Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search results returning unwanted links


  • Please log in to reply
5 replies to this topic

#1 bottleneck

bottleneck

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 28 January 2012 - 01:29 AM

Hi,

I'm running Windows Vista Home Premium (64 bit). Any Google search I make takes me to links that don't go where they are supposed to go. For example, when I click a link I get taken to some weird website (like yellow pages or something totally random). I have no idea what could be causing this...

Thank you in advance!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:06 PM

Posted 28 January 2012 - 01:47 AM

Download

Malwarebytes

Install,update and run a FULL SCAN

Remove infections and post the clean log

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Good luck

Edited by narenxp, 28 January 2012 - 01:49 AM.


#3 bottleneck

bottleneck
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 28 January 2012 - 02:23 PM

Hi narenxp,

Below are the logs your requested. I wanted to let you know that upon trying to scan using aswMBR in normal mode, the scan would proceed for a few minutes and detect some infections before flashing (for maybe a half second) the Blue Screen of Death then restarting the system. That happened three times before I decided to do the scan in Safe Mode, which seems to have worked (the scan successfully completed as you will see below).

Thanks.


Begin logs:


::::::::::::: Malwarebytes log:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.28.02

Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
David :: DAVID-PC [administrator]

1/27/2012 11:57:42 PM
mbam-log-2012-01-27 (23-57-42).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 579246
Time elapsed: 1 hour(s), 11 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Quarantined and deleted successfully.

(end)



:::::::::::::::: TDSSkiller log:

