Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Isecurity infection


  • Please log in to reply
17 replies to this topic

#1 KKelvin

KKelvin

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 01 February 2012 - 07:19 PM

Hello, i was infected with isecurity. It prevented me from opening anything including firefox and spybot.
I tried safe mode and ran spybot and removed it, but when i restrt it in normal it was still there. I did taskkill and a black screen popped up then disappeared. Now the isecurity icon is gone and i can open stuff, but i want to make sure i got rid of it completely. Im running spybot again in normal mode and avg scanner. Is that enough? Do you need anything from speccy or hijackthis?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 01 February 2012 - 08:36 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Post the clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 01 February 2012 - 09:33 PM

Download all four and scan four times?

#4 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 01 February 2012 - 11:30 PM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.02.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Kelvin :: KELVIN-PC [administrator]

2/1/2012 9:31:54 PM
mbam-log-2012-02-01 (21-31-54).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 420722
Time elapsed: 1 hour(s), 50 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Internet Security (Trojan.FakeAlert) -> Data: C:\Users\Kelvin\AppData\Roaming\isecurity.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
C:\Users\Kelvin\AppData\Roaming\isecurity.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\6635.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\~!#2AEB.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\~!#57B6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\~!#6425.tmp (Spyware.Password) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\oleda0.15959445645454262.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Local\Temp\7015.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2b0073df-7ac51aed (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Kelvin\2gweorjqjutp92vjy9gake (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Kelvin\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.

(end)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 02 February 2012 - 12:09 AM

Download all tools and run a scan,post the logs

Please post the clean log for malwarebytes

Thanks

#6 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 02 February 2012 - 12:37 AM

how do i get the clean log?

#7 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 02 February 2012 - 12:39 AM

