Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine results redirected


  • This topic is locked This topic is locked
5 replies to this topic

#1 Jason121

Jason121

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 28 January 2012 - 12:53 AM

Hi!
I'm using a netbook running Windows 7 starter. Any Google searches using Chrome are redirected to a random website (abnow.com/xxxx) when I click on the search result link. I've tried numerous malware removal software (Malwarebytes and HitMan Pro 3.6) with no avail. Any help on this issue would be greatly appreciated! Thanks,
Jason

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:03 PM

Posted 28 January 2012 - 10:14 AM

Hello and welcome. Please eun these now.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jason121

Jason121
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 28 January 2012 - 11:35 AM

Thanks for you help! I tried all the recommended operations, but the virus still persists after reboot (reboots were needed after TDSSKiller and Malwarebytes). There was an error during the MinitoolBox execution complaining about missing ordinal 1108 in the WSOCK32.dll. (title) nslookup.exe - Ordinal Not Found (content) The ordinal 1108 could not be located in the dynamic link library WSOCK32.dll. Below are all the log files. Please let me know what are the next recommended steps. Thanks!

MiniToolBox Result log -
***********************

MiniToolBox by Farbar Version: 18-01-2012
Ran by Jason (administrator) on 28-01-2012 at 07:50:00
Microsoft Windows 7 Starter (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?$$ subinterface=ethernet_10 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jason-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
Physical Address. . . . . . . . . : 00-1B-B1-D1-AD-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : 00-1B-B1-A5-86-66
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::38c7:fa67:e05d:d466%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 28, 2012 7:38:29 AM
Lease Expires . . . . . . . . . . : Sunday, January 29, 2012 7:38:29 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 352328625
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-22-C9-80-00-24-54-B5-39-97
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : kla-tencor.com
Description . . . . . . . . . . . : Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : E8-11-32-0F-F8-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.kla-tencor.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BB418708-78AA-48C6-80C0-D4E9477A9908}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.224.52] with 32 bytes of data:
Reply from 74.125.224.52: bytes=32 time=17ms TTL=55
Reply from 74.125.224.52: bytes=32 time=23ms TTL=55

Ping statistics for 74.125.224.52:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 23ms, Average = 20ms

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=60ms TTL=50
Reply from 209.191.122.70: bytes=32 time=60ms TTL=50

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 60ms, Average = 60ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 1b b1 d1 ad 50 ......Bluetooth Device (Personal Area Network) #2
14...00 1b b1 a5 86 66 ......Broadcom 802.11n Network Adapter
11...e8 11 32 0f f8 ab ......Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 281 fe80::/64 On-link
14 281 fe80::38c7:fa67:e05d:d466/128
On-link
1 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/27/2012 07:32:02 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

Error: (01/17/2012 07:45:45 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/14/2012 07:42:24 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/25/2011 05:46:25 AM) (Source: Application Virtualization Client) (User: )
Description: {tid=BD8}
The Application Virtualization Client could not connect to stream URL 'file://C:\ProgramData\VirtualizedApplications\Patch_ready\{90140011-0066-0409-0000-0000000FF1CE}\f5206461-b2a1-4aaa-bba9-5d9cf07b2fb4.dsft' (rc 27A02A0A-30007003, original rc 27A02A0A-30007003).

Error: (12/23/2011 00:02:41 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/19/2011 07:36:11 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/17/2011 07:08:07 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/05/2011 06:07:38 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (11/29/2011 08:01:54 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 15.0.874.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 130c

Start Time: 01cca3558f6e895f

Termination Time: 1826

Application Path: C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 01b36469-1b08-11e1-ab0a-001bb1d1ad50

Error: (11/20/2011 03:47:18 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved


System errors:
=============
Error: (01/28/2012 07:38:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (01/28/2012 07:38:25 AM) (Source: Service Control Manager) (User: )
Description: The Pdagent service terminated with the following error:
%%126

Error: (01/28/2012 07:38:25 AM) (Source: Service Control Manager) (User: )
Description: The Us30sys service terminated with the following error:
%%126

Error: (01/28/2012 07:38:25 AM) (Source: Service Control Manager) (User: )
Description: The PCDCODEC service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The SE2Cmdfl service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The MobilityService service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The Samfilt service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The NwSapAgent service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The NMSCFG service terminated with the following error:
%%126

Error: (01/28/2012 07:38:24 AM) (Source: Service Control Manager) (User: )
Description: The NTIDrvr service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (01/27/2012 07:32:02 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

Error: (01/17/2012 07:45:45 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/14/2012 07:42:24 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/25/2011 05:46:25 AM) (Source: Application Virtualization Client)(User: )
Description: {tid=BD8}
file://C:\ProgramData\VirtualizedApplications\Patch_ready\{90140011-0066-0409-0000-0000000FF1CE}\f5206461-b2a1-4aaa-bba9-5d9cf07b2fb4.dsft27A02A0A-3000700327A02A0A-30007003

Error: (12/23/2011 00:02:41 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/19/2011 07:36:11 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/17/2011 07:08:07 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/05/2011 06:07:38 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (11/29/2011 08:01:54 PM) (Source: Application Hang)(User: )
Description: chrome.exe15.0.874.120130c01cca3558f6e895f1826C:\Users\Jason\AppData\Local\Google\Chrome\Application\chrome.exe01b36469-1b08-11e1-ab0a-001bb1d1ad50

Error: (11/20/2011 03:47:18 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved


=========================== Installed Programs ============================

2XL Games Launcher (Version: 1.00.0000)
2XL Supercross (Version: 1.00.0000)
2XL Trophylite Rally (Version: 1.00.0000)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.1 (Version: 9.1.0)
Alice Greenfingers
Amazon MP3 Downloader 1.0.10
Atheros Client Installation Program (Version: 1.0.5.0621)
BatteryLifeExtender (Version: 1.0.6)
Bing Bar (Version: 6.0.2237.0)
Bing Bar Platform (Version: 6.0.2237.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonbon Quest
Broadcom 802.11 Network Adapter (Version: 5.60.48.44)
Cake Mania
CyberLink YouCam (Version: 2.0.3911)
Daycare Nightmare
DealPly (Version: )
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Network Manager (Version: 4.4.1)
Easy SpeedUp Manager (Version: 2.1.0.15)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.3)
Fast Start (Version: 2.2.0.0)
Flip Words
FoxTab PDF Converter
Galapago
Game Pack (Version: 6.3.1.1)
Gem Shop
Google Chrome (Version: 16.0.912.77)
HitmanPro 3.6 (Version: 3.6.0.138)
Insaniquarium Deluxe
Intel® Graphics Media Accelerator Driver (Version: 8.14.10.2117)
Intel® Matrix Storage Manager
Junk Mail filter update (Version: 14.0.8117.416)
Mahjong Escape Ancient China
Marvell Miniport Driver (Version: 11.24.27.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Movie Color Enhancer (Version: 1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MultimediaPOP (Version: 1.1)
Picasa 3 (Version: 3.8)
Realtek High Definition Audio Driver (Version: 6.0.1.6171)
Samsung AnyWeb Print (Version: 1.0)
Samsung AnyWeb Print (Version: 1.1.19.0)
Samsung Recovery Solution 5 (Version: 5.0.0.7)
Samsung Support Center (Version: 1.1.18)
Samsung Universal Print Driver (Version: 2.01.06.00:16)
Samsung Universal Scan Driver (Version: 1.2.1.0)
Samsung Update Plus (Version: 3.0.0.17)
Skype™ 4.2 (Version: 4.2.169)
Slingo
Spotify (Version: 0.5.2)
SRS Premium Sound Control Panel (Version: 1.8.7900)
StartNow Toolbar (Version: 2.3.0)
Synaptics Pointing Device Driver (Version: 15.0.22.0)
User Guide (Version: 1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.6200)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 85%
Total physical RAM: 1013.3 MB
Available physical RAM: 142.14 MB
Total Pagefile: 2037.3 MB
Available Pagefile: 1029.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:88 GB) (Free:21.64 GB) NTFS
2 Drive d: () (Fixed) (Total:131.63 GB) (Free:131.39 GB) NTFS