01:21:46.0214 3248 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
01:21:47.0805 3248 ============================================================
01:21:47.0805 3248 Current date / time: 2012/01/28 01:21:47.0805
01:21:47.0805 3248 SystemInfo:
01:21:47.0805 3248
01:21:47.0805 3248 OS Version: 6.0.6001 ServicePack: 1.0
01:21:47.0805 3248 Product type: Workstation
01:21:47.0805 3248 ComputerName: DAVID-PC
01:21:47.0805 3248 UserName: David
01:21:47.0805 3248 Windows directory: C:\Windows
01:21:47.0805 3248 System windows directory: C:\Windows
01:21:47.0805 3248 Running under WOW64
01:21:47.0805 3248 Processor architecture: Intel x64
01:21:47.0805 3248 Number of processors: 2
01:21:47.0805 3248 Page size: 0x1000
01:21:47.0805 3248 Boot type: Normal boot
01:21:47.0805 3248 ============================================================
01:21:48.0351 3248 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:21:48.0507 3248 Initialize success
01:22:00.0831 3388 ============================================================
01:22:00.0831 3388 Scan started
01:22:00.0831 3388 Mode: Manual; TDLFS;
01:22:00.0831 3388 ============================================================
01:22:01.0346 3388 ACPI (af3a1aa81f875169dd9e55b1320057d6) C:\Windows\system32\drivers\acpi.sys
01:22:01.0346 3388 ACPI - ok
01:22:01.0595 3388 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
01:22:01.0611 3388 adp94xx - ok
01:22:01.0845 3388 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
01:22:01.0845 3388 adpahci - ok
01:22:02.0079 3388 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
01:22:02.0079 3388 adpu160m - ok
01:22:02.0313 3388 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
01:22:02.0313 3388 adpu320 - ok
01:22:02.0718 3388 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
01:22:02.0750 3388 AFD - ok
01:22:03.0030 3388 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
01:22:03.0062 3388 agp440 - ok
01:22:03.0264 3388 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
01:22:03.0264 3388 aic78xx - ok
01:22:03.0436 3388 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
01:22:03.0452 3388 aliide - ok
01:22:03.0623 3388 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
01:22:03.0623 3388 amdide - ok
01:22:03.0764 3388 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
01:22:03.0779 3388 AmdK8 - ok
01:22:04.0091 3388 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
01:22:04.0091 3388 arc - ok
01:22:04.0668 3388 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
01:22:04.0668 3388 arcsas - ok
01:22:04.0887 3388 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
01:22:04.0902 3388 AsyncMac - ok
01:22:05.0012 3388 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
01:22:05.0012 3388 atapi - ok
01:22:05.0261 3388 atikmdag (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
01:22:05.0370 3388 atikmdag - ok
01:22:05.0495 3388 BCM42RLY (a7c9995ba861fce78b2ceaae61d39fd7) C:\Windows\system32\drivers\BCM42RLY.sys
01:22:05.0495 3388 BCM42RLY - ok
01:22:05.0667 3388 BCM43XX (d32f962b71fee6bdaaee630bb2c17280) C:\Windows\system32\DRIVERS\bcmwl664.sys
01:22:05.0667 3388 BCM43XX - ok
01:22:05.0885 3388 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
01:22:05.0885 3388 blbdrive - ok
01:22:06.0150 3388 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
01:22:06.0150 3388 bowser - ok
01:22:06.0650 3388 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
01:22:06.0681 3388 BrFiltLo - ok
01:22:06.0774 3388 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
01:22:06.0774 3388 BrFiltUp - ok
01:22:06.0946 3388 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
01:22:06.0946 3388 Brserid - ok
01:22:07.0149 3388 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
01:22:07.0149 3388 BrSerWdm - ok
01:22:07.0414 3388 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
01:22:07.0430 3388 BrUsbMdm - ok
01:22:07.0523 3388 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
01:22:07.0523 3388 BrUsbSer - ok
01:22:07.0632 3388 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
01:22:07.0632 3388 BTHMODEM - ok
01:22:07.0820 3388 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
01:22:07.0820 3388 cdfs - ok
01:22:08.0022 3388 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
01:22:08.0022 3388 cdrom - ok
01:22:08.0194 3388 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
01:22:08.0194 3388 circlass - ok
01:22:08.0303 3388 CLFS (c12c4ee07843b595036da0baa6317936) C:\Windows\system32\CLFS.sys
01:22:08.0303 3388 CLFS - ok
01:22:08.0522 3388 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
01:22:08.0522 3388 CmBatt - ok
01:22:08.0615 3388 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
01:22:08.0615 3388 cmdide - ok
01:22:08.0709 3388 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\DRIVERS\compbatt.sys
01:22:08.0709 3388 Compbatt - ok
01:22:09.0161 3388 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
01:22:09.0161 3388 crcdisk - ok
01:22:09.0270 3388 CtClsFlt (0d260d60fc1302e482850bb8f432d8d5) C:\Windows\system32\DRIVERS\CtClsFlt.sys
01:22:09.0270 3388 CtClsFlt - ok
01:22:09.0380 3388 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
01:22:09.0380 3388 DfsC - ok
01:22:09.0504 3388 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
01:22:09.0504 3388 disk - ok
01:22:09.0676 3388 drmkaud (97dc2a789c1be458976507846a1a8ced) C:\Windows\system32\drivers\drmkaud.sys