00:33:24.0553 3468 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
00:33:25.0021 3468 ============================================================
00:33:25.0021 3468 Current date / time: 2012/02/02 00:33:25.0021
00:33:25.0021 3468 SystemInfo:
00:33:25.0021 3468
00:33:25.0021 3468 OS Version: 6.0.6002 ServicePack: 2.0
00:33:25.0021 3468 Product type: Workstation
00:33:25.0021 3468 ComputerName: KELVIN-PC
00:33:25.0021 3468 UserName: Kelvin
00:33:25.0021 3468 Windows directory: C:\Windows
00:33:25.0021 3468 System windows directory: C:\Windows
00:33:25.0021 3468 Processor architecture: Intel x86
00:33:25.0021 3468 Number of processors: 2
00:33:25.0021 3468 Page size: 0x1000
00:33:25.0021 3468 Boot type: Normal boot
00:33:25.0021 3468 ============================================================
00:33:26.0176 3468 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:33:26.0176 3468 \Device\Harddisk0\DR0:
00:33:26.0176 3468 MBR used
00:33:26.0176 3468 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11294343
00:33:26.0176 3468 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x11294382, BlocksNum 0x178473F
00:33:26.0316 3468 Initialize success
00:33:26.0316 3468 ============================================================
00:34:35.0550 2336 ============================================================
00:34:35.0550 2336 Scan started
00:34:35.0550 2336 Mode: Manual; TDLFS;
00:34:35.0550 2336 ============================================================
00:34:36.0205 2336 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:34:36.0205 2336 ACPI - ok
00:34:36.0299 2336 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:34:36.0314 2336 adp94xx - ok
00:34:36.0346 2336 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:34:36.0361 2336 adpahci - ok
00:34:36.0408 2336 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:34:36.0424 2336 adpu160m - ok
00:34:36.0439 2336 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:34:36.0455 2336 adpu320 - ok
00:34:36.0548 2336 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:34:36.0564 2336 AFD - ok
00:34:36.0611 2336 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:34:36.0611 2336 agp440 - ok
00:34:36.0658 2336 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:34:36.0658 2336 aic78xx - ok
00:34:36.0689 2336 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:34:36.0704 2336 aliide - ok
00:34:36.0720 2336 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:34:36.0736 2336 amdagp - ok
00:34:36.0767 2336 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:34:36.0767 2336 amdide - ok
00:34:36.0814 2336 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:34:36.0814 2336 AmdK7 - ok
00:34:36.0829 2336 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
00:34:36.0845 2336 AmdK8 - ok
00:34:36.0907 2336 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:34:36.0907 2336 arc - ok
00:34:36.0938 2336 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:34:36.0938 2336 arcsas - ok
00:34:36.0970 2336 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:34:36.0970 2336 AsyncMac - ok
00:34:37.0016 2336 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:34:37.0016 2336 atapi - ok
00:34:37.0094 2336 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
00:34:37.0094 2336 AVGIDSDriver - ok
00:34:37.0141 2336 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
00:34:37.0141 2336 AVGIDSEH - ok
00:34:37.0172 2336 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
00:34:37.0172 2336 AVGIDSFilter - ok
00:34:37.0219 2336 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
00:34:37.0219 2336 AVGIDSShim - ok
00:34:37.0282 2336 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
00:34:37.0297 2336 Avgldx86 - ok
00:34:37.0328 2336 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
00:34:37.0328 2336 Avgmfx86 - ok
00:34:37.0360 2336 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
00:34:37.0360 2336 Avgrkx86 - ok
00:34:37.0391 2336 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
00:34:37.0406 2336 Avgtdix - ok
00:34:37.0516 2336 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
00:34:37.0516 2336 BCM43XV - ok
00:34:37.0562 2336 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:34:37.0562 2336 Beep - ok
00:34:37.0609 2336 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:34:37.0609 2336 blbdrive - ok
00:34:37.0687 2336 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:34:37.0687 2336 bowser - ok
00:34:37.0734 2336 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:34:37.0734 2336 BrFiltLo - ok
00:34:37.0750 2336 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:34:37.0750 2336 BrFiltUp - ok
00:34:37.0812 2336 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:34:37.0812 2336 Brserid - ok
00:34:37.0859 2336 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:34:37.0874 2336 BrSerWdm - ok
00:34:37.0906 2336 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:34:37.0906 2336 BrUsbMdm - ok
00:34:37.0937 2336 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:34:37.0937 2336 BrUsbSer - ok
00:34:37.0968 2336 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:34:37.0984 2336 BTHMODEM - ok
00:34:38.0015 2336 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:34:38.0030 2336 cdfs - ok
00:34:38.0077 2336 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:34:38.0077 2336 cdrom - ok
00:34:38.0124 2336 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