========================= Users: ========================================

User accounts for \\JASON-PC

Administrator Guest Jason

========================= Minidump Files ==================================

No minidump file found

**** End of log ****
***********************************

TDSSKiller Log -
***********************************

07:53:56.0266 2780 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
07:53:56.0829 2780 ============================================================
07:53:56.0829 2780 Current date / time: 2012/01/28 07:53:56.0829
07:53:56.0829 2780 SystemInfo:
07:53:56.0829 2780
07:53:56.0829 2780 OS Version: 6.1.7600 ServicePack: 0.0
07:53:56.0830 2780 Product type: Workstation
07:53:56.0830 2780 ComputerName: JASON-PC
07:53:56.0830 2780 UserName: Jason
07:53:56.0830 2780 Windows directory: C:\windows
07:53:56.0830 2780 System windows directory: C:\windows
07:53:56.0830 2780 Processor architecture: Intel x86
07:53:56.0830 2780 Number of processors: 4
07:53:56.0830 2780 Page size: 0x1000
07:53:56.0830 2780 Boot type: Normal boot
07:53:56.0830 2780 ============================================================
07:53:57.0597 2780 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:53:57.0716 2780 Initialize success
07:54:13.0258 3136 ============================================================
07:54:13.0258 3136 Scan started
07:54:13.0258 3136 Mode: Manual;
07:54:13.0258 3136 ============================================================
07:54:14.0927 3136 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
07:54:14.0933 3136 1394ohci - ok
07:54:15.0097 3136 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
07:54:15.0104 3136 ACPI - ok
07:54:15.0198 3136 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
07:54:15.0198 3136 AcpiPmi - ok
07:54:15.0338 3136 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
07:54:15.0348 3136 adp94xx - ok
07:54:15.0464 3136 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
07:54:15.0471 3136 adpahci - ok
07:54:15.0586 3136 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
07:54:15.0591 3136 adpu320 - ok
07:54:15.0761 3136 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
07:54:15.0768 3136 AFD - ok
07:54:15.0866 3136 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
07:54:15.0869 3136 agp440 - ok
07:54:15.0983 3136 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
07:54:15.0987 3136 aic78xx - ok
07:54:16.0105 3136 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
07:54:16.0107 3136 aliide - ok
07:54:16.0216 3136 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
07:54:16.0219 3136 amdagp - ok
07:54:16.0326 3136 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
07:54:16.0329 3136 amdide - ok
07:54:16.0423 3136 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
07:54:16.0438 3136 AmdK8 - ok
07:54:16.0547 3136 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
07:54:16.0550 3136 AmdPPM - ok
07:54:16.0674 3136 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
07:54:16.0678 3136 amdsata - ok
07:54:16.0790 3136 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
07:54:16.0796 3136 amdsbs - ok
07:54:16.0892 3136 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
07:54:16.0895 3136 amdxata - ok
07:54:16.0994 3136 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
07:54:16.0998 3136 AppID - ok
07:54:17.0135 3136 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
07:54:17.0138 3136 arc - ok
07:54:17.0236 3136 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
07:54:17.0239 3136 arcsas - ok
07:54:17.0368 3136 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
07:54:17.0372 3136 AsyncMac - ok
07:54:17.0566 3136 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
07:54:17.0569 3136 atapi - ok
07:54:17.0711 3136 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
07:54:17.0736 3136 b06bdrv - ok
07:54:17.0837 3136 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
07:54:17.0843 3136 b57nd60x - ok
07:54:18.0029 3136 BCM43XX (2a61f5c96032afdb0a6171cc591472f7) C:\windows\system32\DRIVERS\bcmwl6.sys
07:54:18.0087 3136 BCM43XX - ok
07:54:18.0216 3136 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
07:54:18.0218 3136 Beep - ok
07:54:18.0317 3136 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
07:54:18.0321 3136 blbdrive - ok
07:54:18.0431 3136 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
07:54:18.0435 3136 bowser - ok
07:54:18.0522 3136 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
07:54:18.0524 3136 BrFiltLo - ok
07:54:18.0619 3136 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
07:54:18.0622 3136 BrFiltUp - ok
07:54:18.0731 3136 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
07:54:18.0738 3136 Brserid - ok
07:54:18.0825 3136 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
07:54:18.0825 3136 BrSerWdm - ok
07:54:18.0919 3136 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
07:54:18.0935 3136 BrUsbMdm - ok
07:54:19.0030 3136 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
07:54:19.0032 3136 BrUsbSer - ok
07:54:19.0147 3136 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
07:54:19.0150 3136 BthEnum - ok
07:54:19.0243 3136 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
07:54:19.0246 3136 BTHMODEM - ok
07:54:19.0354 3136 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
07:54:19.0358 3136 BthPan - ok
07:54:19.0494 3136 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
07:54:19.0503 3136 BTHPORT - ok
07:54:19.0630 3136 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
07:54:19.0633 3136 BTHUSB - ok
07:54:19.0746 3136 btwampfl (525432cfd6d8c004860af7ecd0a84234) C:\windows\system32\drivers\btwampfl.sys
07:54:19.0754 3136 btwampfl - ok
07:54:19.0857 3136 btwaudio (cf8799a563f734984d4e053cacec1426) C:\windows\system32\drivers\btwaudio.sys
07:54:19.0861 3136 btwaudio - ok
07:54:19.0975 3136 btwavdt (9ed9932043d599aea04f6ea2d86964a1) C:\windows\system32\DRIVERS\btwavdt.sys
07:54:19.0979 3136 btwavdt - ok
07:54:20.0087 3136 btwl2cap (de53089f0678cb5f0afeb867acb0fb05) C:\windows\system32\DRIVERS\btwl2cap.sys
07:54:20.0087 3136 btwl2cap - ok
07:54:20.0196 3136 btwrchid (373d1bb0f7dc8f1931f9b7e0de3e9a30) C:\windows\system32\DRIVERS\btwrchid.sys
07:54:20.0199 3136 btwrchid - ok
07:54:20.0313 3136 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
07:54:20.0318 3136 cdfs - ok
07:54:20.0429 3136 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
07:54:20.0433 3136 cdrom - ok
07:54:20.0558 3136 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
07:54:20.0561 3136 circlass - ok
07:54:20.0646 3136 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
07:54:20.0651 3136 CLFS - ok
07:54:20.0760 3136 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
07:54:20.0764 3136 CmBatt - ok
07:54:20.0850 3136 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
07:54:20.0853 3136 cmdide - ok
07:54:20.0952 3136 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys
07:54:20.0961 3136 CNG - ok
07:54:21.0062 3136 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
07:54:21.0065 3136 Compbatt - ok
07:54:21.0161 3136 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
07:54:21.0163 3136 CompositeBus - ok
07:54:21.0255 3136 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
07:54:21.0270 3136 crcdisk - ok
07:54:21.0417 3136 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
07:54:21.0421 3136 DfsC - ok
07:54:21.0521 3136 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
07:54:21.0522 3136 discache - ok
07:54:21.0636 3136 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
07:54:21.0640 3136 Disk - ok
07:54:21.0792 3136 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
07:54:21.0795 3136 drmkaud - ok
07:54:21.0919 3136 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
07:54:21.0934 3136 DXGKrnl - ok
07:54:22.0146 3136 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
07:54:22.0254 3136 ebdrv - ok
07:54:22.0384 3136 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
07:54:22.0395 3136 elxstor - ok
07:54:22.0435 3136 EraserUtilDrv11010 - ok
07:54:22.0451 3136 EraserUtilDrvI13 - ok
07:54:22.0545 3136 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
07:54:22.0545 3136 ErrDev - ok
07:54:22.0667 3136 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
07:54:22.0672 3136 exfat - ok
07:54:22.0788 3136 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
07:54:22.0792 3136 fastfat - ok
07:54:22.0894 3136 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
07:54:22.0897 3136 fdc - ok
07:54:23.0008 3136 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
07:54:23.0011 3136 FileInfo - ok
07:54:23.0113 3136 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
07:54:23.0116 3136 Filetrace - ok
07:54:23.0208 3136 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
07:54:23.0211 3136 flpydisk - ok
07:54:23.0310 3136 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
07:54:23.0315 3136 FltMgr - ok
07:54:23.0419 3136 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
07:54:23.0422 3136 FsDepends - ok
07:54:23.0533 3136 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\windows\system32\DRIVERS\fssfltr.sys
07:54:23.0536 3136 fssfltr - ok
07:54:23.0633 3136 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
07:54:23.0633 3136 Fs_Rec - ok
07:54:23.0758 3136 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
07:54:23.0773 3136 fvevol - ok
07:54:23.0878 3136 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
07:54:23.0882 3136 gagp30kx - ok
07:54:24.0005 3136 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
07:54:24.0008 3136 hcw85cir - ok
07:54:24.0124 3136 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
07:54:24.0132 3136 HdAudAddService - ok
07:54:24.0236 3136 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
07:54:24.0240 3136 HDAudBus - ok
07:54:24.0349 3136 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
07:54:24.0352 3136 HidBatt - ok
07:54:24.0455 3136 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
07:54:24.0458 3136 HidBth - ok
07:54:24.0569 3136 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
07:54:24.0572 3136 HidIr - ok
07:54:24.0698 3136 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