01:22:09.0676 3388 drmkaud - ok
01:22:09.0785 3388 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
01:22:09.0816 3388 DXGKrnl - ok
01:22:10.0160 3388 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
01:22:10.0175 3388 e1express - ok
01:22:10.0316 3388 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
01:22:10.0316 3388 E1G60 - ok
01:22:10.0518 3388 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
01:22:10.0518 3388 Ecache - ok
01:22:10.0721 3388 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
01:22:10.0721 3388 elxstor - ok
01:22:10.0986 3388 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
01:22:10.0986 3388 ErrDev - ok
01:22:11.0314 3388 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
01:22:11.0330 3388 exfat - ok
01:22:11.0610 3388 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
01:22:11.0610 3388 fastfat - ok
01:22:11.0735 3388 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
01:22:11.0735 3388 fdc - ok
01:22:11.0844 3388 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
01:22:11.0844 3388 FileInfo - ok
01:22:12.0359 3388 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
01:22:12.0359 3388 Filetrace - ok
01:22:12.0500 3388 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
01:22:12.0500 3388 flpydisk - ok
01:22:12.0671 3388 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
01:22:12.0671 3388 FltMgr - ok
01:22:12.0780 3388 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
01:22:12.0780 3388 Fs_Rec - ok
01:22:12.0921 3388 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
01:22:12.0936 3388 gagp30kx - ok
01:22:13.0061 3388 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:22:13.0061 3388 GEARAspiWDM - ok
01:22:13.0202 3388 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
01:22:13.0202 3388 hcmon - ok
01:22:13.0482 3388 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
01:22:13.0482 3388 HdAudAddService - ok
01:22:13.0966 3388 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
01:22:13.0966 3388 HDAudBus - ok
01:22:14.0387 3388 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
01:22:14.0387 3388 HidBth - ok
01:22:14.0465 3388 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
01:22:14.0481 3388 HidIr - ok
01:22:14.0590 3388 HidUsb (128e2da8483fdd4dd0c7b3f9abd6f323) C:\Windows\system32\DRIVERS\hidusb.sys
01:22:14.0590 3388 HidUsb - ok
01:22:14.0746 3388 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
01:22:14.0746 3388 HpCISSs - ok
01:22:15.0448 3388 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
01:22:15.0464 3388 HTTP - ok
01:22:15.0791 3388 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
01:22:15.0822 3388 i2omp - ok
01:22:15.0900 3388 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
01:22:15.0916 3388 i8042prt - ok
01:22:15.0994 3388 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
01:22:16.0010 3388 iaStorV - ok
01:22:16.0166 3388 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
01:22:16.0166 3388 iirsp - ok
01:22:16.0306 3388 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
01:22:16.0306 3388 intelide - ok
01:22:16.0743 3388 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
01:22:16.0743 3388 intelppm - ok
01:22:18.0069 3388 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:22:18.0100 3388 IpFilterDriver - ok
01:22:18.0162 3388 IpInIp - ok
01:22:18.0927 3388 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
01:22:18.0942 3388 IPMIDRV - ok
01:22:19.0145 3388 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
01:22:19.0192 3388 IPNAT - ok
01:22:19.0395 3388 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
01:22:19.0457 3388 IRENUM - ok
01:22:19.0832 3388 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
01:22:19.0847 3388 isapnp - ok
01:22:19.0956 3388 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
01:22:19.0956 3388 iScsiPrt - ok
01:22:20.0034 3388 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
01:22:20.0034 3388 iteatapi - ok
01:22:20.0549 3388 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
01:22:20.0549 3388 iteraid - ok
01:22:20.0690 3388 k57nd60a (eb5c7891b9e6e4a1a4428f2160b12b53) C:\Windows\system32\DRIVERS\k57nd60a.sys
01:22:20.0690 3388 k57nd60a - ok
01:22:20.0939 3388 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
01:22:20.0939 3388 kbdclass - ok
01:22:21.0002 3388 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
01:22:21.0002 3388 kbdhid - ok
01:22:21.0594 3388 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
01:22:21.0610 3388 KSecDD - ok
01:22:21.0719 3388 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
01:22:21.0719 3388 ksthunk - ok
01:22:21.0891 3388 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
01:22:21.0891 3388 lltdio - ok
01:22:21.0984 3388 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
01:22:21.0984 3388 LSI_FC - ok
01:22:22.0094 3388 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
01:22:22.0094 3388 LSI_SAS - ok
01:22:22.0218 3388 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
01:22:22.0218 3388 LSI_SCSI - ok
01:22:22.0312 3388 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
01:22:22.0312 3388 luafv - ok
01:22:22.0499 3388 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
01:22:22.0499 3388 megasas - ok
01:22:22.0624 3388 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
01:22:22.0640 3388 MegaSR - ok
