Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spymaster Virus?


  • Please log in to reply
7 replies to this topic

#1 ras5888

ras5888

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 01 February 2012 - 04:23 PM

I believe I have a spymaster virus. I have it narrowed down to the specific location but i cant delete it. Ive tried putting my comp into safe mode to run malwarebytes but it doesnt pick up on anything. And everytime I try to go in manually to delete it I cant. Anyone have any ideas??

Edited by Budapest, 01 February 2012 - 04:41 PM.
Moved from Win7


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:30 PM

Posted 01 February 2012 - 04:37 PM

What do you mean that it doesn't pick up anything?

Is Malwarebytes updated?

#3 ras5888

ras5888
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 01 February 2012 - 08:39 PM

Yes I updated it yesterday, But everytime I scan it doesnt pick up on the virus. I know the files the virus is in but I cant figure out how to delete them. they are in my registry. I also tried rkill, but everytime it goes to scan the process gets terminated

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:30 PM

Posted 01 February 2012 - 08:41 PM

Can you type out the path to the file?

#5 ras5888

ras5888
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 01 February 2012 - 08:55 PM

REG HKLM\System\currentcontrolset\services\BTHPORT\parameters\Keys\c44619e45f60
REG HKLM\System\controlset002\services\BTHPORT\Parameter\keys\c44619e45ff60

FILE C:\windows\$ntuninstallkb14382\1548991139
FILE C:\windows\$ntuninstallkb14382\2755238935
FILE C:\windows\$ntuninstallkb14382\2755238935\Desktop.ini
FILE C:\windows\$ntuninstallkb14382\2755238935\L
FILE C:\windows\$ntuninstallkb14382\2755238935\U

This is my log from My GMER rootkit scan. these are the ones i cant get into to modify them

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:30 PM

Posted 01 February 2012 - 09:06 PM

Lets try running TDSS Killer and see what it finds. PLEASE DO NOT FIX anything if prompted to. Post the log that will be stored in the C Drive.

#7 ras5888

ras5888
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 01 February 2012 - 11:17 PM