00:34:38.0140 2336 circlass - ok
00:34:38.0171 2336 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:34:38.0186 2336 CLFS - ok
00:34:38.0233 2336 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:34:38.0249 2336 CmBatt - ok
00:34:38.0280 2336 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:34:38.0280 2336 cmdide - ok
00:34:38.0342 2336 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:34:38.0342 2336 Compbatt - ok
00:34:38.0374 2336 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:34:38.0374 2336 crcdisk - ok
00:34:38.0405 2336 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:34:38.0405 2336 Crusoe - ok
00:34:38.0498 2336 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:34:38.0514 2336 DfsC - ok
00:34:38.0576 2336 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:34:38.0576 2336 disk - ok
00:34:38.0654 2336 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:34:38.0654 2336 drmkaud - ok
00:34:38.0717 2336 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:34:38.0748 2336 DXGKrnl - ok
00:34:38.0795 2336 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:34:38.0795 2336 E1G60 - ok
00:34:38.0888 2336 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:34:38.0888 2336 Ecache - ok
00:34:38.0982 2336 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:34:38.0998 2336 elxstor - ok
00:34:39.0044 2336 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:34:39.0044 2336 ErrDev - ok
00:34:39.0122 2336 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:34:39.0122 2336 exfat - ok
00:34:39.0185 2336 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:34:39.0200 2336 fastfat - ok
00:34:39.0232 2336 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:34:39.0232 2336 fdc - ok
00:34:39.0278 2336 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:34:39.0278 2336 FileInfo - ok
00:34:39.0325 2336 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:34:39.0325 2336 Filetrace - ok
00:34:39.0356 2336 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:34:39.0356 2336 flpydisk - ok
00:34:39.0419 2336 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:34:39.0434 2336 FltMgr - ok
00:34:39.0466 2336 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
00:34:39.0466 2336 Fs_Rec - ok
00:34:39.0497 2336 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:34:39.0497 2336 gagp30kx - ok
00:34:39.0575 2336 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:34:39.0590 2336 GEARAspiWDM - ok
00:34:39.0700 2336 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:34:39.0700 2336 HdAudAddService - ok
00:34:39.0856 2336 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:34:39.0856 2336 HDAudBus - ok
00:34:39.0887 2336 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:34:39.0887 2336 HidBth - ok
00:34:39.0918 2336 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:34:39.0918 2336 HidIr - ok
00:34:39.0980 2336 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:34:39.0980 2336 HidUsb - ok
00:34:40.0027 2336 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:34:40.0027 2336 HpCISSs - ok
00:34:40.0074 2336 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:34:40.0074 2336 HpqKbFiltr - ok
00:34:40.0090 2336 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
00:34:40.0090 2336 HpqRemHid - ok
00:34:40.0168 2336 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:34:40.0168 2336 HSFHWAZL - ok
00:34:40.0246 2336 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
00:34:40.0277 2336 HSF_DPV - ok
00:34:40.0355 2336 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:34:40.0370 2336 HTTP - ok
00:34:40.0417 2336 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:34:40.0417 2336 i2omp - ok
00:34:40.0495 2336 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:34:40.0495 2336 i8042prt - ok
00:34:40.0542 2336 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
00:34:40.0558 2336 iaStor - ok
00:34:40.0589 2336 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:34:40.0589 2336 iaStorV - ok
00:34:40.0651 2336 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:34:40.0651 2336 iirsp - ok
00:34:40.0745 2336 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
00:34:40.0807 2336 IntcAzAudAddService - ok
00:34:40.0838 2336 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:34:40.0838 2336 intelide - ok
00:34:40.0870 2336 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:34:40.0870 2336 intelppm - ok
00:34:40.0901 2336 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:34:40.0901 2336 IpFilterDriver - ok
00:34:40.0916 2336 IpInIp - ok
00:34:40.0963 2336 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:34:40.0979 2336 IPMIDRV - ok
00:34:41.0010 2336 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:34:41.0010 2336 IPNAT - ok
00:34:41.0057 2336 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:34:41.0057 2336 IRENUM - ok
00:34:41.0088 2336 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:34:41.0088 2336 isapnp - ok
00:34:41.0182 2336 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:34:41.0182 2336 iScsiPrt - ok
00:34:41.0197 2336 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:34:41.0213 2336 iteatapi - ok
00:34:41.0244 2336 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:34:41.0244 2336 iteraid - ok
00:34:41.0291 2336 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:34:41.0291 2336 kbdclass - ok
00:34:41.0353 2336 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:34:41.0353 2336 kbdhid - ok
