Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Executables Issue? Please Help


  • Please log in to reply
17 replies to this topic

#1 Jokerz Wild

Jokerz Wild

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 04 February 2012 - 09:59 AM

I was downloading a program and I believe I got Hijacked. All of my Internet Files and Executable files will not open. They get a security scan and then nothing happens. Please Help.

Thanks

Edited by Orange Blossom, 05 February 2012 - 12:56 AM.
Moved to AII for initial assistance. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 09 February 2012 - 04:56 PM

Please download exeHelper to your desktop.

http://www.raktor.net/exeHelper/exeHelper.com

Double-click on exeHelper.com to run the fix.

A black window should pop up, press any key to close once the fix is completed.

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Post the clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report

#3 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 09 February 2012 - 07:42 PM

First off. Thanks for helping me. Here is what I have done so far. I am also following your steps. I ran exehelper. It ran, however I am still unable to run .exe files. The only way for me to run Malware bytes is thru the Chameleon way. I tried to download Tdsskiller.exe, however it will not run. I was able to run Superantispyware and It found some files, however everytime i try to clean them they keep coming back. I have to run the installer version of SAS so it will scan immediately. I am unable to enter regedit.exe. I am running Malware scan now and will have the log when its done. Thanks again

#4 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 09 February 2012 - 08:48 PM

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.09.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Laptop :: LAPTOP-PC [administrator]

Protection: Enabled

2/9/2012 6:34:56 PM
mbam-log-2012-02-09 (18-34-56).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 355694
Time elapsed: 1 hour(s), 12 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 09 February 2012 - 11:35 PM

what happens when you launch EXE files?

Can you launch them in safemode?

If you can launch EXE files

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#6 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 10 February 2012 - 10:26 AM

When I try to execute programs another window opens up. It shows the view downloads screen with run and save options. When you click run it appears Windows begins running the program, however it is immediately halted because of this program. Neither of the other links you gave me will run after downloading them.

#7 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 10 February 2012 - 11:51 AM

I have tried to run Safe Mode and install and the same thing happens. Runs Security scan and quickly opens and closed a window after you say run

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 11 February 2012 - 12:16 AM

I want you to DISABLE your antivirus and try downloading them

If that doesnt work,copy the Tools from a clean PC to a infected PC and run it.

Good luck

#9 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 February 2012 - 11:22 AM

I have all the programs located on the desktop. Everytime I try to run the program it doesnt run

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 11 February 2012 - 11:26 AM

EDIT..

Edited by narenxp, 11 February 2012 - 05:55 PM.


#11 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 February 2012 - 03:24 PM

Ok. Here is what I did. I created a new user as Test with Admin authorization and all of my programs are working. I am sure the crap is still in the computer which is affecting my primary account for windows. Since this new information please direct me on how to resolve this. I am able to run any program perfectly fine with another user on this computer.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 11 February 2012 - 05:56 PM

Ok,can you run the following tools

TDSSkiller,aswmbr and ESET online scanner as instructed before and post the logs

#13 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 February 2012 - 07:40 PM