23:10:30.0919 0940 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
23:10:31.0277 0940 ============================================================
23:10:31.0277 0940 Current date / time: 2012/02/01 23:10:31.0277
23:10:31.0277 0940 SystemInfo:
23:10:31.0277 0940
23:10:31.0277 0940 OS Version: 6.1.7600 ServicePack: 0.0
23:10:31.0277 0940 Product type: Workstation
23:10:31.0277 0940 ComputerName: MATT-PC
23:10:31.0277 0940 UserName: Matt
23:10:31.0277 0940 Windows directory: C:\Windows
23:10:31.0277 0940 System windows directory: C:\Windows
23:10:31.0277 0940 Processor architecture: Intel x86
23:10:31.0277 0940 Number of processors: 4
23:10:31.0277 0940 Page size: 0x1000
23:10:31.0277 0940 Boot type: Safe boot with network
23:10:31.0277 0940 ============================================================
23:10:31.0662 0940 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:10:31.0664 0940 \Device\Harddisk0\DR0:
23:10:31.0664 0940 MBR used
23:10:31.0664 0940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0xFDB000
23:10:31.0664 0940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFFA800, BlocksNum 0x1C1CA800
23:10:31.0711 0940 Initialize success
23:10:31.0711 0940 ============================================================
23:10:34.0827 1964 ============================================================
23:10:34.0827 1964 Scan started
23:10:34.0827 1964 Mode: Manual;
23:10:34.0827 1964 ============================================================
23:10:35.0167 1964 1394ohci (bf02f806c873abb04b197161e8e5a316) C:\Windows\system32\DRIVERS\1394ohci.sys
23:10:35.0168 1964 1394ohci - ok
23:10:35.0246 1964 Acceler (3c189400c996a4301c3f1bd93c9c1a17) C:\Windows\system32\DRIVERS\Acceler.sys
23:10:35.0247 1964 Acceler - ok
23:10:35.0308 1964 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
23:10:35.0310 1964 ACPI - ok
23:10:35.0355 1964 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
23:10:35.0355 1964 AcpiPmi - ok
23:10:35.0382 1964 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:10:35.0384 1964 adp94xx - ok
23:10:35.0467 1964 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:10:35.0468 1964 adpahci - ok
23:10:35.0500 1964 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:10:35.0501 1964 adpu320 - ok
23:10:35.0622 1964 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
23:10:35.0624 1964 AFD - ok
23:10:35.0672 1964 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
23:10:35.0673 1964 agp440 - ok
23:10:35.0745 1964 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:10:35.0746 1964 aic78xx - ok
23:10:35.0871 1964 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
23:10:35.0872 1964 aliide - ok
23:10:35.0921 1964 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
23:10:35.0921 1964 amdagp - ok
23:10:35.0983 1964 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
23:10:35.0984 1964 amdide - ok
23:10:36.0004 1964 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:10:36.0004 1964 AmdK8 - ok
23:10:36.0074 1964 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:10:36.0075 1964 AmdPPM - ok
23:10:36.0181 1964 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
23:10:36.0182 1964 amdsata - ok
23:10:36.0257 1964 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:10:36.0259 1964 amdsbs - ok
23:10:36.0303 1964 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
23:10:36.0303 1964 amdxata - ok
23:10:36.0352 1964 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
23:10:36.0352 1964 AppID - ok
23:10:36.0420 1964 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:10:36.0421 1964 arc - ok
23:10:36.0441 1964 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:10:36.0442 1964 arcsas - ok
23:10:36.0498 1964 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:10:36.0499 1964 AsyncMac - ok
23:10:36.0545 1964 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
23:10:36.0546 1964 atapi - ok
23:10:36.0672 1964 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
23:10:36.0673 1964 AVGIDSDriver - ok
23:10:36.0735 1964 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
23:10:36.0735 1964 AVGIDSEH - ok
23:10:36.0794 1964 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
23:10:36.0794 1964 AVGIDSFilter - ok
23:10:36.0862 1964 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
23:10:36.0863 1964 AVGIDSShim - ok
23:10:36.0927 1964 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
23:10:36.0928 1964 Avgldx86 - ok
23:10:36.0989 1964 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
23:10:36.0989 1964 Avgmfx86 - ok
23:10:37.0061 1964 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
23:10:37.0061 1964 Avgrkx86 - ok
23:10:37.0133 1964 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
23:10:37.0135 1964 Avgtdix - ok