01:22:22.0905 3388 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
01:22:22.0905 3388 Modem - ok
01:22:22.0998 3388 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
01:22:22.0998 3388 monitor - ok
01:22:23.0076 3388 motandroidusb - ok
01:22:23.0139 3388 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
01:22:23.0139 3388 mouclass - ok
01:22:23.0201 3388 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
01:22:23.0201 3388 mouhid - ok
01:22:23.0279 3388 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
01:22:23.0279 3388 MountMgr - ok
01:22:23.0388 3388 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
01:22:23.0388 3388 mpio - ok
01:22:23.0466 3388 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
01:22:23.0482 3388 mpsdrv - ok
01:22:23.0607 3388 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
01:22:23.0607 3388 Mraid35x - ok
01:22:23.0747 3388 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
01:22:23.0747 3388 MRxDAV - ok
01:22:23.0825 3388 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:22:23.0841 3388 mrxsmb - ok
01:22:23.0919 3388 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:22:23.0934 3388 mrxsmb10 - ok
01:22:23.0997 3388 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:22:23.0997 3388 mrxsmb20 - ok
01:22:24.0106 3388 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
01:22:24.0106 3388 msahci - ok
01:22:24.0340 3388 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
01:22:24.0340 3388 msdsm - ok
01:22:24.0512 3388 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
01:22:24.0512 3388 Msfs - ok
01:22:24.0636 3388 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
01:22:24.0636 3388 msisadrv - ok
01:22:24.0902 3388 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
01:22:24.0933 3388 MSKSSRV - ok
01:22:25.0011 3388 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
01:22:25.0011 3388 MSPCLOCK - ok
01:22:25.0182 3388 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
01:22:25.0182 3388 MSPQM - ok
01:22:25.0760 3388 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
01:22:25.0760 3388 MsRPC - ok
01:22:25.0900 3388 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
01:22:25.0900 3388 mssmbios - ok
01:22:25.0994 3388 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
01:22:26.0009 3388 MSTEE - ok
01:22:26.0134 3388 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
01:22:26.0134 3388 Mup - ok
01:22:26.0337 3388 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
01:22:26.0337 3388 NativeWifiP - ok
01:22:26.0462 3388 NDIS (f9a3ae5c9f047d71a36a99f9abca7d02) C:\Windows\system32\drivers\ndis.sys
01:22:26.0508 3388 NDIS - ok
01:22:26.0649 3388 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
01:22:26.0649 3388 NdisTapi - ok
01:22:26.0742 3388 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
01:22:26.0742 3388 Ndisuio - ok
01:22:26.0930 3388 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
01:22:26.0930 3388 NdisWan - ok
01:22:27.0008 3388 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
01:22:27.0008 3388 NDProxy - ok
01:22:27.0226 3388 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
01:22:27.0226 3388 NetBIOS - ok
01:22:27.0944 3388 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
01:22:27.0959 3388 netbt - ok
01:22:28.0505 3388 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
01:22:28.0521 3388 nfrd960 - ok
01:22:28.0646 3388 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
01:22:28.0646 3388 Npfs - ok
01:22:28.0942 3388 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
01:22:28.0942 3388 nsiproxy - ok
01:22:29.0270 3388 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
01:22:29.0316 3388 Ntfs - ok
01:22:29.0644 3388 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
01:22:29.0644 3388 Null - ok
01:22:29.0800 3388 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
01:22:29.0800 3388 nvraid - ok
01:22:29.0972 3388 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
01:22:29.0972 3388 nvstor - ok
01:22:30.0908 3388 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
01:22:30.0908 3388 nv_agp - ok
01:22:30.0970 3388 NwlnkFlt - ok
01:22:31.0641 3388 NwlnkFwd - ok
01:22:32.0046 3388 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
01:22:32.0046 3388 ohci1394 - ok
01:22:32.0296 3388 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
01:22:32.0343 3388 Parport - ok
01:22:32.0436 3388 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
01:22:32.0436 3388 partmgr - ok
01:22:32.0889 3388 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
01:22:32.0889 3388 pci - ok
01:22:33.0076 3388 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
01:22:33.0076 3388 pciide - ok
01:22:33.0185 3388 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
01:22:33.0185 3388 pcmcia - ok
01:22:33.0279 3388 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
01:22:33.0326 3388 PEAUTH - ok
01:22:33.0497 3388 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
01:22:33.0513 3388 PptpMiniport - ok
01:22:33.0903 3388 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
01:22:33.0903 3388 Processor - ok
01:22:34.0028 3388 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
01:22:34.0028 3388 PSched - ok
01:22:34.0184 3388 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
01:22:34.0184 3388 PxHlpa64 - ok
01:22:34.0293 3388 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