18:38:15.0607 2816 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
18:38:15.0925 2816 ============================================================
18:38:15.0925 2816 Current date / time: 2012/02/11 18:38:15.0925
18:38:15.0925 2816 SystemInfo:
18:38:15.0925 2816
18:38:15.0925 2816 OS Version: 6.1.7601 ServicePack: 1.0
18:38:15.0925 2816 Product type: Workstation
18:38:15.0926 2816 ComputerName: LAPTOP-PC
18:38:15.0926 2816 UserName: test
18:38:15.0926 2816 Windows directory: C:\windows
18:38:15.0926 2816 System windows directory: C:\windows
18:38:15.0926 2816 Running under WOW64
18:38:15.0926 2816 Processor architecture: Intel x64
18:38:15.0926 2816 Number of processors: 2
18:38:15.0926 2816 Page size: 0x1000
18:38:15.0926 2816 Boot type: Normal boot
18:38:15.0926 2816 ============================================================
18:38:17.0781 2816 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:17.0811 2816 Drive \Device\Harddisk1\DR1 - Size: 0xE8C4BA0000 (931.07 Gb), SectorSize: 0x200, Cylinders: 0x1DAC7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:38:17.0816 2816 \Device\Harddisk0\DR0:
18:38:17.0816 2816 MBR used
18:38:17.0816 2816 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F0F800
18:38:17.0817 2816 \Device\Harddisk1\DR1:
18:38:17.0818 2816 MBR used
18:38:17.0818 2816 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x746221C8
18:38:17.0859 2816 Initialize success
18:38:17.0859 2816 ============================================================
18:38:38.0222 5384 ============================================================
18:38:38.0223 5384 Scan started
18:38:38.0223 5384 Mode: Manual;
18:38:38.0223 5384 ============================================================
18:38:39.0094 5384 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
18:38:39.0100 5384 1394ohci - ok
18:38:39.0216 5384 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
18:38:39.0223 5384 ACPI - ok
18:38:39.0361 5384 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
18:38:39.0363 5384 AcpiPmi - ok
18:38:39.0499 5384 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
18:38:39.0509 5384 adp94xx - ok
18:38:39.0616 5384 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
18:38:39.0624 5384 adpahci - ok
18:38:39.0743 5384 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
18:38:39.0748 5384 adpu320 - ok
18:38:39.0902 5384 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
18:38:39.0913 5384 AFD - ok
18:38:40.0055 5384 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
18:38:40.0073 5384 AgereSoftModem - ok
18:38:40.0184 5384 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
18:38:40.0187 5384 agp440 - ok
18:38:40.0329 5384 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
18:38:40.0331 5384 aliide - ok
18:38:40.0444 5384 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
18:38:40.0446 5384 amdide - ok
18:38:40.0549 5384 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
18:38:40.0552 5384 AmdK8 - ok
18:38:40.0646 5384 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
18:38:40.0648 5384 AmdPPM - ok
18:38:40.0764 5384 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
18:38:40.0768 5384 amdsata - ok
18:38:40.0893 5384 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
18:38:40.0898 5384 amdsbs - ok
18:38:41.0008 5384 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
18:38:41.0010 5384 amdxata - ok
18:38:41.0133 5384 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
18:38:41.0135 5384 AppID - ok
18:38:41.0253 5384 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
18:38:41.0257 5384 arc - ok
18:38:41.0378 5384 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
18:38:41.0381 5384 arcsas - ok
18:38:41.0490 5384 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
18:38:41.0492 5384 AsyncMac - ok
18:38:41.0591 5384 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
18:38:41.0592 5384 atapi - ok
18:38:41.0911 5384 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
18:38:42.0052 5384 atikmdag - ok
18:38:42.0153 5384 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
18:38:42.0155 5384 AtiPcie - ok
18:38:42.0298 5384 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
18:38:42.0308 5384 b06bdrv - ok
18:38:42.0418 5384 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
18:38:42.0424 5384 b57nd60a - ok
18:38:42.0542 5384 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
18:38:42.0544 5384 Beep - ok
18:38:42.0684 5384 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
18:38:42.0686 5384 blbdrive - ok
18:38:42.0806 5384 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
18:38:42.0809 5384 bowser - ok
18:38:42.0907 5384 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
18:38:42.0909 5384 BrFiltLo - ok
18:38:42.0998 5384 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
18:38:43.0000 5384 BrFiltUp - ok
18:38:43.0111 5384 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
18:38:43.0118 5384 Brserid - ok
18:38:43.0220 5384 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
18:38:43.0222 5384 BrSerWdm - ok
18:38:43.0331 5384 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
18:38:43.0333 5384 BrUsbMdm - ok