23:10:37.0262 1964 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:10:37.0264 1964 b06bdrv - ok
23:10:37.0316 1964 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:10:37.0317 1964 b57nd60x - ok
23:10:37.0521 1964 BCM43XX (edf86011d8a8366c476a9356cb9523b6) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:10:37.0535 1964 BCM43XX - ok
23:10:37.0618 1964 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:10:37.0618 1964 Beep - ok
23:10:37.0684 1964 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:10:37.0685 1964 blbdrive - ok
23:10:37.0820 1964 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
23:10:37.0821 1964 bowser - ok
23:10:37.0861 1964 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:10:37.0861 1964 BrFiltLo - ok
23:10:37.0877 1964 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:10:37.0877 1964 BrFiltUp - ok
23:10:37.0934 1964 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:10:37.0935 1964 Brserid - ok
23:10:37.0982 1964 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:10:37.0982 1964 BrSerWdm - ok
23:10:38.0002 1964 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:10:38.0002 1964 BrUsbMdm - ok
23:10:38.0048 1964 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:10:38.0049 1964 BrUsbSer - ok
23:10:38.0108 1964 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
23:10:38.0109 1964 BthEnum - ok
23:10:38.0126 1964 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:10:38.0127 1964 BTHMODEM - ok
23:10:38.0183 1964 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
23:10:38.0184 1964 BthPan - ok
23:10:38.0235 1964 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\Windows\system32\Drivers\BTHport.sys
23:10:38.0238 1964 BTHPORT - ok
23:10:38.0317 1964 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\Windows\system32\Drivers\BTHUSB.sys
23:10:38.0318 1964 BTHUSB - ok
23:10:38.0370 1964 btwaudio (7e826be3b3558208d5c9b00034e51be5) C:\Windows\system32\drivers\btwaudio.sys
23:10:38.0371 1964 btwaudio - ok
23:10:38.0437 1964 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\Windows\system32\drivers\btwavdt.sys
23:10:38.0438 1964 btwavdt - ok
23:10:38.0543 1964 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
23:10:38.0544 1964 btwl2cap - ok
23:10:38.0560 1964 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\Windows\system32\DRIVERS\btwrchid.sys
23:10:38.0561 1964 btwrchid - ok
23:10:38.0621 1964 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:10:38.0622 1964 cdfs - ok
23:10:38.0695 1964 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
23:10:38.0696 1964 cdrom - ok
23:10:38.0742 1964 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:10:38.0742 1964 circlass - ok
23:10:38.0792 1964 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:10:38.0794 1964 CLFS - ok
23:10:38.0862 1964 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:10:38.0862 1964 CmBatt - ok
23:10:38.0911 1964 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
23:10:38.0912 1964 cmdide - ok
23:10:38.0937 1964 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
23:10:38.0939 1964 CNG - ok
23:10:38.0990 1964 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:10:38.0990 1964 Compbatt - ok
23:10:39.0039 1964 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:10:39.0039 1964 CompositeBus - ok
23:10:39.0064 1964 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:10:39.0064 1964 crcdisk - ok
23:10:39.0164 1964 dc3d (94010220445f181ade8e7ca9c3a98bf4) C:\Windows\system32\DRIVERS\dc3d.sys
23:10:39.0165 1964 dc3d - ok
23:10:39.0193 1964 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:10:39.0194 1964 discache - ok
23:10:39.0294 1964 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:10:39.0294 1964 Disk - ok
23:10:39.0360 1964 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
23:10:39.0362 1964 Dot4 - ok
23:10:39.0413 1964 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:10:39.0414 1964 Dot4Print - ok
23:10:39.0435 1964 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
23:10:39.0436 1964 dot4usb - ok
23:10:39.0538 1964 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:10:39.0539 1964 drmkaud - ok
23:10:39.0612 1964 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
23:10:39.0616 1964 DXGKrnl - ok
23:10:39.0655 1964 EagleXNt - ok
23:10:39.0739 1964 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:10:39.0755 1964 ebdrv - ok
23:10:39.0800 1964 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:10:39.0803 1964 elxstor - ok
23:10:39.0853 1964 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
23:10:39.0853 1964 ErrDev - ok
23:10:39.0916 1964 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:10:39.0917 1964 exfat - ok
23:10:39.0940 1964 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:10:39.0941 1964 fastfat - ok