00:34:41.0416 2336 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
00:34:41.0431 2336 KSecDD - ok
00:34:41.0462 2336 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:34:41.0462 2336 lltdio - ok
00:34:41.0525 2336 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:34:41.0525 2336 LSI_FC - ok
00:34:41.0572 2336 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:34:41.0572 2336 LSI_SAS - ok
00:34:41.0587 2336 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:34:41.0603 2336 LSI_SCSI - ok
00:34:41.0634 2336 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:34:41.0634 2336 luafv - ok
00:34:41.0681 2336 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:34:41.0681 2336 megasas - ok
00:34:41.0821 2336 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:34:41.0852 2336 MegaSR - ok
00:34:41.0884 2336 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:34:41.0884 2336 Modem - ok
00:34:41.0915 2336 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:34:41.0930 2336 monitor - ok
00:34:41.0946 2336 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:34:41.0946 2336 mouclass - ok
00:34:41.0993 2336 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:34:41.0993 2336 mouhid - ok
00:34:42.0008 2336 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:34:42.0008 2336 MountMgr - ok
00:34:42.0055 2336 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:34:42.0071 2336 mpio - ok
00:34:42.0086 2336 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:34:42.0086 2336 mpsdrv - ok
00:34:42.0133 2336 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:34:42.0133 2336 Mraid35x - ok
00:34:42.0196 2336 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:34:42.0196 2336 MRxDAV - ok
00:34:42.0258 2336 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:34:42.0258 2336 mrxsmb - ok
00:34:42.0305 2336 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:34:42.0305 2336 mrxsmb10 - ok
00:34:42.0336 2336 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:34:42.0336 2336 mrxsmb20 - ok
00:34:42.0367 2336 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:34:42.0367 2336 msahci - ok
00:34:42.0414 2336 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:34:42.0430 2336 msdsm - ok
00:34:42.0476 2336 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:34:42.0476 2336 Msfs - ok
00:34:42.0523 2336 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:34:42.0523 2336 msisadrv - ok
00:34:42.0570 2336 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:34:42.0570 2336 MSKSSRV - ok
00:34:42.0586 2336 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:34:42.0601 2336 MSPCLOCK - ok
00:34:42.0632 2336 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:34:42.0632 2336 MSPQM - ok
00:34:42.0695 2336 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:34:42.0710 2336 MsRPC - ok
00:34:42.0742 2336 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:34:42.0742 2336 mssmbios - ok
00:34:42.0788 2336 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:34:42.0788 2336 MSTEE - ok
00:34:42.0820 2336 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:34:42.0820 2336 Mup - ok
00:34:42.0882 2336 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:34:42.0882 2336 NativeWifiP - ok
00:34:42.0960 2336 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:34:42.0991 2336 NDIS - ok
00:34:43.0038 2336 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:34:43.0038 2336 NdisTapi - ok
00:34:43.0085 2336 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:34:43.0100 2336 Ndisuio - ok
00:34:43.0163 2336 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:34:43.0163 2336 NdisWan - ok
00:34:43.0178 2336 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:34:43.0194 2336 NDProxy - ok
00:34:43.0256 2336 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:34:43.0256 2336 NetBIOS - ok
00:34:43.0272 2336 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:34:43.0288 2336 netbt - ok
00:34:43.0428 2336 NETw4v32 (38d720e0c8b0ecb9a019980265679798) C:\Windows\system32\DRIVERS\NETw4v32.sys
00:34:43.0522 2336 NETw4v32 - ok
00:34:43.0553 2336 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:34:43.0553 2336 nfrd960 - ok
00:34:43.0600 2336 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:34:43.0600 2336 Npfs - ok
00:34:43.0615 2336 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:34:43.0631 2336 nsiproxy - ok
00:34:43.0709 2336 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:34:43.0740 2336 Ntfs - ok
00:34:43.0771 2336 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:34:43.0787 2336 ntrigdigi - ok
00:34:43.0818 2336 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:34:43.0818 2336 Null - ok
00:34:43.0896 2336 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
00:34:43.0896 2336 NVENETFD - ok
00:34:44.0286 2336 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:34:44.0536 2336 nvlddmkm - ok
00:34:44.0645 2336 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:34:44.0645 2336 nvraid - ok
00:34:44.0676 2336 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:34:44.0676 2336 nvstor - ok
00:34:44.0785 2336 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:34:44.0816 2336 nv_agp - ok
00:34:44.0816 2336 NwlnkFlt - ok
00:34:44.0832 2336 NwlnkFwd - ok
00:34:44.0894 2336 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
00:34:44.0894 2336 ohci1394 - ok
00:34:44.0926 2336 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:34:44.0926 2336 Parport - ok