18:38:43.0433 5384 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
18:38:43.0435 5384 BrUsbSer - ok
18:38:43.0548 5384 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
18:38:43.0551 5384 BTHMODEM - ok
18:38:43.0680 5384 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
18:38:43.0683 5384 cdfs - ok
18:38:43.0824 5384 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
18:38:43.0829 5384 cdrom - ok
18:38:43.0967 5384 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
18:38:43.0970 5384 circlass - ok
18:38:44.0059 5384 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
18:38:44.0068 5384 CLFS - ok
18:38:44.0196 5384 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
18:38:44.0198 5384 CmBatt - ok
18:38:44.0288 5384 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
18:38:44.0290 5384 cmdide - ok
18:38:44.0347 5384 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
18:38:44.0357 5384 CNG - ok
18:38:44.0474 5384 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
18:38:44.0476 5384 Compbatt - ok
18:38:44.0620 5384 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
18:38:44.0622 5384 CompositeBus - ok
18:38:44.0732 5384 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
18:38:44.0733 5384 crcdisk - ok
18:38:44.0879 5384 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
18:38:44.0883 5384 DfsC - ok
18:38:44.0990 5384 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
18:38:44.0992 5384 discache - ok
18:38:45.0109 5384 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
18:38:45.0111 5384 Disk - ok
18:38:45.0222 5384 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
18:38:45.0227 5384 Dot4 - ok
18:38:45.0375 5384 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
18:38:45.0377 5384 Dot4Print - ok
18:38:45.0408 5384 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
18:38:45.0410 5384 dot4usb - ok
18:38:45.0520 5384 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
18:38:45.0521 5384 drmkaud - ok
18:38:45.0642 5384 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
18:38:45.0653 5384 DXGKrnl - ok
18:38:45.0736 5384 easytether - ok
18:38:45.0937 5384 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
18:38:46.0032 5384 ebdrv - ok
18:38:46.0167 5384 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
18:38:46.0179 5384 elxstor - ok
18:38:46.0287 5384 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
18:38:46.0289 5384 ErrDev - ok
18:38:46.0355 5384 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
18:38:46.0358 5384 exfat - ok
18:38:46.0461 5384 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
18:38:46.0464 5384 fastfat - ok
18:38:46.0582 5384 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
18:38:46.0583 5384 fdc - ok
18:38:46.0701 5384 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
18:38:46.0702 5384 FileInfo - ok
18:38:46.0814 5384 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
18:38:46.0815 5384 Filetrace - ok
18:38:46.0907 5384 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
18:38:46.0908 5384 flpydisk - ok
18:38:47.0011 5384 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
18:38:47.0014 5384 FltMgr - ok
18:38:47.0112 5384 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
18:38:47.0114 5384 FsDepends - ok
18:38:47.0245 5384 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
18:38:47.0247 5384 Fs_Rec - ok
18:38:47.0371 5384 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
18:38:47.0377 5384 fvevol - ok
18:38:47.0484 5384 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
18:38:47.0485 5384 gagp30kx - ok
18:38:47.0617 5384 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
18:38:47.0619 5384 hcw85cir - ok
18:38:47.0749 5384 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
18:38:47.0758 5384 HdAudAddService - ok
18:38:47.0882 5384 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
18:38:47.0886 5384 HDAudBus - ok
18:38:47.0975 5384 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
18:38:47.0977 5384 HidBatt - ok
18:38:48.0079 5384 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
18:38:48.0082 5384 HidBth - ok
18:38:48.0203 5384 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
18:38:48.0204 5384 HidIr - ok
18:38:48.0324 5384 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
18:38:48.0325 5384 HidUsb - ok
18:38:48.0498 5384 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
18:38:48.0499 5384 HpSAMD - ok
18:38:48.0661 5384 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
18:38:48.0669 5384 HTTP - ok
18:38:48.0767 5384 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
18:38:48.0768 5384 hwpolicy - ok
18:38:48.0873 5384 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
18:38:48.0876 5384 i8042prt - ok
18:38:48.0989 5384 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
18:38:48.0998 5384 iaStorV - ok
18:38:49.0128 5384 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
18:38:49.0129 5384 iirsp - ok
18:38:49.0267 5384 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
18:38:49.0288 5384 IntcAzAudAddService - ok
18:38:49.0385 5384 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
18:38:49.0387 5384 intelide - ok