23:10:39.0991 1964 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:10:39.0992 1964 fdc - ok
23:10:40.0050 1964 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:10:40.0050 1964 FileInfo - ok
23:10:40.0101 1964 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:10:40.0101 1964 Filetrace - ok
23:10:40.0121 1964 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:10:40.0122 1964 flpydisk - ok
23:10:40.0180 1964 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:10:40.0181 1964 FltMgr - ok
23:10:40.0227 1964 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:10:40.0227 1964 FsDepends - ok
23:10:40.0265 1964 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:10:40.0266 1964 Fs_Rec - ok
23:10:40.0312 1964 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
23:10:40.0313 1964 fvevol - ok
23:10:40.0359 1964 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:10:40.0360 1964 gagp30kx - ok
23:10:40.0429 1964 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:10:40.0430 1964 hcw85cir - ok
23:10:40.0475 1964 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:10:40.0476 1964 HDAudBus - ok
23:10:40.0541 1964 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
23:10:40.0541 1964 HECI - ok
23:10:40.0562 1964 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:10:40.0562 1964 HidBatt - ok
23:10:40.0605 1964 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:10:40.0606 1964 HidBth - ok
23:10:40.0661 1964 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:10:40.0662 1964 HidIr - ok
23:10:40.0720 1964 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
23:10:40.0721 1964 HidUsb - ok
23:10:40.0791 1964 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:10:40.0792 1964 HpSAMD - ok
23:10:40.0858 1964 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
23:10:40.0861 1964 HTTP - ok
23:10:40.0911 1964 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
23:10:40.0912 1964 hwpolicy - ok
23:10:40.0936 1964 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
23:10:40.0937 1964 i8042prt - ok
23:10:41.0004 1964 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
23:10:41.0006 1964 iaStor - ok
23:10:41.0057 1964 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
23:10:41.0059 1964 iaStorV - ok
23:10:41.0252 1964 igfx (59fa038451070172e47d0cd347f32bc4) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:10:41.0297 1964 igfx - ok
23:10:41.0351 1964 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:10:41.0352 1964 iirsp - ok
23:10:41.0412 1964 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\Windows\system32\DRIVERS\Impcd.sys
23:10:41.0413 1964 Impcd - ok
23:10:41.0499 1964 IntcDAud (bf31740828a26ab451803e3b35432651) C:\Windows\system32\DRIVERS\IntcDAud.sys
23:10:41.0501 1964 IntcDAud - ok
23:10:41.0552 1964 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
23:10:41.0553 1964 intelide - ok
23:10:41.0603 1964 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:10:41.0604 1964 intelppm - ok
23:10:41.0623 1964 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:10:41.0624 1964 IpFilterDriver - ok
23:10:41.0674 1964 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:10:41.0675 1964 IPMIDRV - ok
23:10:41.0721 1964 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:10:41.0722 1964 IPNAT - ok
23:10:41.0748 1964 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:10:41.0748 1964 IRENUM - ok
23:10:41.0800 1964 is3srv - ok
23:10:41.0853 1964 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
23:10:41.0854 1964 isapnp - ok
23:10:41.0919 1964 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
23:10:41.0920 1964 iScsiPrt - ok
23:10:41.0969 1964 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:10:41.0970 1964 kbdclass - ok
23:10:41.0981 1964 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
23:10:41.0981 1964 kbdhid - ok
23:10:42.0030 1964 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
23:10:42.0031 1964 KSecDD - ok
23:10:42.0100 1964 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
23:10:42.0101 1964 KSecPkg - ok
23:10:42.0159 1964 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:10:42.0160 1964 lltdio - ok
23:10:42.0300 1964 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
23:10:42.0301 1964 LMIInfo - ok
23:10:42.0362 1964 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
23:10:42.0362 1964 lmimirr - ok
23:10:42.0401 1964 LMIRfsClientNP - ok
23:10:42.0432 1964 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
23:10:42.0432 1964 LMIRfsDriver - ok
23:10:42.0537 1964 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:10:42.0538 1964 LSI_FC - ok
23:10:42.0561 1964 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:10:42.0562 1964 LSI_SAS - ok