07:54:24.0701 3136 HidUsb - ok
07:54:24.0833 3136 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
07:54:24.0836 3136 HpSAMD - ok
07:54:24.0968 3136 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
07:54:24.0983 3136 HTTP - ok
07:54:25.0089 3136 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
07:54:25.0091 3136 hwpolicy - ok
07:54:25.0203 3136 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
07:54:25.0207 3136 i8042prt - ok
07:54:25.0320 3136 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys
07:54:25.0325 3136 iaStor - ok
07:54:25.0447 3136 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
07:54:25.0455 3136 iaStorV - ok
07:54:25.0696 3136 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\windows\system32\DRIVERS\igdkmd32.sys
07:54:25.0836 3136 igfx - ok
07:54:26.0007 3136 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
07:54:26.0011 3136 iirsp - ok
07:54:26.0223 3136 IntcAzAudAddService (8c92829ccae93139b90c46389fbef4cf) C:\windows\system32\drivers\RTKVHDA.sys
07:54:26.0278 3136 IntcAzAudAddService - ok
07:54:26.0374 3136 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
07:54:26.0377 3136 intelide - ok
07:54:26.0492 3136 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
07:54:26.0496 3136 intelppm - ok
07:54:26.0603 3136 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
07:54:26.0606 3136 IpFilterDriver - ok
07:54:26.0703 3136 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
07:54:26.0707 3136 IPMIDRV - ok
07:54:26.0804 3136 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
07:54:26.0808 3136 IPNAT - ok
07:54:26.0923 3136 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
07:54:26.0925 3136 IRENUM - ok
07:54:27.0019 3136 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
07:54:27.0022 3136 isapnp - ok
07:54:27.0124 3136 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
07:54:27.0130 3136 iScsiPrt - ok
07:54:27.0243 3136 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
07:54:27.0246 3136 kbdclass - ok
07:54:27.0354 3136 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
07:54:27.0354 3136 kbdhid - ok
07:54:27.0462 3136 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys
07:54:27.0465 3136 KSecDD - ok
07:54:27.0572 3136 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys
07:54:27.0577 3136 KSecPkg - ok
07:54:27.0756 3136 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
07:54:27.0760 3136 lltdio - ok
07:54:27.0886 3136 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
07:54:27.0890 3136 LSI_FC - ok
07:54:27.0998 3136 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
07:54:28.0002 3136 LSI_SAS - ok
07:54:28.0109 3136 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
07:54:28.0113 3136 LSI_SAS2 - ok
07:54:28.0213 3136 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
07:54:28.0217 3136 LSI_SCSI - ok
07:54:28.0322 3136 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
07:54:28.0326 3136 luafv - ok
07:54:28.0432 3136 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
07:54:28.0435 3136 megasas - ok
07:54:28.0545 3136 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
07:54:28.0545 3136 MegaSR - ok
07:54:28.0666 3136 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
07:54:28.0669 3136 Modem - ok
07:54:28.0775 3136 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
07:54:28.0777 3136 monitor - ok
07:54:28.0875 3136 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
07:54:28.0878 3136 mouclass - ok
07:54:29.0000 3136 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
07:54:29.0002 3136 mouhid - ok
07:54:29.0105 3136 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
07:54:29.0108 3136 mountmgr - ok
07:54:29.0206 3136 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
07:54:29.0211 3136 mpio - ok
07:54:29.0308 3136 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
07:54:29.0312 3136 mpsdrv - ok
07:54:29.0415 3136 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
07:54:29.0420 3136 MRxDAV - ok
07:54:29.0519 3136 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
07:54:29.0523 3136 mrxsmb - ok
07:54:29.0624 3136 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
07:54:29.0631 3136 mrxsmb10 - ok
07:54:29.0783 3136 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
07:54:29.0783 3136 mrxsmb20 - ok
07:54:29.0886 3136 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
07:54:29.0890 3136 msahci - ok
07:54:30.0018 3136 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
07:54:30.0022 3136 msdsm - ok
07:54:30.0147 3136 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
07:54:30.0150 3136 Msfs - ok
07:54:30.0250 3136 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
07:54:30.0255 3136 mshidkmdf - ok
07:54:30.0354 3136 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
07:54:30.0356 3136 msisadrv - ok
07:54:30.0490 3136 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
07:54:30.0494 3136 MSKSSRV - ok
07:54:30.0599 3136 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
07:54:30.0602 3136 MSPCLOCK - ok
07:54:30.0715 3136 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
07:54:30.0719 3136 MSPQM - ok
07:54:30.0817 3136 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
07:54:30.0822 3136 MsRPC - ok
07:54:30.0916 3136 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
07:54:30.0916 3136 mssmbios - ok
07:54:31.0026 3136 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
07:54:31.0026 3136 MSTEE - ok
07:54:31.0131 3136 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
07:54:31.0134 3136 MTConfig - ok
07:54:31.0240 3136 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
07:54:31.0243 3136 Mup - ok
07:54:31.0375 3136 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
07:54:31.0382 3136 NativeWifiP - ok
07:54:31.0504 3136 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
07:54:31.0517 3136 NDIS - ok
07:54:31.0621 3136 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
07:54:31.0624 3136 NdisCap - ok
07:54:31.0739 3136 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
07:54:31.0742 3136 NdisTapi - ok
07:54:31.0842 3136 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
07:54:31.0846 3136 Ndisuio - ok
07:54:31.0941 3136 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
07:54:31.0946 3136 NdisWan - ok
07:54:32.0044 3136 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
07:54:32.0047 3136 NDProxy - ok
07:54:32.0156 3136 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
07:54:32.0156 3136 NetBIOS - ok
07:54:32.0255 3136 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
07:54:32.0260 3136 NetBT - ok
07:54:32.0398 3136 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
07:54:32.0402 3136 nfrd960 - ok
07:54:32.0522 3136 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
07:54:32.0525 3136 Npfs - ok
07:54:32.0627 3136 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
07:54:32.0628 3136 nsiproxy - ok
07:54:32.0764 3136 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
07:54:32.0787 3136 Ntfs - ok
07:54:32.0883 3136 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
07:54:32.0888 3136 Null - ok
07:54:32.0991 3136 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
07:54:32.0996 3136 nvraid - ok
07:54:33.0103 3136 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
07:54:33.0108 3136 nvstor - ok
07:54:33.0206 3136 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
07:54:33.0211 3136 nv_agp - ok
07:54:33.0300 3136 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
07:54:33.0300 3136 ohci1394 - ok
07:54:33.0441 3136 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
07:54:33.0441 3136 Parport - ok
07:54:33.0545 3136 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
07:54:33.0549 3136 partmgr - ok
07:54:33.0642 3136 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
07:54:33.0649 3136 Parvdm - ok
07:54:33.0754 3136 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
07:54:33.0759 3136 pci - ok
07:54:33.0857 3136 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
07:54:33.0860 3136 pciide - ok
07:54:33.0963 3136 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
07:54:33.0970 3136 pcmcia - ok
07:54:34.0069 3136 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
07:54:34.0073 3136 pcw - ok
07:54:34.0214 3136 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
07:54:34.0227 3136 PEAUTH - ok
07:54:34.0414 3136 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
07:54:34.0418 3136 PptpMiniport - ok
07:54:34.0513 3136 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
07:54:34.0517 3136 Processor - ok
07:54:34.0660 3136 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
07:54:34.0660 3136 Psched - ok
07:54:34.0789 3136 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
07:54:34.0816 3136 ql2300 - ok
07:54:34.0910 3136 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
07:54:34.0915 3136 ql40xx - ok
07:54:35.0024 3136 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
07:54:35.0027 3136 QWAVEdrv - ok
07:54:35.0125 3136 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
07:54:35.0127 3136 RasAcd - ok
07:54:35.0228 3136 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
07:54:35.0231 3136 RasAgileVpn - ok
07:54:35.0346 3136 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
07:54:35.0350 3136 Rasl2tp - ok
07:54:35.0477 3136 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
07:54:35.0482 3136 RasPppoe - ok
07:54:35.0587 3136 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
07:54:35.0591 3136 RasSstp - ok
07:54:35.0725 3136 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
07:54:35.0725 3136 rdbss - ok
07:54:35.0819 3136 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
07:54:35.0835 3136 rdpbus - ok
07:54:35.0934 3136 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
07:54:35.0936 3136 RDPCDD - ok
07:54:36.0053 3136 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
07:54:36.0055 3136 RDPENCDD - ok
07:54:36.0158 3136 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
07:54:36.0160 3136 RDPREFMP - ok
07:54:36.0266 3136 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
07:54:36.0272 3136 RDPWD - ok
07:54:36.0382 3136 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