18:38:49.0517 5384 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
18:38:49.0533 5384 intelppm - ok
18:38:49.0822 5384 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
18:38:49.0878 5384 IpFilterDriver - ok
18:38:49.0931 5384 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
18:38:49.0934 5384 IPMIDRV - ok
18:38:50.0047 5384 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
18:38:50.0051 5384 IPNAT - ok
18:38:50.0162 5384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
18:38:50.0164 5384 IRENUM - ok
18:38:50.0271 5384 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
18:38:50.0273 5384 isapnp - ok
18:38:50.0389 5384 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
18:38:50.0396 5384 iScsiPrt - ok
18:38:50.0444 5384 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
18:38:50.0445 5384 kbdclass - ok
18:38:50.0570 5384 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
18:38:50.0572 5384 kbdhid - ok
18:38:50.0689 5384 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
18:38:50.0693 5384 KSecDD - ok
18:38:50.0795 5384 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
18:38:50.0797 5384 KSecPkg - ok
18:38:50.0877 5384 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
18:38:50.0879 5384 ksthunk - ok
18:38:51.0020 5384 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
18:38:51.0023 5384 lltdio - ok
18:38:51.0183 5384 LPCFilter (16679269303613c4ce7c8ff03413410f) C:\windows\system32\DRIVERS\LPCFilter.sys
18:38:51.0185 5384 LPCFilter - ok
18:38:51.0283 5384 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
18:38:51.0287 5384 LSI_FC - ok
18:38:51.0385 5384 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
18:38:51.0387 5384 LSI_SAS - ok
18:38:51.0476 5384 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
18:38:51.0479 5384 LSI_SAS2 - ok
18:38:51.0494 5384 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
18:38:51.0497 5384 LSI_SCSI - ok
18:38:51.0518 5384 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
18:38:51.0520 5384 luafv - ok
18:38:51.0662 5384 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\windows\system32\drivers\mbam.sys
18:38:51.0663 5384 MBAMProtector - ok
18:38:51.0817 5384 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
18:38:51.0819 5384 megasas - ok
18:38:51.0907 5384 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
18:38:51.0914 5384 MegaSR - ok
18:38:51.0939 5384 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
18:38:51.0940 5384 Modem - ok
18:38:52.0029 5384 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
18:38:52.0031 5384 monitor - ok
18:38:52.0133 5384 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
18:38:52.0136 5384 mouclass - ok
18:38:52.0244 5384 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
18:38:52.0246 5384 mouhid - ok
18:38:52.0297 5384 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
18:38:52.0300 5384 mountmgr - ok
18:38:52.0414 5384 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
18:38:52.0419 5384 MpFilter - ok
18:38:52.0465 5384 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
18:38:52.0470 5384 mpio - ok
18:38:52.0573 5384 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
18:38:52.0576 5384 MpNWMon - ok
18:38:52.0660 5384 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
18:38:52.0663 5384 mpsdrv - ok
18:38:52.0720 5384 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
18:38:52.0724 5384 MRxDAV - ok
18:38:52.0829 5384 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
18:38:52.0834 5384 mrxsmb - ok
18:38:52.0916 5384 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
18:38:52.0924 5384 mrxsmb10 - ok
18:38:52.0980 5384 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
18:38:52.0984 5384 mrxsmb20 - ok
18:38:53.0079 5384 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
18:38:53.0081 5384 msahci - ok
18:38:53.0132 5384 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
18:38:53.0136 5384 msdsm - ok
18:38:53.0228 5384 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
18:38:53.0230 5384 Msfs - ok
18:38:53.0247 5384 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
18:38:53.0248 5384 mshidkmdf - ok
18:38:53.0319 5384 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
18:38:53.0322 5384 msisadrv - ok
18:38:53.0444 5384 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
18:38:53.0446 5384 MSKSSRV - ok
18:38:53.0555 5384 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
18:38:53.0557 5384 MSPCLOCK - ok
18:38:53.0656 5384 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
18:38:53.0658 5384 MSPQM - ok
18:38:53.0708 5384 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
18:38:53.0717 5384 MsRPC - ok
18:38:53.0826 5384 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
18:38:53.0828 5384 mssmbios - ok
18:38:53.0924 5384 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
18:38:53.0926 5384 MSTEE - ok
18:38:53.0940 5384 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
18:38:53.0942 5384 MTConfig - ok
18:38:54.0070 5384 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
18:38:54.0073 5384 Mup - ok
18:38:54.0190 5384 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