23:10:42.0611 1964 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:10:42.0612 1964 LSI_SAS2 - ok
23:10:42.0662 1964 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:10:42.0663 1964 LSI_SCSI - ok
23:10:42.0720 1964 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:10:42.0721 1964 luafv - ok
23:10:42.0789 1964 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
23:10:42.0790 1964 MBAMSwissArmy - ok
23:10:42.0809 1964 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:10:42.0810 1964 megasas - ok
23:10:42.0863 1964 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:10:42.0865 1964 MegaSR - ok
23:10:42.0929 1964 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:10:42.0930 1964 Modem - ok
23:10:42.0981 1964 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:10:42.0982 1964 monitor - ok
23:10:43.0038 1964 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:10:43.0039 1964 mouclass - ok
23:10:43.0056 1964 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:10:43.0057 1964 mouhid - ok
23:10:43.0101 1964 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
23:10:43.0102 1964 mountmgr - ok
23:10:43.0128 1964 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
23:10:43.0129 1964 mpio - ok
23:10:43.0174 1964 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:10:43.0175 1964 mpsdrv - ok
23:10:43.0228 1964 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
23:10:43.0229 1964 MRxDAV - ok
23:10:43.0287 1964 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:10:43.0288 1964 mrxsmb - ok
23:10:43.0353 1964 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:10:43.0354 1964 mrxsmb10 - ok
23:10:43.0403 1964 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:10:43.0404 1964 mrxsmb20 - ok
23:10:43.0431 1964 msahci (cb5d37e91135b0f15cee64d1f1ba5de5) C:\Windows\system32\DRIVERS\msahci.sys
23:10:43.0432 1964 msahci - ok
23:10:43.0493 1964 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
23:10:43.0494 1964 msdsm - ok
23:10:43.0554 1964 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:10:43.0555 1964 Msfs - ok
23:10:43.0599 1964 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:10:43.0600 1964 mshidkmdf - ok
23:10:43.0660 1964 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
23:10:43.0661 1964 msisadrv - ok
23:10:43.0721 1964 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:10:43.0722 1964 MSKSSRV - ok
23:10:43.0740 1964 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:10:43.0741 1964 MSPCLOCK - ok
23:10:43.0784 1964 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:10:43.0784 1964 MSPQM - ok
23:10:43.0804 1964 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:10:43.0805 1964 MsRPC - ok
23:10:43.0846 1964 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
23:10:43.0846 1964 mssmbios - ok
23:10:43.0905 1964 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:10:43.0905 1964 MSTEE - ok
23:10:43.0916 1964 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:10:43.0916 1964 MTConfig - ok
23:10:43.0934 1964 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:10:43.0935 1964 Mup - ok
23:10:44.0040 1964 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:10:44.0042 1964 NativeWifiP - ok
23:10:44.0102 1964 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
23:10:44.0106 1964 NDIS - ok
23:10:44.0155 1964 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:10:44.0155 1964 NdisCap - ok
23:10:44.0172 1964 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:10:44.0172 1964 NdisTapi - ok
23:10:44.0220 1964 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
23:10:44.0220 1964 Ndisuio - ok
23:10:44.0239 1964 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
23:10:44.0240 1964 NdisWan - ok
23:10:44.0282 1964 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
23:10:44.0283 1964 NDProxy - ok
23:10:44.0348 1964 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:10:44.0349 1964 NetBIOS - ok
23:10:44.0370 1964 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
23:10:44.0372 1964 NetBT - ok
23:10:44.0471 1964 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:10:44.0472 1964 nfrd960 - ok
23:10:44.0496 1964 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:10:44.0497 1964 Npfs - ok
23:10:44.0594 1964 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:10:44.0594 1964 nsiproxy - ok
23:10:44.0678 1964 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
23:10:44.0687 1964 Ntfs - ok
23:10:44.0717 1964 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:10:44.0718 1964 Null - ok
23:10:44.0788 1964 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
23:10:44.0789 1964 nvraid - ok
23:10:44.0844 1964 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
23:10:44.0846 1964 nvstor - ok
23:10:44.0862 1964 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