07:54:36.0388 3136 rdyboost - ok
07:54:36.0521 3136 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
07:54:36.0525 3136 RFCOMM - ok
07:54:36.0654 3136 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
07:54:36.0658 3136 rspndr - ok
07:54:36.0771 3136 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
07:54:36.0777 3136 RTL8167 - ok
07:54:36.0900 3136 rtport (41ce6b172542a9a227e34a45881e1d2a) C:\windows\system32\drivers\rtport.sys
07:54:36.0903 3136 rtport - ok
07:54:37.0013 3136 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
07:54:37.0013 3136 SABI - ok
07:54:37.0143 3136 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
07:54:37.0148 3136 sbp2port - ok
07:54:37.0253 3136 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
07:54:37.0256 3136 scfilter - ok
07:54:37.0408 3136 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
07:54:37.0412 3136 secdrv - ok
07:54:37.0541 3136 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
07:54:37.0544 3136 Serenum - ok
07:54:37.0668 3136 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
07:54:37.0673 3136 Serial - ok
07:54:37.0817 3136 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
07:54:37.0820 3136 sermouse - ok
07:54:37.0951 3136 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
07:54:37.0954 3136 sffdisk - ok
07:54:38.0056 3136 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
07:54:38.0059 3136 sffp_mmc - ok
07:54:38.0143 3136 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
07:54:38.0158 3136 sffp_sd - ok
07:54:38.0252 3136 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
07:54:38.0252 3136 sfloppy - ok
07:54:38.0381 3136 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\windows\system32\DRIVERS\Sftfslh.sys
07:54:38.0394 3136 Sftfs - ok
07:54:38.0509 3136 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\windows\system32\DRIVERS\Sftplaylh.sys
07:54:38.0514 3136 Sftplay - ok
07:54:38.0616 3136 Sftredir (6b1865d82e0290729ed7496c24275592) C:\windows\system32\DRIVERS\Sftredirlh.sys
07:54:38.0619 3136 Sftredir - ok
07:54:38.0711 3136 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\windows\system32\DRIVERS\Sftvollh.sys
07:54:38.0714 3136 Sftvol - ok
07:54:38.0838 3136 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
07:54:38.0842 3136 sisagp - ok
07:54:38.0952 3136 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
07:54:38.0955 3136 SiSRaid2 - ok
07:54:39.0059 3136 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
07:54:39.0063 3136 SiSRaid4 - ok
07:54:39.0180 3136 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
07:54:39.0184 3136 Smb - ok
07:54:39.0313 3136 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
07:54:39.0317 3136 spldr - ok
07:54:39.0461 3136 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
07:54:39.0461 3136 srv - ok
07:54:39.0574 3136 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
07:54:39.0582 3136 srv2 - ok
07:54:39.0696 3136 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
07:54:39.0701 3136 srvnet - ok
07:54:39.0822 3136 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
07:54:39.0825 3136 stexstor - ok
07:54:39.0940 3136 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
07:54:39.0943 3136 StillCam - ok
07:54:40.0055 3136 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
07:54:40.0059 3136 swenum - ok
07:54:40.0222 3136 SynTP (f586f4bc777b596f4713184777a80f56) C:\windows\system32\DRIVERS\SynTP.sys
07:54:40.0250 3136 SynTP - ok
07:54:40.0431 3136 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
07:54:40.0457 3136 Tcpip - ok
07:54:40.0600 3136 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
07:54:40.0615 3136 TCPIP6 - ok
07:54:40.0734 3136 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
07:54:40.0737 3136 tcpipreg - ok
07:54:40.0845 3136 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
07:54:40.0848 3136 TDPIPE - ok
07:54:40.0945 3136 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
07:54:40.0948 3136 TDTCP - ok
07:54:41.0049 3136 tdx (d705280a9fe3e718d3e1cc7ec6d4e824) C:\windows\system32\DRIVERS\tdx.sys
07:54:41.0054 3136 tdx ( Virus.Win32.ZAccess.c ) - infected
07:54:41.0054 3136 tdx - detected Virus.Win32.ZAccess.c (0)
07:54:41.0159 3136 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
07:54:41.0162 3136 TermDD - ok
07:54:41.0319 3136 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
07:54:41.0322 3136 tssecsrv - ok
07:54:41.0445 3136 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
07:54:41.0450 3136 tunnel - ok
07:54:41.0547 3136 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
07:54:41.0552 3136 uagp35 - ok
07:54:41.0656 3136 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
07:54:41.0664 3136 udfs - ok
07:54:41.0795 3136 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
07:54:41.0795 3136 uliagpkx - ok
07:54:41.0905 3136 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
07:54:41.0905 3136 umbus - ok
07:54:42.0024 3136 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
07:54:42.0027 3136 UmPass - ok
07:54:42.0139 3136 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\windows\system32\DRIVERS\usbccgp.sys
07:54:42.0144 3136 usbccgp - ok
07:54:42.0251 3136 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
07:54:42.0255 3136 usbcir - ok
07:54:42.0363 3136 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\windows\system32\drivers\usbehci.sys
07:54:42.0366 3136 usbehci - ok
07:54:42.0470 3136 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\windows\system32\DRIVERS\usbhub.sys
07:54:42.0477 3136 usbhub - ok
07:54:42.0560 3136 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\windows\system32\drivers\usbohci.sys
07:54:42.0563 3136 usbohci - ok
07:54:42.0660 3136 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
07:54:42.0663 3136 usbprint - ok
07:54:42.0767 3136 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
07:54:42.0771 3136 USBSTOR - ok
07:54:42.0870 3136 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\windows\system32\drivers\usbuhci.sys
07:54:42.0873 3136 usbuhci - ok
07:54:42.0976 3136 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
07:54:42.0981 3136 usbvideo - ok
07:54:43.0090 3136 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
07:54:43.0090 3136 vdrvroot - ok
07:54:43.0229 3136 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
07:54:43.0232 3136 vga - ok
07:54:43.0338 3136 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
07:54:43.0341 3136 VgaSave - ok
07:54:43.0439 3136 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
07:54:43.0444 3136 vhdmp - ok
07:54:43.0553 3136 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
07:54:43.0557 3136 viaagp - ok
07:54:43.0663 3136 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
07:54:43.0666 3136 ViaC7 - ok
07:54:43.0770 3136 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
07:54:43.0774 3136 viaide - ok
07:54:43.0897 3136 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
07:54:43.0901 3136 volmgr - ok
07:54:44.0010 3136 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
07:54:44.0017 3136 volmgrx - ok
07:54:44.0124 3136 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
07:54:44.0131 3136 volsnap - ok
07:54:44.0228 3136 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
07:54:44.0228 3136 vsmraid - ok
07:54:44.0338 3136 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
07:54:44.0338 3136 vwifibus - ok
07:54:44.0461 3136 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
07:54:44.0465 3136 vwififlt - ok
07:54:44.0582 3136 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
07:54:44.0585 3136 WacomPen - ok
07:54:44.0701 3136 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
07:54:44.0705 3136 WANARP - ok
07:54:44.0715 3136 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
07:54:44.0717 3136 Wanarpv6 - ok
07:54:44.0851 3136 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
07:54:44.0854 3136 Wd - ok
07:54:44.0953 3136 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\windows\system32\DRIVERS\wdcsam.sys
07:54:44.0955 3136 WDC_SAM - ok
07:54:45.0063 3136 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
07:54:45.0074 3136 Wdf01000 - ok
07:54:45.0231 3136 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
07:54:45.0234 3136 WfpLwf - ok
07:54:45.0344 3136 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
07:54:45.0347 3136 WIMMount - ok
07:54:45.0552 3136 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
07:54:45.0552 3136 WmiAcpi - ok
07:54:45.0733 3136 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
07:54:45.0738 3136 ws2ifsl - ok
07:54:45.0858 3136 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
07:54:45.0862 3136 WudfPf - ok
07:54:45.0965 3136 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
07:54:45.0970 3136 WUDFRd - ok
07:54:46.0104 3136 yukonw7 (49d10b542dacfbb0e2ebf3e59f83ef21) C:\windows\system32\DRIVERS\yk62x86.sys
07:54:46.0112 3136 yukonw7 - ok
07:54:46.0179 3136 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
07:54:46.0684 3136 \Device\Harddisk0\DR0 - ok
07:54:46.0699 3136 Boot (0x1200) (e571bb39c95b716b040b4e7fb7627df6) \Device\Harddisk0\DR0\Partition0
07:54:46.0699 3136 \Device\Harddisk0\DR0\Partition0 - ok
07:54:46.0731 3136 Boot (0x1200) (6f9a825a23cde9b82880f1df62ced4f3) \Device\Harddisk0\DR0\Partition1
07:54:46.0731 3136 \Device\Harddisk0\DR0\Partition1 - ok
07:54:46.0746 3136 Boot (0x1200) (1b220d3b4b3ab61d693771fc745a7c13) \Device\Harddisk0\DR0\Partition2
07:54:46.0762 3136 \Device\Harddisk0\DR0\Partition2 - ok
07:54:46.0762 3136 ============================================================
07:54:46.0762 3136 Scan finished
07:54:46.0762 3136 ============================================================
07:54:46.0801 5620 Detected object count: 1
07:54:46.0801 5620 Actual detected object count: 1
07:55:56.0181 5620 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\windows\system32\drivers\tdx.sys) error 1813
07:56:01.0242 5620 Backup copy found, using it..
07:56:01.0257 5620 C:\windows\system32\DRIVERS\tdx.sys - will be cured on reboot
07:56:10.0456 5620 tdx ( Virus.Win32.ZAccess.c ) - User select action: Cure
07:58:08.0892 3572 Deinitialize success

