev - ok
23:43:43.0099 3148 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
23:43:43.0114 3148 exfat - ok
23:43:43.0146 3148 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
23:43:43.0177 3148 fastfat - ok
23:43:43.0208 3148 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
23:43:43.0255 3148 fdc - ok
23:43:43.0302 3148 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
23:43:43.0317 3148 FileInfo - ok
23:43:43.0333 3148 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
23:43:43.0364 3148 Filetrace - ok
23:43:43.0380 3148 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
23:43:43.0426 3148 flpydisk - ok
23:43:43.0473 3148 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
23:43:43.0489 3148 FltMgr - ok
23:43:43.0551 3148 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
23:43:43.0567 3148 fssfltr - ok
23:43:43.0598 3148 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
23:43:43.0645 3148 Fs_Rec - ok
23:43:43.0676 3148 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
23:43:43.0692 3148 gagp30kx - ok
23:43:43.0770 3148 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:43:43.0801 3148 HDAudBus - ok
23:43:43.0832 3148 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:43:43.0910 3148 HidBth - ok
23:43:43.0941 3148 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:43:44.0004 3148 HidIr - ok
23:43:44.0050 3148 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
23:43:44.0097 3148 HidUsb - ok
23:43:44.0144 3148 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
23:43:44.0160 3148 HpCISSs - ok
23:43:44.0222 3148 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:43:44.0331 3148 HSF_DPV - ok
23:43:44.0362 3148 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:43:44.0378 3148 HSXHWAZL - ok
23:43:44.0440 3148 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
23:43:44.0503 3148 HTTP - ok
23:43:44.0565 3148 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
23:43:44.0581 3148 i2omp - ok
23:43:44.0612 3148 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
23:43:44.0659 3148 i8042prt - ok
23:43:44.0721 3148 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
23:43:44.0737 3148 iaStor - ok
23:43:44.0752 3148 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
23:43:44.0768 3148 iaStorV - ok
23:43:44.0862 3148 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:43:45.0049 3148 igfx - ok
23:43:45.0064 3148 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:43:45.0080 3148 iirsp - ok
23:43:45.0142 3148 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
23:43:45.0189 3148 IntcHdmiAddService - ok
23:43:45.0220 3148 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
23:43:45.0220 3148 intelide - ok
23:43:45.0252 3148 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
23:43:45.0314 3148 intelppm - ok
23:43:45.0361 3148 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:43:45.0408 3148 IpFilterDriver - ok
23:43:45.0408 3148 IpInIp - ok
23:43:45.0454 3148 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
23:43:45.0486 3148 IPMIDRV - ok
23:43:45.0517 3148 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
23:43:45.0532 3148 IPNAT - ok
23:43:45.0564 3148 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
23:43:45.0610 3148 IRENUM - ok
23:43:45.0657 3148 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
23:43:45.0657 3148 isapnp - ok
23:43:45.0720 3148 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
23:43:45.0735 3148 iScsiPrt - ok
23:43:45.0766 3148 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:43:45.0782 3148 iteatapi - ok
23:43:45.0798 3148 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:43:45.0798 3148 iteraid - ok
23:43:45.0829 3148 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:43:45.0844 3148 kbdclass - ok
23:43:45.0860 3148 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
23:43:45.0891 3148 kbdhid - ok
23:43:45.0969 3148 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
23:43:45.0985 3148 KSecDD - ok
23:43:46.0032 3148 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
23:43:46.0094 3148 lltdio - ok
23:43:46.0141 3148 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
23:43:46.0156 3148 LSI_FC - ok
23:43:46.0188 3148 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
23:43:46.0203 3148 LSI_SAS - ok
23:43:46.0234 3148 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
23:43:46.0234 3148 LSI_SCSI - ok
23:43:46.0266 3148 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
23:43:46.0312 3148 luafv - ok
23:43:46.0359 3148 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
23:43:46.0375 3148 MBAMProtector - ok
23:43:46.0406 3148 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:43:46.0422 3148 mdmxsdk - ok
23:43:46.0453 3148 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
23:43:46.0453 3148 megasas - ok
23:43:46.0500 3148 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
23:43:46.0515 3148 MegaSR - ok
23:43:46.0546 3148 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
23:43:46.0593 3148 Modem - ok
23:43:46.0640 3148 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
23:43:46.0687 3148 monitor - ok