23:10:44.0863 1964 nv_agp - ok
23:10:44.0925 1964 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
23:10:44.0926 1964 ohci1394 - ok
23:10:44.0987 1964 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:10:44.0987 1964 Parport - ok
23:10:45.0035 1964 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
23:10:45.0036 1964 partmgr - ok
23:10:45.0057 1964 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:10:45.0058 1964 Parvdm - ok
23:10:45.0108 1964 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
23:10:45.0109 1964 pci - ok
23:10:45.0177 1964 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
23:10:45.0178 1964 pciide - ok
23:10:45.0220 1964 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:10:45.0221 1964 pcmcia - ok
23:10:45.0241 1964 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:10:45.0242 1964 pcw - ok
23:10:45.0296 1964 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:10:45.0300 1964 PEAUTH - ok
23:10:45.0431 1964 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:10:45.0432 1964 PptpMiniport - ok
23:10:45.0481 1964 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:10:45.0482 1964 Processor - ok
23:10:45.0542 1964 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:10:45.0543 1964 Psched - ok
23:10:45.0613 1964 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:10:45.0623 1964 ql2300 - ok
23:10:45.0667 1964 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:10:45.0668 1964 ql40xx - ok
23:10:45.0718 1964 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:10:45.0718 1964 QWAVEdrv - ok
23:10:45.0736 1964 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:10:45.0737 1964 RasAcd - ok
23:10:45.0798 1964 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:10:45.0799 1964 RasAgileVpn - ok
23:10:45.0851 1964 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:10:45.0852 1964 Rasl2tp - ok
23:10:45.0909 1964 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:10:45.0910 1964 RasPppoe - ok
23:10:45.0966 1964 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:10:45.0967 1964 RasSstp - ok
23:10:45.0985 1964 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
23:10:45.0987 1964 rdbss - ok
23:10:46.0034 1964 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:10:46.0034 1964 rdpbus - ok
23:10:46.0052 1964 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:10:46.0052 1964 RDPCDD - ok
23:10:46.0098 1964 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:10:46.0099 1964 RDPENCDD - ok
23:10:46.0113 1964 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:10:46.0113 1964 RDPREFMP - ok
23:10:46.0168 1964 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
23:10:46.0169 1964 RDPWD - ok
23:10:46.0216 1964 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
23:10:46.0218 1964 rdyboost - ok
23:10:46.0275 1964 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
23:10:46.0276 1964 RFCOMM - ok
23:10:46.0350 1964 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys
23:10:46.0351 1964 RsFx0103 - ok
23:10:46.0410 1964 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:10:46.0411 1964 rspndr - ok
23:10:46.0468 1964 RSUSBSTOR (31d45eca63884ff5f7aecc50f7d1bae0) C:\Windows\system32\Drivers\RtsUStor.sys
23:10:46.0469 1964 RSUSBSTOR - ok
23:10:46.0531 1964 RTL8167 (80b66a4181f782884a815e69d0afa743) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:10:46.0533 1964 RTL8167 - ok
23:10:46.0591 1964 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
23:10:46.0592 1964 sbp2port - ok
23:10:46.0612 1964 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
23:10:46.0612 1964 scfilter - ok
23:10:46.0678 1964 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:10:46.0679 1964 secdrv - ok
23:10:46.0737 1964 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:10:46.0738 1964 Serenum - ok
23:10:46.0786 1964 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:10:46.0787 1964 Serial - ok
23:10:46.0843 1964 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:10:46.0844 1964 sermouse - ok
23:10:46.0901 1964 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
23:10:46.0901 1964 sffdisk - ok
23:10:46.0957 1964 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:10:46.0958 1964 sffp_mmc - ok
23:10:46.0973 1964 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:10:46.0973 1964 sffp_sd - ok
23:10:47.0021 1964 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:10:47.0022 1964 sfloppy - ok
23:10:47.0042 1964 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
23:10:47.0043 1964 sisagp - ok
23:10:47.0094 1964 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:10:47.0094 1964 SiSRaid2 - ok
23:10:47.0118 1964 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:10:47.0119 1964 SiSRaid4 - ok