07:53:56.0266 2780 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
07:53:56.0829 2780 ============================================================
07:53:56.0829 2780 Current date / time: 2012/01/28 07:53:56.0829
07:53:56.0829 2780 SystemInfo:
07:53:56.0829 2780
07:53:56.0829 2780 OS Version: 6.1.7600 ServicePack: 0.0
07:53:56.0830 2780 Product type: Workstation
07:53:56.0830 2780 ComputerName: JASON-PC
07:53:56.0830 2780 UserName: Jason
07:53:56.0830 2780 Windows directory: C:\windows
07:53:56.0830 2780 System windows directory: C:\windows
07:53:56.0830 2780 Processor architecture: Intel x86
07:53:56.0830 2780 Number of processors: 4
07:53:56.0830 2780 Page size: 0x1000
07:53:56.0830 2780 Boot type: Normal boot
07:53:56.0830 2780 ============================================================
07:53:57.0597 2780 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:53:57.0716 2780 Initialize success
07:54:13.0258 3136 ============================================================
07:54:13.0258 3136 Scan started
07:54:13.0258 3136 Mode: Manual;
07:54:13.0258 3136 ============================================================
07:54:14.0927 3136 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
07:54:14.0933 3136 1394ohci - ok
07:54:15.0097 3136 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
07:54:15.0104 3136 ACPI - ok
07:54:15.0198 3136 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
07:54:15.0198 3136 AcpiPmi - ok
07:54:15.0338 3136 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
07:54:15.0348 3136 adp94xx - ok
07:54:15.0464 3136 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
07:54:15.0471 3136 adpahci - ok
07:54:15.0586 3136 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
07:54:15.0591 3136 adpu320 - ok
07:54:15.0761 3136 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
07:54:15.0768 3136 AFD - ok
07:54:15.0866 3136 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
07:54:15.0869 3136 agp440 - ok
07:54:15.0983 3136 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
07:54:15.0987 3136 aic78xx - ok
07:54:16.0105 3136 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
07:54:16.0107 3136 aliide - ok
07:54:16.0216 3136 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
07:54:16.0219 3136 amdagp - ok
07:54:16.0326 3136 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
07:54:16.0329 3136 amdide - ok
07:54:16.0423 3136 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
07:54:16.0438 3136 AmdK8 - ok
07:54:16.0547 3136 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
07:54:16.0550 3136 AmdPPM - ok
07:54:16.0674 3136 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
07:54:16.0678 3136 amdsata - ok
07:54:16.0790 3136 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
07:54:16.0796 3136 amdsbs - ok
07:54:16.0892 3136 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
07:54:16.0895 3136 amdxata - ok
07:54:16.0994 3136 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
07:54:16.0998 3136 AppID - ok
07:54:17.0135 3136 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
07:54:17.0138 3136 arc - ok
07:54:17.0236 3136 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
07:54:17.0239 3136 arcsas - ok
07:54:17.0368 3136 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
07:54:17.0372 3136 AsyncMac - ok
07:54:17.0566 3136 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
07:54:17.0569 3136 atapi - ok
07:54:17.0711 3136 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
07:54:17.0736 3136 b06bdrv - ok
07:54:17.0837 3136 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
07:54:17.0843 3136 b57nd60x - ok
07:54:18.0029 3136 BCM43XX (2a61f5c96032afdb0a6171cc591472f7) C:\windows\system32\DRIVERS\bcmwl6.sys
07:54:18.0087 3136 BCM43XX - ok
07:54:18.0216 3136 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
07:54:18.0218 3136 Beep - ok
07:54:18.0317 3136 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
07:54:18.0321 3136 blbdrive - ok
07:54:18.0431 3136 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
07:54:18.0435 3136 bowser - ok
07:54:18.0522 3136 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
07:54:18.0524 3136 BrFiltLo - ok
07:54:18.0619 3136 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
07:54:18.0622 3136 BrFiltUp - ok
07:54:18.0731 3136 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
07:54:18.0738 3136 Brserid - ok
07:54:18.0825 3136 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
07:54:18.0825 3136 BrSerWdm - ok
07:54:18.0919 3136 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
07:54:18.0935 3136 BrUsbMdm - ok
07:54:19.0030 3136 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
07:54:19.0032 3136 BrUsbSer - ok
07:54:19.0147 3136 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
07:54:19.0150 3136 BthEnum - ok
07:54:19.0243 3136 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
07:54:19.0246 3136 BTHMODEM - ok
07:54:19.0354 3136 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
07:54:19.0358 3136 BthPan - ok
07:54:19.0494 3136 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
07:54:19.0503 3136 BTHPORT - ok
07:54:19.0630 3136 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
07:54:19.0633 3136 BTHUSB - ok
07:54:19.0746 3136 btwampfl (525432cfd6d8c004860af7ecd0a84234) C:\windows\system32\drivers\btwampfl.sys
07:54:19.0754 3136 btwampfl - ok
07:54:19.0857 3136 btwaudio (cf8799a563f734984d4e053cacec1426) C:\windows\system32\drivers\btwaudio.sys
07:54:19.0861 3136 btwaudio - ok
07:54:19.0975 3136 btwavdt (9ed9932043d599aea04f6ea2d86964a1) C:\windows\system32\DRIVERS\btwavdt.sys
07:54:19.0979 3136 btwavdt - ok
07:54:20.0087 3136 btwl2cap (de53089f0678cb5f0afeb867acb0fb05) C:\windows\system32\DRIVERS\btwl2cap.sys
07:54:20.0087 3136 btwl2cap - ok
07:54:20.0196 3136 btwrchid (373d1bb0f7dc8f1931f9b7e0de3e9a30) C:\windows\system32\DRIVERS\btwrchid.sys
07:54:20.0199 3136 btwrchid - ok
07:54:20.0313 3136 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
07:54:20.0318 3136 cdfs - ok
07:54:20.0429 3136 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
07:54:20.0433 3136 cdrom - ok
07:54:20.0558 3136 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
07:54:20.0561 3136 circlass - ok
07:54:20.0646 3136 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
07:54:20.0651 3136 CLFS - ok
07:54:20.0760 3136 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
07:54:20.0764 3136 CmBatt - ok
07:54:20.0850 3136 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
07:54:20.0853 3136 cmdide - ok
07:54:20.0952 3136 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys
07:54:20.0961 3136 CNG - ok
07:54:21.0062 3136 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
07:54:21.0065 3136 Compbatt - ok
07:54:21.0161 3136 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
07:54:21.0163 3136 CompositeBus - ok
07:54:21.0255 3136 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
07:54:21.0270 3136 crcdisk - ok
07:54:21.0417 3136 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
07:54:21.0421 3136 DfsC - ok
07:54:21.0521 3136 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
07:54:21.0522 3136 discache - ok
07:54:21.0636 3136 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
07:54:21.0640 3136 Disk - ok
07:54:21.0792 3136 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
07:54:21.0795 3136 drmkaud - ok
07:54:21.0919 3136 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
07:54:21.0934 3136 DXGKrnl - ok
07:54:22.0146 3136 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
07:54:22.0254 3136 ebdrv - ok
07:54:22.0384 3136 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
07:54:22.0395 3136 elxstor - ok
07:54:22.0435 3136 EraserUtilDrv11010 - ok
07:54:22.0451 3136 EraserUtilDrvI13 - ok
07:54:22.0545 3136 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
07:54:22.0545 3136 ErrDev - ok
07:54:22.0667 3136 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
07:54:22.0672 3136 exfat - ok
07:54:22.0788 3136 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
07:54:22.0792 3136 fastfat - ok
07:54:22.0894 3136 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
07:54:22.0897 3136 fdc - ok
07:54:23.0008 3136 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
07:54:23.0011 3136 FileInfo - ok
07:54:23.0113 3136 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
07:54:23.0116 3136 Filetrace - ok
07:54:23.0208 3136 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
07:54:23.0211 3136 flpydisk - ok
07:54:23.0310 3136 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
07:54:23.0315 3136 FltMgr - ok
07:54:23.0419 3136 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
07:54:23.0422 3136 FsDepends - ok
07:54:23.0533 3136 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\windows\system32\DRIVERS\fssfltr.sys
07:54:23.0536 3136 fssfltr - ok
07:54:23.0633 3136 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
07:54:23.0633 3136 Fs_Rec - ok
07:54:23.0758 3136 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
07:54:23.0773 3136 fvevol - ok
07:54:23.0878 3136 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
07:54:23.0882 3136 gagp30kx - ok
07:54:24.0005 3136 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
07:54:24.0008 3136 hcw85cir - ok
07:54:24.0124 3136 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
07:54:24.0132 3136 HdAudAddService - ok
07:54:24.0236 3136 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
07:54:24.0240 3136 HDAudBus - ok
07:54:24.0349 3136 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
07:54:24.0352 3136 HidBatt - ok
07:54:24.0455 3136 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
07:54:24.0458 3136 HidBth - ok
07:54:24.0569 3136 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
07:54:24.0572 3136 HidIr - ok
07:54:24.0698 3136 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
07:54:24.0701 3136 HidUsb - ok
07:54:24.0833 3136 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
07:54:24.0836 3136 HpSAMD - ok
07:54:24.0968 3136 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
07:54:24.0983 3136 HTTP - ok