01:22:34.0324 3388 ql2300 - ok
01:22:34.0558 3388 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
01:22:34.0558 3388 ql40xx - ok
01:22:34.0683 3388 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
01:22:34.0683 3388 QWAVEdrv - ok
01:22:34.0948 3388 R300 (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
01:22:34.0979 3388 R300 - ok
01:22:35.0088 3388 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
01:22:35.0088 3388 RasAcd - ok
01:22:35.0229 3388 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:22:35.0229 3388 Rasl2tp - ok
01:22:35.0322 3388 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
01:22:35.0322 3388 RasPppoe - ok
01:22:35.0416 3388 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
01:22:35.0416 3388 RasSstp - ok
01:22:35.0619 3388 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
01:22:35.0634 3388 rdbss - ok
01:22:35.0837 3388 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:22:35.0837 3388 RDPCDD - ok
01:22:35.0978 3388 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
01:22:35.0978 3388 rdpdr - ok
01:22:36.0071 3388 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
01:22:36.0071 3388 RDPENCDD - ok
01:22:36.0290 3388 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
01:22:36.0305 3388 RDPWD - ok
01:22:36.0446 3388 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
01:22:36.0446 3388 rimmptsk - ok
01:22:36.0586 3388 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
01:22:36.0586 3388 rimsptsk - ok
01:22:36.0836 3388 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
01:22:36.0836 3388 rismxdp - ok
01:22:36.0992 3388 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
01:22:36.0992 3388 rspndr - ok
01:22:37.0101 3388 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
01:22:37.0101 3388 sbp2port - ok
01:22:37.0272 3388 sdbus (fb30126d3e617c86cd8e8643792ca3cf) C:\Windows\system32\DRIVERS\sdbus.sys
01:22:37.0272 3388 sdbus - ok
01:22:37.0444 3388 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:22:37.0444 3388 secdrv - ok
01:22:37.0616 3388 Sentinel (82215bbed5d37b0c354f0e83fd0c8423) C:\Windows\System32\Drivers\SENTINEL64.SYS
01:22:37.0616 3388 Sentinel - ok
01:22:37.0787 3388 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
01:22:37.0787 3388 Serenum - ok
01:22:38.0006 3388 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
01:22:38.0006 3388 Serial - ok
01:22:38.0302 3388 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
01:22:38.0318 3388 sermouse - ok
01:22:38.0739 3388 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
01:22:38.0754 3388 sffdisk - ok
01:22:38.0895 3388 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
01:22:38.0895 3388 sffp_mmc - ok
01:22:39.0441 3388 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
01:22:39.0441 3388 sffp_sd - ok
01:22:40.0174 3388 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
01:22:40.0174 3388 sfloppy - ok
01:22:40.0611 3388 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
01:22:40.0611 3388 SiSRaid2 - ok
01:22:40.0720 3388 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
01:22:40.0720 3388 SiSRaid4 - ok
01:22:40.0892 3388 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
01:22:40.0892 3388 Smb - ok
01:22:41.0094 3388 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
01:22:41.0094 3388 spldr - ok
01:22:41.0188 3388 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
01:22:41.0204 3388 srv - ok
01:22:41.0313 3388 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
01:22:41.0313 3388 srv2 - ok
01:22:41.0453 3388 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
01:22:41.0453 3388 srvnet - ok
01:22:41.0640 3388 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
01:22:41.0640 3388 STHDA - ok
01:22:41.0765 3388 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
01:22:41.0765 3388 swenum - ok
01:22:43.0731 3388 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
01:22:43.0731 3388 Symc8xx - ok
01:22:43.0949 3388 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
01:22:43.0949 3388 Sym_hi - ok
01:22:44.0214 3388 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
01:22:44.0230 3388 Sym_u3 - ok
01:22:44.0386 3388 SynTP (79a93ec9d224b1f43c0e2f023d61dca3) C:\Windows\system32\DRIVERS\SynTP.sys
01:22:44.0386 3388 SynTP - ok
01:22:44.0714 3388 Tcpip (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\drivers\tcpip.sys
01:22:44.0745 3388 Tcpip - ok
01:22:44.0901 3388 Tcpip6 (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\DRIVERS\tcpip.sys
01:22:44.0901 3388 Tcpip6 - ok
01:22:45.0072 3388 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
01:22:45.0072 3388 tcpipreg - ok
01:22:45.0182 3388 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
01:22:45.0182 3388 TDPIPE - ok
01:22:45.0696 3388 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
01:22:45.0696 3388 TDTCP - ok
01:22:45.0821 3388 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
01:22:45.0821 3388 tdx - ok
01:22:46.0149 3388 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
01:22:46.0149 3388 TermDD - ok
01:22:46.0445 3388 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:22:46.0461 3388 tssecsrv - ok
01:22:46.0742 3388 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
01:22:46.0742 3388 tunmp - ok
01:22:46.0851 3388 tunnel (2dc2c423572946e9a3131425bda73cb6) C:\Windows\system32\DRIVERS\tunnel.sys
01:22:46.0851 3388 tunnel - ok