23:10:47.0174 1964 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:10:47.0175 1964 Smb - ok
23:10:47.0237 1964 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:10:47.0238 1964 spldr - ok
23:10:47.0365 1964 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
23:10:47.0367 1964 srv - ok
23:10:47.0410 1964 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
23:10:47.0412 1964 srv2 - ok
23:10:47.0467 1964 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
23:10:47.0468 1964 srvnet - ok
23:10:47.0583 1964 stdflt (972f577308b006070de8d09573dbae53) C:\Windows\system32\DRIVERS\stdflt.sys
23:10:47.0584 1964 stdflt - ok
23:10:47.0609 1964 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:10:47.0610 1964 stexstor - ok
23:10:47.0670 1964 STHDA (06cbb271f42ef70fb6ef372c491ba9aa) C:\Windows\system32\DRIVERS\stwrt.sys
23:10:47.0673 1964 STHDA - ok
23:10:47.0736 1964 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
23:10:47.0737 1964 swenum - ok
23:10:47.0800 1964 SynTP (cf196a45fd61118c95585489fad5b2aa) C:\Windows\system32\DRIVERS\SynTP.sys
23:10:47.0801 1964 SynTP - ok
23:10:47.0891 1964 szkg5 - ok
23:10:47.0902 1964 szkgfs - ok
23:10:47.0981 1964 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
23:10:47.0988 1964 Tcpip - ok
23:10:48.0055 1964 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
23:10:48.0062 1964 TCPIP6 - ok
23:10:48.0096 1964 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
23:10:48.0096 1964 tcpipreg - ok
23:10:48.0156 1964 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
23:10:48.0157 1964 TDPIPE - ok
23:10:48.0172 1964 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
23:10:48.0173 1964 TDTCP - ok
23:10:48.0228 1964 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
23:10:48.0228 1964 tdx - ok
23:10:48.0276 1964 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
23:10:48.0276 1964 TermDD - ok
23:10:48.0359 1964 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:10:48.0360 1964 tssecsrv - ok
23:10:48.0420 1964 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
23:10:48.0421 1964 tunnel - ok
23:10:48.0470 1964 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:10:48.0471 1964 uagp35 - ok
23:10:48.0528 1964 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\Windows\system32\DRIVERS\udfs.sys
23:10:48.0530 1964 udfs - ok
23:10:48.0586 1964 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:10:48.0587 1964 uliagpkx - ok
23:10:48.0614 1964 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
23:10:48.0615 1964 umbus - ok
23:10:48.0660 1964 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:10:48.0661 1964 UmPass - ok
23:10:48.0741 1964 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\Windows\system32\DRIVERS\usbccgp.sys
23:10:48.0742 1964 usbccgp - ok
23:10:48.0794 1964 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
23:10:48.0795 1964 usbcir - ok
23:10:48.0853 1964 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\Windows\system32\drivers\usbehci.sys
23:10:48.0855 1964 usbehci - ok
23:10:48.0919 1964 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\Windows\system32\DRIVERS\usbhub.sys
23:10:48.0921 1964 usbhub - ok
23:10:48.0981 1964 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\Windows\system32\drivers\usbohci.sys
23:10:48.0981 1964 usbohci - ok
23:10:49.0043 1964 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:10:49.0044 1964 usbprint - ok
23:10:49.0111 1964 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:10:49.0111 1964 usbscan - ok
23:10:49.0175 1964 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:10:49.0175 1964 USBSTOR - ok
23:10:49.0227 1964 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\Windows\system32\drivers\usbuhci.sys
23:10:49.0228 1964 usbuhci - ok
23:10:49.0275 1964 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
23:10:49.0277 1964 usbvideo - ok
23:10:49.0295 1964 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:10:49.0296 1964 vdrvroot - ok
23:10:49.0404 1964 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:10:49.0404 1964 vga - ok
23:10:49.0422 1964 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:10:49.0423 1964 VgaSave - ok
23:10:49.0480 1964 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
23:10:49.0481 1964 vhdmp - ok
23:10:49.0542 1964 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
23:10:49.0543 1964 viaagp - ok
23:10:49.0586 1964 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:10:49.0587 1964 ViaC7 - ok
23:10:49.0611 1964 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
23:10:49.0611 1964 viaide - ok
23:10:49.0664 1964 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
23:10:49.0665 1964 volmgr - ok
23:10:49.0718 1964 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:10:49.0720 1964 volmgrx - ok