07:54:25.0089 3136 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
07:54:25.0091 3136 hwpolicy - ok
07:54:25.0203 3136 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
07:54:25.0207 3136 i8042prt - ok
07:54:25.0320 3136 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys
07:54:25.0325 3136 iaStor - ok
07:54:25.0447 3136 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
07:54:25.0455 3136 iaStorV - ok
07:54:25.0696 3136 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\windows\system32\DRIVERS\igdkmd32.sys
07:54:25.0836 3136 igfx - ok
07:54:26.0007 3136 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
07:54:26.0011 3136 iirsp - ok
07:54:26.0223 3136 IntcAzAudAddService (8c92829ccae93139b90c46389fbef4cf) C:\windows\system32\drivers\RTKVHDA.sys
07:54:26.0278 3136 IntcAzAudAddService - ok
07:54:26.0374 3136 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
07:54:26.0377 3136 intelide - ok
07:54:26.0492 3136 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
07:54:26.0496 3136 intelppm - ok
07:54:26.0603 3136 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
07:54:26.0606 3136 IpFilterDriver - ok
07:54:26.0703 3136 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
07:54:26.0707 3136 IPMIDRV - ok
07:54:26.0804 3136 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
07:54:26.0808 3136 IPNAT - ok
07:54:26.0923 3136 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
07:54:26.0925 3136 IRENUM - ok
07:54:27.0019 3136 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
07:54:27.0022 3136 isapnp - ok
07:54:27.0124 3136 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
07:54:27.0130 3136 iScsiPrt - ok
07:54:27.0243 3136 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
07:54:27.0246 3136 kbdclass - ok
07:54:27.0354 3136 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
07:54:27.0354 3136 kbdhid - ok
07:54:27.0462 3136 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys
07:54:27.0465 3136 KSecDD - ok
07:54:27.0572 3136 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys
07:54:27.0577 3136 KSecPkg - ok
07:54:27.0756 3136 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
07:54:27.0760 3136 lltdio - ok
07:54:27.0886 3136 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
07:54:27.0890 3136 LSI_FC - ok
07:54:27.0998 3136 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
07:54:28.0002 3136 LSI_SAS - ok
07:54:28.0109 3136 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
07:54:28.0113 3136 LSI_SAS2 - ok
07:54:28.0213 3136 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
07:54:28.0217 3136 LSI_SCSI - ok
07:54:28.0322 3136 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
07:54:28.0326 3136 luafv - ok
07:54:28.0432 3136 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
07:54:28.0435 3136 megasas - ok
07:54:28.0545 3136 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
07:54:28.0545 3136 MegaSR - ok
07:54:28.0666 3136 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
07:54:28.0669 3136 Modem - ok
07:54:28.0775 3136 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
07:54:28.0777 3136 monitor - ok
07:54:28.0875 3136 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
07:54:28.0878 3136 mouclass - ok
07:54:29.0000 3136 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
07:54:29.0002 3136 mouhid - ok
07:54:29.0105 3136 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
07:54:29.0108 3136 mountmgr - ok
07:54:29.0206 3136 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
07:54:29.0211 3136 mpio - ok
07:54:29.0308 3136 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
07:54:29.0312 3136 mpsdrv - ok
07:54:29.0415 3136 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
07:54:29.0420 3136 MRxDAV - ok
07:54:29.0519 3136 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
07:54:29.0523 3136 mrxsmb - ok
07:54:29.0624 3136 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
07:54:29.0631 3136 mrxsmb10 - ok
07:54:29.0783 3136 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
07:54:29.0783 3136 mrxsmb20 - ok
07:54:29.0886 3136 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
07:54:29.0890 3136 msahci - ok
07:54:30.0018 3136 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
07:54:30.0022 3136 msdsm - ok
07:54:30.0147 3136 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
07:54:30.0150 3136 Msfs - ok
07:54:30.0250 3136 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
07:54:30.0255 3136 mshidkmdf - ok
07:54:30.0354 3136 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
07:54:30.0356 3136 msisadrv - ok
07:54:30.0490 3136 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
07:54:30.0494 3136 MSKSSRV - ok
07:54:30.0599 3136 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
07:54:30.0602 3136 MSPCLOCK - ok
07:54:30.0715 3136 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
07:54:30.0719 3136 MSPQM - ok
07:54:30.0817 3136 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
07:54:30.0822 3136 MsRPC - ok
07:54:30.0916 3136 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
07:54:30.0916 3136 mssmbios - ok
07:54:31.0026 3136 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
07:54:31.0026 3136 MSTEE - ok
07:54:31.0131 3136 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
07:54:31.0134 3136 MTConfig - ok
07:54:31.0240 3136 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
07:54:31.0243 3136 Mup - ok
07:54:31.0375 3136 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
07:54:31.0382 3136 NativeWifiP - ok
07:54:31.0504 3136 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
07:54:31.0517 3136 NDIS - ok
07:54:31.0621 3136 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
07:54:31.0624 3136 NdisCap - ok
07:54:31.0739 3136 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
07:54:31.0742 3136 NdisTapi - ok
07:54:31.0842 3136 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
07:54:31.0846 3136 Ndisuio - ok
07:54:31.0941 3136 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
07:54:31.0946 3136 NdisWan - ok
07:54:32.0044 3136 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
07:54:32.0047 3136 NDProxy - ok
07:54:32.0156 3136 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
07:54:32.0156 3136 NetBIOS - ok
07:54:32.0255 3136 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
07:54:32.0260 3136 NetBT - ok
07:54:32.0398 3136 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
07:54:32.0402 3136 nfrd960 - ok
07:54:32.0522 3136 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
07:54:32.0525 3136 Npfs - ok
07:54:32.0627 3136 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
07:54:32.0628 3136 nsiproxy - ok
07:54:32.0764 3136 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
07:54:32.0787 3136 Ntfs - ok
07:54:32.0883 3136 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
07:54:32.0888 3136 Null - ok
07:54:32.0991 3136 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
07:54:32.0996 3136 nvraid - ok
07:54:33.0103 3136 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
07:54:33.0108 3136 nvstor - ok
07:54:33.0206 3136 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
07:54:33.0211 3136 nv_agp - ok
07:54:33.0300 3136 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
07:54:33.0300 3136 ohci1394 - ok
07:54:33.0441 3136 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
07:54:33.0441 3136 Parport - ok
07:54:33.0545 3136 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
07:54:33.0549 3136 partmgr - ok
07:54:33.0642 3136 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
07:54:33.0649 3136 Parvdm - ok
07:54:33.0754 3136 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
07:54:33.0759 3136 pci - ok
07:54:33.0857 3136 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
07:54:33.0860 3136 pciide - ok
07:54:33.0963 3136 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
07:54:33.0970 3136 pcmcia - ok
07:54:34.0069 3136 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
07:54:34.0073 3136 pcw - ok
07:54:34.0214 3136 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
07:54:34.0227 3136 PEAUTH - ok
07:54:34.0414 3136 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
07:54:34.0418 3136 PptpMiniport - ok
07:54:34.0513 3136 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
07:54:34.0517 3136 Processor - ok
07:54:34.0660 3136 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
07:54:34.0660 3136 Psched - ok
07:54:34.0789 3136 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
07:54:34.0816 3136 ql2300 - ok
07:54:34.0910 3136 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
07:54:34.0915 3136 ql40xx - ok
07:54:35.0024 3136 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
07:54:35.0027 3136 QWAVEdrv - ok
07:54:35.0125 3136 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
07:54:35.0127 3136 RasAcd - ok
07:54:35.0228 3136 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
07:54:35.0231 3136 RasAgileVpn - ok
07:54:35.0346 3136 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
07:54:35.0350 3136 Rasl2tp - ok
07:54:35.0477 3136 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
07:54:35.0482 3136 RasPppoe - ok
07:54:35.0587 3136 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
07:54:35.0591 3136 RasSstp - ok
07:54:35.0725 3136 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
07:54:35.0725 3136 rdbss - ok
07:54:35.0819 3136 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
07:54:35.0835 3136 rdpbus - ok
07:54:35.0934 3136 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
07:54:35.0936 3136 RDPCDD - ok
07:54:36.0053 3136 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
07:54:36.0055 3136 RDPENCDD - ok
07:54:36.0158 3136 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
07:54:36.0160 3136 RDPREFMP - ok
07:54:36.0266 3136 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
07:54:36.0272 3136 RDPWD - ok
07:54:36.0382 3136 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
07:54:36.0388 3136 rdyboost - ok
07:54:36.0521 3136 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
07:54:36.0525 3136 RFCOMM - ok
07:54:36.0654 3136 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