23:43:46.0718 3148 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
23:43:46.0718 3148 mouclass - ok
23:43:46.0749 3148 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
23:43:46.0780 3148 mouhid - ok
23:43:46.0796 3148 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
23:43:46.0812 3148 MountMgr - ok
23:43:46.0843 3148 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
23:43:46.0858 3148 mpio - ok
23:43:46.0874 3148 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
23:43:46.0921 3148 mpsdrv - ok
23:43:46.0952 3148 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:43:46.0968 3148 Mraid35x - ok
23:43:47.0030 3148 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
23:43:47.0092 3148 MRxDAV - ok
23:43:47.0139 3148 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:43:47.0170 3148 mrxsmb - ok
23:43:47.0233 3148 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:43:47.0295 3148 mrxsmb10 - ok
23:43:47.0342 3148 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:43:47.0389 3148 mrxsmb20 - ok
23:43:47.0451 3148 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
23:43:47.0467 3148 msahci - ok
23:43:47.0498 3148 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
23:43:47.0514 3148 msdsm - ok
23:43:47.0545 3148 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
23:43:47.0607 3148 Msfs - ok
23:43:47.0623 3148 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
23:43:47.0638 3148 msisadrv - ok
23:43:47.0670 3148 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
23:43:47.0748 3148 MSKSSRV - ok
23:43:47.0826 3148 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
23:43:47.0857 3148 MSPCLOCK - ok
23:43:47.0888 3148 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
23:43:47.0919 3148 MSPQM - ok
23:43:48.0106 3148 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
23:43:48.0138 3148 MsRPC - ok
23:43:48.0184 3148 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
23:43:48.0200 3148 mssmbios - ok
23:43:48.0216 3148 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
23:43:48.0247 3148 MSTEE - ok
23:43:48.0340 3148 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
23:43:48.0356 3148 Mup - ok
23:43:48.0418 3148 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
23:43:48.0512 3148 NativeWifiP - ok
23:43:48.0621 3148 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
23:43:48.0652 3148 NDIS - ok
23:43:48.0730 3148 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
23:43:48.0824 3148 NdisTapi - ok
23:43:48.0902 3148 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
23:43:49.0011 3148 Ndisuio - ok
23:43:49.0074 3148 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:43:49.0183 3148 NdisWan - ok
23:43:49.0245 3148 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
23:43:49.0339 3148 NDProxy - ok
23:43:49.0370 3148 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
23:43:49.0448 3148 NetBIOS - ok
23:43:49.0495 3148 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:43:49.0510 3148 nfrd960 - ok
23:43:49.0573 3148 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
23:43:49.0651 3148 Npfs - ok
23:43:49.0682 3148 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
23:43:49.0807 3148 nsiproxy - ok
23:43:50.0088 3148 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
23:43:50.0166 3148 Ntfs - ok
23:43:50.0275 3148 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:43:50.0353 3148 ntrigdigi - ok
23:43:50.0462 3148 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
23:43:50.0478 3148 NuidFltr - ok
23:43:50.0587 3148 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
23:43:50.0649 3148 Null - ok
23:43:50.0743 3148 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
23:43:50.0743 3148 nvraid - ok
23:43:50.0790 3148 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
23:43:50.0790 3148 nvstor - ok
23:43:50.0836 3148 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
23:43:50.0852 3148 nv_agp - ok
23:43:50.0868 3148 NwlnkFlt - ok
23:43:50.0883 3148 NwlnkFwd - ok
23:43:50.0961 3148 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
23:43:51.0133 3148 OEM02Dev - ok
23:43:51.0304 3148 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
23:43:51.0382 3148 OEM02Vfx - ok
23:43:51.0476 3148 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
23:43:51.0538 3148 ohci1394 - ok
23:43:51.0616 3148 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:43:51.0741 3148 Parport - ok
23:43:51.0882 3148 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
23:43:51.0897 3148 partmgr - ok
23:43:51.0960 3148 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:43:52.0053 3148 Parvdm - ok
23:43:52.0162 3148 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
23:43:52.0178 3148 pci - ok
23:43:52.0209 3148 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
23:43:52.0225 3148 pciide - ok
23:43:52.0303 3148 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
23:43:52.0318 3148 pcmcia - ok
23:43:52.0428 3148 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:43:52.0568 3148 PEAUTH - ok
23:43:52.0755 3148 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
23:43:52.0833 3148 PptpMiniport - ok
23:43:52.0864 3148 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