23:10:49.0740 1964 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
23:10:49.0741 1964 volsnap - ok
23:10:49.0781 1964 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:10:49.0782 1964 vsmraid - ok
23:10:49.0835 1964 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
23:10:49.0835 1964 vwifibus - ok
23:10:49.0890 1964 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
23:10:49.0891 1964 vwififlt - ok
23:10:49.0962 1964 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
23:10:49.0962 1964 vwifimp - ok
23:10:49.0990 1964 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:10:49.0991 1964 WacomPen - ok
23:10:50.0039 1964 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:10:50.0040 1964 WANARP - ok
23:10:50.0087 1964 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:10:50.0088 1964 Wanarpv6 - ok
23:10:50.0156 1964 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:10:50.0156 1964 Wd - ok
23:10:50.0185 1964 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:10:50.0188 1964 Wdf01000 - ok
23:10:50.0271 1964 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:10:50.0272 1964 WfpLwf - ok
23:10:50.0290 1964 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:10:50.0291 1964 WIMMount - ok
23:10:50.0399 1964 WinUSB (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUSB.sys
23:10:50.0400 1964 WinUSB - ok
23:10:50.0466 1964 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:10:50.0467 1964 WmiAcpi - ok
23:10:50.0529 1964 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:10:50.0529 1964 ws2ifsl - ok
23:10:50.0579 1964 WudfPf (a52494b107afc92ddca21f0b64f83376) C:\Windows\system32\drivers\WudfPf.sys
23:10:50.0580 1964 WudfPf - ok
23:10:50.0652 1964 WUDFRd (90a541c607da0025ae75f0f3673945fe) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:10:50.0653 1964 WUDFRd - ok
23:10:50.0726 1964 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:10:50.0765 1964 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
23:10:50.0765 1964 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
23:10:50.0802 1964 Boot (0x1200) (ad50b8a6afad6913eee1847efee911c8) \Device\Harddisk0\DR0\Partition0
23:10:50.0804 1964 \Device\Harddisk0\DR0\Partition0 - ok
23:10:50.0843 1964 Boot (0x1200) (845cb6a263e6d0d159257b16b1a3ba69) \Device\Harddisk0\DR0\Partition1
23:10:50.0844 1964 \Device\Harddisk0\DR0\Partition1 - ok
23:10:50.0845 1964 ============================================================
23:10:50.0845 1964 Scan finished
23:10:50.0845 1964 ============================================================
23:10:50.0887 1896 Detected object count: 1
23:10:50.0887 1896 Actual detected object count: 1
23:11:25.0100 1896 \Device\Harddisk0\DR0\# - copied to quarantine
23:11:25.0101 1896 \Device\Harddisk0\DR0 - copied to quarantine
23:11:25.0210 1896 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:11:25.0212 1896 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
23:11:25.0213 1896 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
23:11:25.0215 1896 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
23:11:25.0216 1896 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
23:11:25.0218 1896 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
23:11:25.0219 1896 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
23:11:25.0221 1896 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
23:11:25.0222 1896 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
23:11:25.0224 1896 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:11:25.0226 1896 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:11:25.0228 1896 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:11:25.0229 1896 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:11:25.0230 1896 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
23:11:25.0232 1896 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
23:11:25.0233 1896 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
23:11:25.0234 1896 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
23:11:25.0288 1896 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
23:11:25.0334 1896 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
23:11:25.0338 1896 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
23:11:25.0566 1896 \Device\Harddisk0\DR0\TDLFS\sant32 - copied to quarantine
23:11:25.0569 1896 \Device\Harddisk0\DR0\TDLFS\time.txt - copied to quarantine
23:11:25.0570 1896 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
23:11:25.0574 1896 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
23:11:25.0575 1896 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Quarantine



There is the full scan

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:30 PM

Posted 01 February 2012 - 11:28 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users