00:34:44.0988 2336 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:34:44.0988 2336 partmgr - ok
00:34:45.0004 2336 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:34:45.0004 2336 Parvdm - ok
00:34:45.0066 2336 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:34:45.0066 2336 pci - ok
00:34:45.0097 2336 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
00:34:45.0097 2336 pciide - ok
00:34:45.0175 2336 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:34:45.0191 2336 pcmcia - ok
00:34:45.0238 2336 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:34:45.0284 2336 PEAUTH - ok
00:34:45.0331 2336 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:34:45.0347 2336 PptpMiniport - ok
00:34:45.0362 2336 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
00:34:45.0362 2336 Processor - ok
00:34:45.0425 2336 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:34:45.0440 2336 PSched - ok
00:34:45.0534 2336 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:34:45.0581 2336 ql2300 - ok
00:34:45.0612 2336 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:34:45.0628 2336 ql40xx - ok
00:34:45.0674 2336 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:34:45.0674 2336 QWAVEdrv - ok
00:34:45.0690 2336 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:34:45.0706 2336 RasAcd - ok
00:34:45.0721 2336 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:34:45.0721 2336 Rasl2tp - ok
00:34:45.0784 2336 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:34:45.0784 2336 RasPppoe - ok
00:34:45.0815 2336 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:34:45.0830 2336 RasSstp - ok
00:34:45.0877 2336 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:34:45.0893 2336 rdbss - ok
00:34:45.0908 2336 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:34:45.0908 2336 RDPCDD - ok
00:34:45.0955 2336 RDPDISPM (c11a6c3a5d15da7e0b0b8a536b8f11f8) C:\Windows\system32\DRIVERS\rdpdispm.sys
00:34:45.0955 2336 RDPDISPM - ok
00:34:46.0002 2336 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:34:46.0002 2336 rdpdr - ok
00:34:46.0018 2336 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:34:46.0018 2336 RDPENCDD - ok
00:34:46.0064 2336 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
00:34:46.0080 2336 RDPWD - ok
00:34:46.0142 2336 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
00:34:46.0142 2336 rimmptsk - ok
00:34:46.0158 2336 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
00:34:46.0174 2336 rimsptsk - ok
00:34:46.0205 2336 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
00:34:46.0205 2336 RimUsb - ok
00:34:46.0236 2336 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
00:34:46.0236 2336 rismxdp - ok
00:34:46.0267 2336 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:34:46.0267 2336 rspndr - ok
00:34:46.0330 2336 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
00:34:46.0330 2336 RTL8169 - ok
00:34:46.0361 2336 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:34:46.0361 2336 sbp2port - ok
00:34:46.0423 2336 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
00:34:46.0439 2336 sdbus - ok
00:34:46.0470 2336 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:34:46.0470 2336 secdrv - ok
00:34:46.0517 2336 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:34:46.0517 2336 Serenum - ok
00:34:46.0564 2336 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:34:46.0564 2336 Serial - ok
00:34:46.0595 2336 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:34:46.0595 2336 sermouse - ok
00:34:46.0626 2336 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
00:34:46.0626 2336 sffdisk - ok
00:34:46.0642 2336 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:34:46.0642 2336 sffp_mmc - ok
00:34:46.0688 2336 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:34:46.0688 2336 sffp_sd - ok
00:34:46.0704 2336 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:34:46.0704 2336 sfloppy - ok
00:34:46.0751 2336 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:34:46.0751 2336 sisagp - ok
00:34:46.0782 2336 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:34:46.0782 2336 SiSRaid2 - ok
00:34:46.0813 2336 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:34:46.0813 2336 SiSRaid4 - ok
00:34:46.0891 2336 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:34:46.0907 2336 Smb - ok
00:34:47.0141 2336 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
00:34:47.0172 2336 smserial - ok
00:34:47.0297 2336 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:34:47.0297 2336 spldr - ok
00:34:47.0406 2336 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:34:47.0468 2336 srv - ok
00:34:47.0531 2336 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:34:47.0546 2336 srv2 - ok
00:34:47.0578 2336 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:34:47.0593 2336 srvnet - ok
00:34:47.0687 2336 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:34:47.0687 2336 swenum - ok
00:34:47.0812 2336 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:34:47.0827 2336 Symc8xx - ok
00:34:47.0874 2336 SymIMMP - ok
00:34:47.0921 2336 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:34:47.0937 2336 Sym_hi - ok
00:34:47.0948 2336 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:34:47.0951 2336 Sym_u3 - ok
00:34:47.0987 2336 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
00:34:47.0993 2336 SynTP - ok