23:43:52.0896 3148 Processor - ok
23:43:52.0974 3148 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
23:43:53.0067 3148 PSched - ok
23:43:53.0098 3148 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
23:43:53.0114 3148 PxHelp20 - ok
23:43:53.0161 3148 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
23:43:53.0223 3148 ql2300 - ok
23:43:53.0239 3148 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:43:53.0254 3148 ql40xx - ok
23:43:53.0286 3148 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
23:43:53.0317 3148 QWAVEdrv - ok
23:43:53.0488 3148 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
23:43:53.0676 3148 R300 - ok
23:43:53.0832 3148 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
23:43:53.0941 3148 RasAcd - ok
23:43:53.0988 3148 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:43:54.0034 3148 Rasl2tp - ok
23:43:54.0112 3148 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
23:43:54.0159 3148 RasPppoe - ok
23:43:54.0190 3148 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
23:43:54.0206 3148 RasSstp - ok
23:43:54.0268 3148 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
23:43:54.0300 3148 rdbss - ok
23:43:54.0331 3148 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:43:54.0393 3148 RDPCDD - ok
23:43:54.0424 3148 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
23:43:54.0456 3148 rdpdr - ok
23:43:54.0487 3148 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
23:43:54.0549 3148 RDPENCDD - ok
23:43:54.0596 3148 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
23:43:54.0612 3148 RDPWD - ok
23:43:54.0674 3148 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
23:43:54.0721 3148 rimmptsk - ok
23:43:54.0752 3148 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
23:43:54.0783 3148 rimsptsk - ok
23:43:54.0799 3148 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
23:43:54.0830 3148 rismxdp - ok
23:43:54.0892 3148 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
23:43:54.0924 3148 rspndr - ok
23:43:54.0955 3148 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:43:54.0970 3148 sbp2port - ok
23:43:55.0048 3148 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
23:43:55.0080 3148 sdbus - ok
23:43:55.0126 3148 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:43:55.0204 3148 secdrv - ok
23:43:55.0251 3148 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:43:55.0282 3148 Serenum - ok
23:43:55.0329 3148 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:43:55.0376 3148 Serial - ok
23:43:55.0407 3148 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
23:43:55.0438 3148 sermouse - ok
23:43:55.0485 3148 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
23:43:55.0501 3148 sffdisk - ok
23:43:55.0548 3148 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
23:43:55.0594 3148 sffp_mmc - ok
23:43:55.0657 3148 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:43:55.0704 3148 sffp_sd - ok
23:43:55.0750 3148 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
23:43:55.0813 3148 sfloppy - ok
23:43:55.0875 3148 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
23:43:55.0891 3148 sisagp - ok
23:43:55.0922 3148 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
23:43:55.0922 3148 SiSRaid2 - ok
23:43:55.0953 3148 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
23:43:55.0969 3148 SiSRaid4 - ok
23:43:56.0047 3148 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
23:43:56.0094 3148 Smb - ok
23:43:56.0156 3148 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
23:43:56.0172 3148 spldr - ok
23:43:56.0250 3148 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
23:43:56.0328 3148 srv - ok
23:43:56.0390 3148 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
23:43:56.0437 3148 srv2 - ok
23:43:56.0484 3148 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
23:43:56.0530 3148 srvnet - ok
23:43:56.0608 3148 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
23:43:56.0671 3148 STHDA - ok
23:43:56.0733 3148 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
23:43:56.0749 3148 swenum - ok
23:43:56.0780 3148 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:43:56.0796 3148 Symc8xx - ok
23:43:56.0811 3148 SymIM - ok
23:43:56.0827 3148 SymIMMP - ok
23:43:56.0858 3148 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:43:56.0874 3148 Sym_hi - ok
23:43:56.0889 3148 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:43:57.0092 3148 Sym_u3 - ok
23:43:58.0184 3148 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
23:43:58.0246 3148 Tcpip - ok
23:44:00.0430 3148 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
23:44:00.0508 3148 Tcpip6 - ok
23:44:02.0256 3148 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
23:44:02.0287 3148 tcpipreg - ok
23:44:03.0192 3148 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
23:44:03.0722 3148 TDPIPE - ok
23:44:03.0862 3148 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
23:44:03.0878 3148 TDTCP - ok
23:44:03.0956 3148 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
23:44:03.0987 3148 tdx - ok
23:44:04.0065 3148 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