18:38:54.0198 5384 NativeWifiP - ok
18:38:54.0334 5384 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
18:38:54.0350 5384 NDIS - ok
18:38:54.0442 5384 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
18:38:54.0445 5384 NdisCap - ok
18:38:54.0537 5384 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
18:38:54.0538 5384 NdisTapi - ok
18:38:54.0649 5384 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
18:38:54.0652 5384 Ndisuio - ok
18:38:54.0760 5384 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
18:38:54.0764 5384 NdisWan - ok
18:38:54.0863 5384 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
18:38:54.0866 5384 NDProxy - ok
18:38:54.0989 5384 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
18:38:54.0992 5384 NetBIOS - ok
18:38:55.0043 5384 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
18:38:55.0049 5384 NetBT - ok
18:38:55.0172 5384 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
18:38:55.0174 5384 nfrd960 - ok
18:38:55.0217 5384 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
18:38:55.0221 5384 NisDrv - ok
18:38:55.0328 5384 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
18:38:55.0330 5384 Npfs - ok
18:38:55.0351 5384 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
18:38:55.0352 5384 nsiproxy - ok
18:38:55.0502 5384 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
18:38:55.0524 5384 Ntfs - ok
18:38:55.0620 5384 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
18:38:55.0622 5384 Null - ok
18:38:55.0672 5384 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
18:38:55.0675 5384 nvraid - ok
18:38:55.0799 5384 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
18:38:55.0804 5384 nvstor - ok
18:38:55.0909 5384 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
18:38:55.0913 5384 nv_agp - ok
18:38:56.0049 5384 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
18:38:56.0053 5384 ohci1394 - ok
18:38:56.0416 5384 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
18:38:56.0419 5384 Parport - ok
18:38:56.0527 5384 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
18:38:56.0530 5384 partmgr - ok
18:38:56.0625 5384 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
18:38:56.0629 5384 pci - ok
18:38:56.0646 5384 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
18:38:56.0648 5384 pciide - ok
18:38:56.0744 5384 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
18:38:56.0750 5384 pcmcia - ok
18:38:56.0836 5384 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
18:38:56.0838 5384 pcw - ok
18:38:56.0884 5384 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
18:38:56.0898 5384 PEAUTH - ok
18:38:57.0010 5384 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
18:38:57.0013 5384 PGEffect - ok
18:38:57.0184 5384 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
18:38:57.0187 5384 PptpMiniport - ok
18:38:57.0273 5384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
18:38:57.0276 5384 Processor - ok
18:38:57.0392 5384 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
18:38:57.0396 5384 Psched - ok
18:38:57.0480 5384 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
18:38:57.0501 5384 ql2300 - ok
18:38:57.0589 5384 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
18:38:57.0593 5384 ql40xx - ok
18:38:57.0679 5384 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
18:38:57.0681 5384 QWAVEdrv - ok
18:38:57.0711 5384 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
18:38:57.0714 5384 RasAcd - ok
18:38:57.0825 5384 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
18:38:57.0827 5384 RasAgileVpn - ok
18:38:57.0956 5384 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
18:38:57.0960 5384 Rasl2tp - ok
18:38:58.0053 5384 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
18:38:58.0057 5384 RasPppoe - ok
18:38:58.0156 5384 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
18:38:58.0159 5384 RasSstp - ok
18:38:58.0284 5384 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
18:38:58.0291 5384 rdbss - ok
18:38:58.0376 5384 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
18:38:58.0378 5384 rdpbus - ok
18:38:58.0478 5384 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
18:38:58.0480 5384 RDPCDD - ok
18:38:58.0563 5384 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
18:38:58.0565 5384 RDPENCDD - ok
18:38:58.0591 5384 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
18:38:58.0593 5384 RDPREFMP - ok
18:38:58.0696 5384 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
18:38:58.0702 5384 RDPWD - ok
18:38:58.0807 5384 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
18:38:58.0812 5384 rdyboost - ok
18:38:58.0974 5384 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
18:38:58.0977 5384 rspndr - ok
18:38:59.0107 5384 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys
18:38:59.0113 5384 RSUSBSTOR - ok
18:38:59.0231 5384 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\windows\system32\DRIVERS\Rt64win7.sys
18:38:59.0236 5384 RTL8167 - ok
18:38:59.0387 5384 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
18:38:59.0409 5384 rtl8192se - ok
18:38:59.0471 5384 RtsUIR - ok