00:34:48.0155 2336 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:34:48.0179 2336 Tcpip - ok
00:34:48.0348 2336 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:34:48.0358 2336 Tcpip6 - ok
00:34:48.0416 2336 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:34:48.0464 2336 tcpipreg - ok
00:34:48.0479 2336 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:34:48.0479 2336 TDPIPE - ok
00:34:48.0510 2336 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:34:48.0510 2336 TDTCP - ok
00:34:48.0557 2336 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:34:48.0573 2336 tdx - ok
00:34:48.0604 2336 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:34:48.0604 2336 TermDD - ok
00:34:48.0682 2336 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:34:48.0682 2336 tssecsrv - ok
00:34:48.0744 2336 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:34:48.0744 2336 tunmp - ok
00:34:48.0791 2336 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:34:48.0791 2336 tunnel - ok
00:34:48.0822 2336 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:34:48.0822 2336 uagp35 - ok
00:34:48.0916 2336 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:34:48.0947 2336 udfs - ok
00:34:48.0978 2336 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:34:48.0994 2336 uliagpkx - ok
00:34:49.0010 2336 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:34:49.0025 2336 uliahci - ok
00:34:49.0056 2336 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:34:49.0072 2336 UlSata - ok
00:34:49.0119 2336 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:34:49.0134 2336 ulsata2 - ok
00:34:49.0166 2336 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:34:49.0166 2336 umbus - ok
00:34:49.0212 2336 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
00:34:49.0212 2336 USBAAPL - ok
00:34:49.0259 2336 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:34:49.0259 2336 usbccgp - ok
00:34:49.0290 2336 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:34:49.0306 2336 usbcir - ok
00:34:49.0368 2336 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:34:49.0368 2336 usbehci - ok
00:34:49.0400 2336 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:34:49.0415 2336 usbhub - ok
00:34:49.0462 2336 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
00:34:49.0493 2336 usbohci - ok
00:34:49.0602 2336 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:34:49.0602 2336 usbprint - ok
00:34:49.0696 2336 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:34:49.0727 2336 USBSTOR - ok
00:34:49.0758 2336 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:34:49.0758 2336 usbuhci - ok
00:34:49.0805 2336 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
00:34:49.0821 2336 usbvideo - ok
00:34:49.0868 2336 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:34:49.0868 2336 vga - ok
00:34:49.0914 2336 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:34:49.0946 2336 VgaSave - ok
00:34:49.0977 2336 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:34:49.0977 2336 viaagp - ok
00:34:50.0024 2336 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:34:50.0024 2336 ViaC7 - ok
00:34:50.0039 2336 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:34:50.0039 2336 viaide - ok
00:34:50.0070 2336 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:34:50.0070 2336 volmgr - ok
00:34:50.0117 2336 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:34:50.0117 2336 volmgrx - ok
00:34:50.0195 2336 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:34:50.0195 2336 volsnap - ok
00:34:50.0304 2336 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:34:50.0304 2336 vsmraid - ok
00:34:50.0601 2336 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:34:50.0601 2336 WacomPen - ok
00:34:50.0632 2336 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:50.0632 2336 Wanarp - ok
00:34:50.0648 2336 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:50.0648 2336 Wanarpv6 - ok
00:34:50.0679 2336 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:34:50.0679 2336 Wd - ok
00:34:50.0726 2336 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
00:34:50.0741 2336 Wdf01000 - ok
00:34:50.0819 2336 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
00:34:50.0835 2336 winachsf - ok
00:34:50.0897 2336 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:34:50.0897 2336 WmiAcpi - ok
00:34:50.0975 2336 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:34:50.0975 2336 WpdUsb - ok
00:34:51.0006 2336 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:34:51.0006 2336 ws2ifsl - ok
00:34:51.0069 2336 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:34:51.0069 2336 WUDFRd - ok
00:34:51.0131 2336 ygydc (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\dvvrr.sys
00:34:51.0396 2336 ygydc - ok
00:34:51.0474 2336 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
00:34:51.0599 2336 \Device\Harddisk0\DR0 - ok
00:34:51.0599 2336 Boot (0x1200) (128e3fab977ab2a451c78b4bb440f825) \Device\Harddisk0\DR0\Partition0
00:34:51.0599 2336 \Device\Harddisk0\DR0\Partition0 - ok
00:34:51.0599 2336 Boot (0x1200) (babd67f66d13c465121264a959c92dd6) \Device\Harddisk0\DR0\Partition1
00:34:51.0599 2336 \Device\Harddisk0\DR0\Partition1 - ok
00:34:51.0599 2336 ============================================================
00:34:51.0599 2336 Scan finished
00:34:51.0599 2336 ============================================================
00:34:51.0599 1496 Detected object count: 0
00:34:51.0599 1496 Actual detected object count: 0