01:22:46.0945 3388 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
01:22:46.0945 3388 uagp35 - ok
01:22:48.0427 3388 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
01:22:48.0427 3388 udfs - ok
01:22:49.0129 3388 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
01:22:49.0145 3388 uliagpkx - ok
01:22:49.0301 3388 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
01:22:49.0317 3388 uliahci - ok
01:22:49.0410 3388 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
01:22:49.0410 3388 UlSata - ok
01:22:49.0660 3388 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
01:22:49.0660 3388 ulsata2 - ok
01:22:50.0565 3388 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
01:22:50.0565 3388 umbus - ok
01:22:51.0064 3388 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
01:22:51.0079 3388 USBAAPL64 - ok
01:22:51.0157 3388 usbccgp (cee5090e3c2f23df52b732dc3cc16ad8) C:\Windows\system32\DRIVERS\usbccgp.sys
01:22:51.0157 3388 usbccgp - ok
01:22:51.0298 3388 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
01:22:51.0298 3388 usbcir - ok
01:22:51.0423 3388 usbehci (3bb628ad6e7391e801ce4bda9a52bb1d) C:\Windows\system32\DRIVERS\usbehci.sys
01:22:51.0423 3388 usbehci - ok
01:22:52.0249 3388 usbhub (d02090110a4d92b4b9a9a2e17729e997) C:\Windows\system32\DRIVERS\usbhub.sys
01:22:52.0265 3388 usbhub - ok
01:22:52.0530 3388 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
01:22:52.0530 3388 usbohci - ok
01:22:52.0936 3388 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
01:22:52.0936 3388 usbprint - ok
01:22:54.0355 3388 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
01:22:54.0387 3388 usbscan - ok
01:22:54.0543 3388 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:22:54.0543 3388 USBSTOR - ok
01:22:54.0683 3388 usbuhci (d63b28cffbba74bc374b41a60543190c) C:\Windows\system32\DRIVERS\usbuhci.sys
01:22:54.0683 3388 usbuhci - ok
01:22:55.0323 3388 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
01:22:55.0338 3388 usbvideo - ok
01:22:55.0681 3388 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
01:22:55.0681 3388 VClone - ok
01:22:55.0993 3388 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
01:22:55.0993 3388 vga - ok
01:22:56.0368 3388 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
01:22:56.0368 3388 VgaSave - ok
01:22:56.0524 3388 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
01:22:56.0524 3388 viaide - ok
01:22:56.0695 3388 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
01:22:56.0695 3388 vmci - ok
01:22:56.0961 3388 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
01:22:56.0961 3388 VMnetAdapter - ok
01:22:57.0257 3388 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
01:22:57.0257 3388 VMnetBridge - ok
01:22:57.0397 3388 VMnetuserif (f6720c0c51a5bd4e204e0816770622cf) C:\Windows\system32\drivers\vmnetuserif.sys
01:22:57.0397 3388 VMnetuserif - ok
01:22:57.0616 3388 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys
01:22:57.0616 3388 vmusb - ok
01:22:57.0803 3388 vmx86 (9e8d231425a6b63f97bfd5421f571419) C:\Windows\system32\drivers\vmx86.sys
01:22:57.0803 3388 vmx86 - ok
01:22:57.0897 3388 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
01:22:57.0897 3388 volmgr - ok
01:22:58.0006 3388 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
01:22:58.0021 3388 volmgrx - ok
01:22:58.0255 3388 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
01:22:58.0271 3388 volsnap - ok
01:22:58.0396 3388 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
01:22:58.0396 3388 vpnva - ok
01:22:58.0911 3388 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
01:22:58.0911 3388 vsmraid - ok
01:22:58.0942 3388 vstor2-mntapi10-shared - ok
01:22:59.0035 3388 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
01:22:59.0035 3388 WacomPen - ok
01:22:59.0129 3388 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
01:22:59.0129 3388 Wanarp - ok
01:22:59.0129 3388 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
01:22:59.0129 3388 Wanarpv6 - ok
01:22:59.0628 3388 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
01:22:59.0628 3388 Wd - ok
01:22:59.0769 3388 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
01:22:59.0815 3388 Wdf01000 - ok
01:23:00.0003 3388 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\DRIVERS\wmiacpi.sys
01:23:00.0003 3388 WmiAcpi - ok
01:23:00.0455 3388 WpdUsb (6329d1990db931073b86ab5946d8e317) C:\Windows\system32\DRIVERS\wpdusb.sys
01:23:00.0455 3388 WpdUsb - ok
01:23:00.0642 3388 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
01:23:00.0642 3388 ws2ifsl - ok
01:23:00.0798 3388 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:23:00.0798 3388 WUDFRd - ok
01:23:00.0876 3388 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
01:23:02.0655 3388 \Device\Harddisk0\DR0 - ok
01:23:02.0686 3388 Boot (0x1200) (064977206f2bb5b152d4ddffd7056478) \Device\Harddisk0\DR0\Partition0
01:23:02.0686 3388 \Device\Harddisk0\DR0\Partition0 - ok
01:23:02.0764 3388 Boot (0x1200) (36444167d4d8e947e0a4fd49f2892306) \Device\Harddisk0\DR0\Partition1
01:23:02.0779 3388 \Device\Harddisk0\DR0\Partition1 - ok
01:23:02.0779 3388 ============================================================
01:23:02.0779 3388 Scan finished
01:23:02.0779 3388 ============================================================
01:23:02.0779 3380 Detected object count: 0
01:23:02.0779 3380 Actual detected object count: 0