23:44:04.0081 3148 TermDD - ok
23:44:04.0190 3148 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:44:04.0221 3148 tssecsrv - ok
23:44:04.0268 3148 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
23:44:04.0315 3148 tunmp - ok
23:44:04.0377 3148 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
23:44:04.0408 3148 tunnel - ok
23:44:04.0471 3148 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
23:44:04.0486 3148 uagp35 - ok
23:44:04.0549 3148 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
23:44:04.0627 3148 udfs - ok
23:44:04.0674 3148 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
23:44:04.0689 3148 uliagpkx - ok
23:44:04.0752 3148 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
23:44:04.0767 3148 uliahci - ok
23:44:04.0830 3148 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:44:04.0845 3148 UlSata - ok
23:44:04.0876 3148 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:44:04.0892 3148 ulsata2 - ok
23:44:04.0923 3148 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
23:44:04.0970 3148 umbus - ok
23:44:05.0017 3148 USBAAPL - ok
23:44:05.0064 3148 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
23:44:05.0079 3148 usbccgp - ok
23:44:05.0157 3148 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:44:05.0251 3148 usbcir - ok
23:44:05.0298 3148 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
23:44:05.0344 3148 usbehci - ok
23:44:05.0391 3148 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
23:44:05.0438 3148 usbhub - ok
23:44:05.0485 3148 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
23:44:05.0532 3148 usbohci - ok
23:44:05.0610 3148 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
23:44:05.0641 3148 usbprint - ok
23:44:05.0688 3148 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
23:44:05.0734 3148 usbscan - ok
23:44:05.0781 3148 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:44:05.0812 3148 USBSTOR - ok
23:44:05.0859 3148 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
23:44:05.0875 3148 usbuhci - ok
23:44:05.0922 3148 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
23:44:05.0984 3148 vga - ok
23:44:06.0015 3148 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
23:44:06.0078 3148 VgaSave - ok
23:44:06.0109 3148 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
23:44:06.0124 3148 viaagp - ok
23:44:06.0156 3148 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
23:44:06.0249 3148 ViaC7 - ok
23:44:06.0296 3148 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
23:44:06.0312 3148 viaide - ok
23:44:06.0343 3148 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
23:44:06.0358 3148 volmgr - ok
23:44:06.0421 3148 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
23:44:06.0436 3148 volmgrx - ok
23:44:06.0514 3148 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
23:44:06.0530 3148 volsnap - ok
23:44:06.0561 3148 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
23:44:06.0577 3148 vsmraid - ok
23:44:06.0624 3148 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:44:06.0702 3148 WacomPen - ok
23:44:06.0733 3148 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:44:06.0764 3148 Wanarp - ok
23:44:06.0764 3148 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:44:06.0795 3148 Wanarpv6 - ok
23:44:06.0826 3148 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
23:44:06.0842 3148 Wd - ok
23:44:06.0889 3148 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
23:44:06.0920 3148 Wdf01000 - ok
23:44:07.0029 3148 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:44:07.0076 3148 winachsf - ok
23:44:07.0170 3148 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:44:07.0263 3148 WmiAcpi - ok
23:44:07.0341 3148 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
23:44:07.0372 3148 WpdUsb - ok
23:44:07.0419 3148 WRkrn (85186d540e12130ae3f697e353960192) C:\Windows\system32\drivers\WRkrn.sys
23:44:07.0435 3148 WRkrn - ok
23:44:07.0466 3148 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
23:44:07.0513 3148 ws2ifsl - ok
23:44:07.0575 3148 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:44:07.0622 3148 WUDFRd - ok
23:44:07.0684 3148 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
23:44:07.0700 3148 XAudio - ok
23:44:07.0778 3148 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
23:44:07.0840 3148 yukonwlh - ok
23:44:07.0887 3148 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
23:44:08.0074 3148 \Device\Harddisk0\DR0 - ok
23:44:08.0106 3148 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
23:44:08.0106 3148 \Device\Harddisk0\DR0\Partition0 - ok
23:44:08.0121 3148 Boot (0x1200) (41dbb759b57d680d16c70a93c45a090f) \Device\Harddisk0\DR0\Partition1
23:44:08.0121 3148 \Device\Harddisk0\DR0\Partition1 - ok
23:44:08.0121 3148 ============================================================
23:44:08.0121 3148 Scan finished
23:44:08.0121 3148 ============================================================
23:44:08.0137 3716 Detected object count: 1
23:44:08.0137 3716 Actual detected object count: 1
23:44:42.0909 3716 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:42.0909 3716 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip














I do not know if this helps but I had downloaded and used this program before. I did download the version you told me and ran it. However, when I was obtaining the text file to copy I found the one from previously. That time too it found nothing on the first run. When I changed the parameters it found the same thing. The results were similar. My Webroot stills says it is infected. Thanks

This is the last bit from the log. I could not include all in this post as it made it too long.





22:25:19.0453 2856 ============================================================
22:25:19.0453 2856 Scan finished
22:25:19.0453 2856 ============================================================
22:25:19.0469 0740 Detected object count: 1
22:25:19.0469 0740 Actual detected object count: 1
22:25:39.0561 0740 HKLM\SYSTEM\ControlSet001\services\BrPar - will be deleted on reboot
22:25:39.0577 0740 HKLM\SYSTEM\ControlSet002\services\BrPar - will be deleted on reboot
22:25:39.0671 0740 C:\Windows\System32\drivers\BrPar.sys - will be deleted on reboot
22:25:39.0671 0740 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:26:09.0935 4480 Deinitialize success

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 31 January 2012 - 12:53 AM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 31 January 2012 - 10:26 PM

I ran the program. at first it shut down my machine as I forgot to shut down webroot. I did and ran it. It identified two lines as infected. I was not sure if I should run the fix or not so did not. I have pasted in the log. Thanks Lily

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-01-31 22:17:23
-----------------------------
22:17:23.341 OS Version: Windows 6.0.6002 Service Pack 2
22:17:23.341 Number of processors: 2 586 0xF0D
22:17:23.357 ComputerName: OWNER-PC UserName: Owner
22:17:25.010 Initialize success
22:17:36.570 AVAST engine defs: 12013100
22:18:00.563 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:18:00.563 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
22:18:00.610 Disk 0 MBR read successfully
22:18:00.610 Disk 0 MBR scan
22:18:00.610 Disk 0 Windows VISTA default MBR code
22:18:00.625 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:18:00.625 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
22:18:00.641 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 225874 MB offset 20561920
22:18:00.656 Disk 0 Partition - 00 0F Extended LBA 2559 MB offset 483153920
22:18:00.703 Disk 0 Partition 4 00 DD MSDOS5.0 2558 MB offset 483155968
22:18:00.703 Disk 0 scanning sectors +488394752
22:18:00.766 Disk 0 scanning C:\Windows\system32\drivers
22:18:06.272 File: C:\Windows\system32\drivers\netbt.sys **INFECTED** Win32:Aluroot-B [Rtk]
22:18:11.108 Disk 0 trace - called modules:
22:18:11.124 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
22:18:11.124 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a47ac8]
22:18:11.124 3 CLASSPNP.SYS[8a7ac8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85903030]
22:18:12.637 AVAST engine scan C:\Windows
22:18:16.444 AVAST engine scan C:\Windows\system32
22:21:39.836 AVAST engine scan C:\Windows\system32\drivers
22:21:48.416 File: C:\Windows\system32\drivers\netbt.sys **INFECTED** Win32:Aluroot-B [Rtk]
22:22:00.725 AVAST engine scan C:\Users\Owner
22:22:24.016 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
22:22:24.031 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 01 February 2012 - 07:14 AM

Hello


SystemLook:

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
:filefind
netbt.sys
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 01 February 2012 - 11:19 PM

Hello,
I ran the SystemLook. Here are the results. Thanks



SystemLook 30.07.11 by jpshortstuff
Log created at 23:12 on 01/02/2012 by Owner
Administrator - Elevation successful

========== filefind ==========

Searching for "netbt.sys"
C:\Windows\System32\drivers\netbt.sys ------- 185856 bytes [00:21 21/10/2009] [04:45 11/04/2009] 635F9E72BB66AFDDAA4DFEEDF622FF1F
C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys --a---- 184320 bytes [02:24 21/01/2008] [02:24 21/01/2008] 7C5FEE5B1C5728507CD96FB4A13E7A02

-= EOF =-

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 01 February 2012 - 11:26 PM

Hello


I think this one is going to hard to replace but lets try it this way first


:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

FCopy::
C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys | C:\Windows\System32\drivers\netbt.sys

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 lilylee

lilylee
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:32 AM

Posted 02 February 2012 - 12:59 AM

I did what you directed. Combo fix ran for 50 minutes and I stopped it because it seemed to be running so long. It had said it should be 10-20 minutes. The previous time it ran for an hour but still no result. There was no log. Please let me know if it should run so long.

The computer does not seem to be having major problems. I got another notice that the recycle bin was corrupted and was asked whether I wanted it deleted. I agreed. There are times when it runs hard for a while for no obvious reason.

Thanks,
Lily




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users