07:54:36.0658 3136 rspndr - ok
07:54:36.0771 3136 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
07:54:36.0777 3136 RTL8167 - ok
07:54:36.0900 3136 rtport (41ce6b172542a9a227e34a45881e1d2a) C:\windows\system32\drivers\rtport.sys
07:54:36.0903 3136 rtport - ok
07:54:37.0013 3136 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
07:54:37.0013 3136 SABI - ok
07:54:37.0143 3136 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
07:54:37.0148 3136 sbp2port - ok
07:54:37.0253 3136 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
07:54:37.0256 3136 scfilter - ok
07:54:37.0408 3136 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
07:54:37.0412 3136 secdrv - ok
07:54:37.0541 3136 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
07:54:37.0544 3136 Serenum - ok
07:54:37.0668 3136 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
07:54:37.0673 3136 Serial - ok
07:54:37.0817 3136 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
07:54:37.0820 3136 sermouse - ok
07:54:37.0951 3136 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
07:54:37.0954 3136 sffdisk - ok
07:54:38.0056 3136 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
07:54:38.0059 3136 sffp_mmc - ok
07:54:38.0143 3136 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
07:54:38.0158 3136 sffp_sd - ok
07:54:38.0252 3136 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
07:54:38.0252 3136 sfloppy - ok
07:54:38.0381 3136 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\windows\system32\DRIVERS\Sftfslh.sys
07:54:38.0394 3136 Sftfs - ok
07:54:38.0509 3136 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\windows\system32\DRIVERS\Sftplaylh.sys
07:54:38.0514 3136 Sftplay - ok
07:54:38.0616 3136 Sftredir (6b1865d82e0290729ed7496c24275592) C:\windows\system32\DRIVERS\Sftredirlh.sys
07:54:38.0619 3136 Sftredir - ok
07:54:38.0711 3136 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\windows\system32\DRIVERS\Sftvollh.sys
07:54:38.0714 3136 Sftvol - ok
07:54:38.0838 3136 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
07:54:38.0842 3136 sisagp - ok
07:54:38.0952 3136 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
07:54:38.0955 3136 SiSRaid2 - ok
07:54:39.0059 3136 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
07:54:39.0063 3136 SiSRaid4 - ok
07:54:39.0180 3136 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
07:54:39.0184 3136 Smb - ok
07:54:39.0313 3136 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
07:54:39.0317 3136 spldr - ok
07:54:39.0461 3136 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
07:54:39.0461 3136 srv - ok
07:54:39.0574 3136 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
07:54:39.0582 3136 srv2 - ok
07:54:39.0696 3136 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
07:54:39.0701 3136 srvnet - ok
07:54:39.0822 3136 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
07:54:39.0825 3136 stexstor - ok
07:54:39.0940 3136 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
07:54:39.0943 3136 StillCam - ok
07:54:40.0055 3136 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
07:54:40.0059 3136 swenum - ok
07:54:40.0222 3136 SynTP (f586f4bc777b596f4713184777a80f56) C:\windows\system32\DRIVERS\SynTP.sys
07:54:40.0250 3136 SynTP - ok
07:54:40.0431 3136 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
07:54:40.0457 3136 Tcpip - ok
07:54:40.0600 3136 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
07:54:40.0615 3136 TCPIP6 - ok
07:54:40.0734 3136 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
07:54:40.0737 3136 tcpipreg - ok
07:54:40.0845 3136 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
07:54:40.0848 3136 TDPIPE - ok
07:54:40.0945 3136 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
07:54:40.0948 3136 TDTCP - ok
07:54:41.0049 3136 tdx (d705280a9fe3e718d3e1cc7ec6d4e824) C:\windows\system32\DRIVERS\tdx.sys
07:54:41.0054 3136 tdx ( Virus.Win32.ZAccess.c ) - infected
07:54:41.0054 3136 tdx - detected Virus.Win32.ZAccess.c (0)
07:54:41.0159 3136 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
07:54:41.0162 3136 TermDD - ok
07:54:41.0319 3136 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
07:54:41.0322 3136 tssecsrv - ok
07:54:41.0445 3136 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
07:54:41.0450 3136 tunnel - ok
07:54:41.0547 3136 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
07:54:41.0552 3136 uagp35 - ok
07:54:41.0656 3136 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
07:54:41.0664 3136 udfs - ok
07:54:41.0795 3136 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
07:54:41.0795 3136 uliagpkx - ok
07:54:41.0905 3136 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
07:54:41.0905 3136 umbus - ok
07:54:42.0024 3136 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
07:54:42.0027 3136 UmPass - ok
07:54:42.0139 3136 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\windows\system32\DRIVERS\usbccgp.sys
07:54:42.0144 3136 usbccgp - ok
07:54:42.0251 3136 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
07:54:42.0255 3136 usbcir - ok
07:54:42.0363 3136 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\windows\system32\drivers\usbehci.sys
07:54:42.0366 3136 usbehci - ok
07:54:42.0470 3136 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\windows\system32\DRIVERS\usbhub.sys
07:54:42.0477 3136 usbhub - ok
07:54:42.0560 3136 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\windows\system32\drivers\usbohci.sys
07:54:42.0563 3136 usbohci - ok
07:54:42.0660 3136 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
07:54:42.0663 3136 usbprint - ok
07:54:42.0767 3136 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
07:54:42.0771 3136 USBSTOR - ok
07:54:42.0870 3136 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\windows\system32\drivers\usbuhci.sys
07:54:42.0873 3136 usbuhci - ok
07:54:42.0976 3136 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
07:54:42.0981 3136 usbvideo - ok
07:54:43.0090 3136 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
07:54:43.0090 3136 vdrvroot - ok
07:54:43.0229 3136 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
07:54:43.0232 3136 vga - ok
07:54:43.0338 3136 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
07:54:43.0341 3136 VgaSave - ok
07:54:43.0439 3136 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
07:54:43.0444 3136 vhdmp - ok
07:54:43.0553 3136 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
07:54:43.0557 3136 viaagp - ok
07:54:43.0663 3136 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
07:54:43.0666 3136 ViaC7 - ok
07:54:43.0770 3136 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
07:54:43.0774 3136 viaide - ok
07:54:43.0897 3136 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
07:54:43.0901 3136 volmgr - ok
07:54:44.0010 3136 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
07:54:44.0017 3136 volmgrx - ok
07:54:44.0124 3136 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
07:54:44.0131 3136 volsnap - ok
07:54:44.0228 3136 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
07:54:44.0228 3136 vsmraid - ok
07:54:44.0338 3136 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
07:54:44.0338 3136 vwifibus - ok
07:54:44.0461 3136 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
07:54:44.0465 3136 vwififlt - ok
07:54:44.0582 3136 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
07:54:44.0585 3136 WacomPen - ok
07:54:44.0701 3136 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
07:54:44.0705 3136 WANARP - ok
07:54:44.0715 3136 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
07:54:44.0717 3136 Wanarpv6 - ok
07:54:44.0851 3136 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
07:54:44.0854 3136 Wd - ok
07:54:44.0953 3136 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\windows\system32\DRIVERS\wdcsam.sys
07:54:44.0955 3136 WDC_SAM - ok
07:54:45.0063 3136 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
07:54:45.0074 3136 Wdf01000 - ok
07:54:45.0231 3136 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
07:54:45.0234 3136 WfpLwf - ok
07:54:45.0344 3136 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
07:54:45.0347 3136 WIMMount - ok
07:54:45.0552 3136 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
07:54:45.0552 3136 WmiAcpi - ok
07:54:45.0733 3136 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
07:54:45.0738 3136 ws2ifsl - ok
07:54:45.0858 3136 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
07:54:45.0862 3136 WudfPf - ok
07:54:45.0965 3136 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
07:54:45.0970 3136 WUDFRd - ok
07:54:46.0104 3136 yukonw7 (49d10b542dacfbb0e2ebf3e59f83ef21) C:\windows\system32\DRIVERS\yk62x86.sys
07:54:46.0112 3136 yukonw7 - ok
07:54:46.0179 3136 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
07:54:46.0684 3136 \Device\Harddisk0\DR0 - ok
07:54:46.0699 3136 Boot (0x1200) (e571bb39c95b716b040b4e7fb7627df6) \Device\Harddisk0\DR0\Partition0
07:54:46.0699 3136 \Device\Harddisk0\DR0\Partition0 - ok
07:54:46.0731 3136 Boot (0x1200) (6f9a825a23cde9b82880f1df62ced4f3) \Device\Harddisk0\DR0\Partition1
07:54:46.0731 3136 \Device\Harddisk0\DR0\Partition1 - ok
07:54:46.0746 3136 Boot (0x1200) (1b220d3b4b3ab61d693771fc745a7c13) \Device\Harddisk0\DR0\Partition2
07:54:46.0762 3136 \Device\Harddisk0\DR0\Partition2 - ok
07:54:46.0762 3136 ============================================================
07:54:46.0762 3136 Scan finished
07:54:46.0762 3136 ============================================================
07:54:46.0801 5620 Detected object count: 1
07:54:46.0801 5620 Actual detected object count: 1
07:55:56.0181 5620 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\windows\system32\drivers\tdx.sys) error 1813
07:56:01.0242 5620 Backup copy found, using it..
07:56:01.0257 5620 C:\windows\system32\DRIVERS\tdx.sys - will be cured on reboot
07:56:10.0456 5620 tdx ( Virus.Win32.ZAccess.c ) - User select action: Cure
07:58:08.0892 3572 Deinitialize success
************************************************************
Malwarebytes Log -
***************************************************************