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 02 February 2012 - 12:44 AM

I want you to run malwarebytes once again to make sure that it comes out clean

Post GMER and aswmbr log too

Good luck

#9 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 03 February 2012 - 12:28 AM

i will, but it will take some time. It's definitely still there tho, i had to taskkill it again inorder to get internet access.

#10 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 03 February 2012 - 01:20 AM

so here is the aswmbr log

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-03 00:47:55
-----------------------------
00:47:55.308 OS Version: Windows 6.0.6002 Service Pack 2
00:47:55.308 Number of processors: 2 586 0xF0D
00:47:55.308 ComputerName: KELVIN-PC UserName: Kelvin
00:47:55.807 Initialize success
00:48:05.323 AVAST engine defs: 12020202
00:48:08.381 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
00:48:08.381 Disk 0 Vendor: WDC_WD16 12.0 Size: 152627MB BusType: 3
00:48:08.381 Disk 0 MBR read successfully
00:48:08.381 Disk 0 MBR scan
00:48:08.397 Disk 0 unknown MBR code
00:48:08.397 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 140584 MB offset 63
00:48:08.428 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12040 MB offset 287916930
00:48:08.459 Disk 0 scanning sectors +312576705
00:48:08.521 Disk 0 scanning C:\Windows\system32\drivers
00:48:20.222 Service scanning
00:48:23.622 Modules scanning
00:48:26.212 Disk 0 trace - called modules:
00:48:26.243 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
00:48:26.243 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ceb780]
00:48:26.259 3 CLASSPNP.SYS[887a98b3] -> nt!IofCallDriver -> [0x8520ecb8]
00:48:26.290 5 acpi.sys[806916bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8520d028]
00:48:27.257 AVAST engine scan C:\Windows
00:48:29.784 AVAST engine scan C:\Windows\system32
00:51:46.736 AVAST engine scan C:\Windows\system32\drivers
00:52:02.367 AVAST engine scan C:\Users\Kelvin
00:59:44.270 AVAST engine scan C:\ProgramData
01:01:43.861 File: C:\ProgramData\Microsoft\Windows\DRM\31CB.tmp **INFECTED** Win32:Malware-gen
01:03:39.723 Disk 0 MBR has been saved successfully to "C:\Users\Kelvin\Desktop\MBR.dat"
01:03:39.723 The log file has been saved successfully to "C:\Users\Kelvin\Desktop\aswMBR.txt"


should i have clicked fixmbr?

#11 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 03 February 2012 - 01:22 AM

i keep getting this blue screen and restarts my comp when i use gmer. And when i try gmer in safe more it says some message about gmer not being able to work correctly and restrts.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 03 February 2012 - 04:18 AM

I want you to post the malwarebytes clean log,remove isecurity icons (if present) manually

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot if it warns about infection let me know

#13 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 03 February 2012 - 06:43 AM

ok

Edited by KKelvin, 03 February 2012 - 06:49 AM.


#14 KKelvin

KKelvin
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 03 February 2012 - 11:09 PM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.02.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Kelvin :: KELVIN-PC [administrator]

2/3/2012 6:50:11 AM
mbam-log-2012-02-03 (06-50-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 421060
Time elapsed: 1 hour(s), 35 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 04 February 2012 - 07:51 AM

ESET online scanner and fixtdss?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users