:::::::::::::::: aswMBR log:

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-01-28 01:40:25
-----------------------------
01:40:25.733 OS Version: Windows x64 6.0.6001 Service Pack 1
01:40:25.733 Number of processors: 2 586 0x170A
01:40:25.733 ComputerName: DAVID-PC UserName: David
01:40:29.571 Initialize success
01:41:02.315 AVAST engine defs: 12012701
01:41:05.123 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:41:05.123 Disk 0 Vendor: WDC_WD3200BEVT-75ZCT2 11.01A11 Size: 305245MB BusType: 3
01:41:05.154 Disk 0 MBR read successfully
01:41:05.154 Disk 0 MBR scan
01:41:05.154 Disk 0 Windows VISTA default MBR code
01:41:05.170 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
01:41:05.232 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 80325
01:41:05.295 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290205 MB offset 30800325
01:41:05.295 Service scanning
01:41:09.398 Service Tcpip C:\Windows\System32\drivers\tcpip.sys **LOCKED** 32
01:41:09.398 Service Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys **LOCKED** 32
01:41:10.614 Modules scanning
01:41:10.614 Disk 0 trace - called modules:
01:41:10.630 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
01:41:10.646 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800661a060]
01:41:10.646 3 CLASSPNP.SYS[fffffa6000dc4b3a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80063af940]
01:41:18.680 AVAST engine scan C:\Windows
01:41:23.453 AVAST engine scan C:\Windows\system32
01:41:33.578 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
01:42:54.651 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
01:43:01.187 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
01:44:36.488 File: C:\Windows\assembly\temp\U\80000004.@ **INFECTED** Win64:ZAccess-A [Trj]
01:44:36.550 File: C:\Windows\assembly\temp\U\80000032.@ **INFECTED** Win32:DNSChanger-VJ [Trj]
01:44:38.921 AVAST engine scan C:\Windows\system32\drivers
01:44:49.763 AVAST engine scan C:\Users\David
02:15:25.415 AVAST engine scan C:\ProgramData
02:17:09.124 Scan finished successfully
12:18:25.185 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
12:18:25.185 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:06 PM

Posted 28 January 2012 - 08:58 PM

PC is infected by zero access rootkit which needs advanced tools

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 bottleneck

bottleneck
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 28 January 2012 - 10:19 PM

Oh my... I just read up on this rootkit and oh am I in trouble...

I have created a new topic in that forum.

Thank you for helping me narenxp.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:06 PM

Posted 28 January 2012 - 10:48 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users