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.28.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Jason :: JASON-PC [administrator]

Protection: Disabled

1/28/2012 8:04:31 AM
mbam-log-2012-01-28 (08-04-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 173320
Time elapsed: 7 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Windows\System32\crcdisk.dll (Rootkit.0Access) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 14
C:\Windows\System32\crcdisk.dll (Rootkit.0Access) -> Delete on reboot.
C:\Windows\System32\3compxe.dll (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\System32\audstub.dll (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\System32\bits.dll (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\System32\ssm_mdfl.dll (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\System32\ZTEusbser6k.dll (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\Jason\AppData\Local\Temp\ICReinstall\PDFConverterSetup (1).exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Jason\AppData\Local\Temp\ICReinstall\PDFConverterSetup.exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Jason\Downloads\PDFConverterSetup (1).exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Jason\Downloads\PDFConverterSetup.exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Jason\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Quarantined and deleted successfully.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Quarantined and deleted successfully.

(end)
******************************
Thanks again!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:03 PM

Posted 28 January 2012 - 08:53 PM

Sorry for the delay. Since it is back we need to move. Start a new topic named Rootkit.0Access) won't cure.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Copy this link to this topic into the new one.

http://www.bleepingcomputer.com/forums/topic440263.html/page__gopid__2575214#entry2575214

Let me know if that went well.

Edited by boopme, 28 January 2012 - 08:55 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Jason121

Jason121
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 30 January 2012 - 02:18 AM

Thanks. I created a new topic under Virus, Trojan, ... called 'Rootkit.0Access) won't cure'.
DDS log files can be found at that location.
Thanks,
Jason

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:03 PM

Posted 30 January 2012 - 10:23 AM

You're welcome!
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 5 days and ALL logs are amswered.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users