18:38:59.0628 5384 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Users\Laptop\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS
18:38:59.0630 5384 SASDIFSV - ok
18:38:59.0780 5384 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Users\Laptop\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS
18:38:59.0782 5384 SASKUTIL - ok
18:38:59.0902 5384 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
18:38:59.0906 5384 sbp2port - ok
18:39:00.0015 5384 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
18:39:00.0018 5384 scfilter - ok
18:39:00.0122 5384 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
18:39:00.0124 5384 secdrv - ok
18:39:00.0160 5384 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
18:39:00.0161 5384 Serenum - ok
18:39:00.0265 5384 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
18:39:00.0269 5384 Serial - ok
18:39:00.0318 5384 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
18:39:00.0321 5384 sermouse - ok
18:39:00.0441 5384 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
18:39:00.0443 5384 sffdisk - ok
18:39:00.0475 5384 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
18:39:00.0477 5384 sffp_mmc - ok
18:39:00.0504 5384 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
18:39:00.0506 5384 sffp_sd - ok
18:39:00.0589 5384 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
18:39:00.0591 5384 sfloppy - ok
18:39:00.0701 5384 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
18:39:00.0704 5384 SiSRaid2 - ok
18:39:00.0718 5384 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
18:39:00.0723 5384 SiSRaid4 - ok
18:39:00.0828 5384 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
18:39:00.0832 5384 Smb - ok
18:39:00.0931 5384 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
18:39:00.0933 5384 spldr - ok
18:39:00.0997 5384 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
18:39:01.0004 5384 srv - ok
18:39:01.0096 5384 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
18:39:01.0106 5384 srv2 - ok
18:39:01.0203 5384 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
18:39:01.0208 5384 srvnet - ok
18:39:01.0315 5384 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
18:39:01.0317 5384 stexstor - ok
18:39:01.0425 5384 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
18:39:01.0427 5384 swenum - ok
18:39:01.0550 5384 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys
18:39:01.0557 5384 SynTP - ok
18:39:01.0759 5384 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
18:39:01.0785 5384 Tcpip - ok
18:39:01.0995 5384 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
18:39:02.0008 5384 TCPIP6 - ok
18:39:02.0130 5384 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
18:39:02.0133 5384 tcpipreg - ok
18:39:02.0235 5384 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
18:39:02.0237 5384 tdcmdpst - ok
18:39:02.0331 5384 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
18:39:02.0333 5384 TDPIPE - ok
18:39:02.0346 5384 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
18:39:02.0349 5384 TDTCP - ok
18:39:02.0398 5384 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
18:39:02.0400 5384 tdx - ok
18:39:02.0494 5384 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
18:39:02.0497 5384 TermDD - ok
18:39:02.0679 5384 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
18:39:02.0690 5384 tos_sps64 - ok
18:39:02.0814 5384 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
18:39:02.0817 5384 tssecsrv - ok
18:39:02.0930 5384 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
18:39:02.0933 5384 TsUsbFlt - ok
18:39:03.0054 5384 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
18:39:03.0058 5384 tunnel - ok
18:39:03.0159 5384 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
18:39:03.0162 5384 TVALZ - ok
18:39:03.0250 5384 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
18:39:03.0252 5384 TVALZFL - ok
18:39:03.0347 5384 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
18:39:03.0350 5384 uagp35 - ok
18:39:03.0402 5384 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
18:39:03.0409 5384 udfs - ok
18:39:03.0528 5384 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
18:39:03.0531 5384 uliagpkx - ok
18:39:03.0659 5384 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
18:39:03.0662 5384 umbus - ok
18:39:03.0700 5384 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
18:39:03.0702 5384 UmPass - ok
18:39:03.0842 5384 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
18:39:03.0868 5384 usbccgp - ok
18:39:03.0928 5384 USBCCID - ok
18:39:04.0042 5384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
18:39:04.0045 5384 usbcir - ok
18:39:04.0071 5384 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
18:39:04.0074 5384 usbehci - ok
18:39:04.0199 5384 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
18:39:04.0208 5384 usbhub - ok
18:39:04.0311 5384 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
18:39:04.0313 5384 usbohci - ok
18:39:04.0402 5384 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
18:39:04.0405 5384 usbprint - ok
18:39:04.0508 5384 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
18:39:04.0511 5384 usbscan - ok
18:39:04.0634 5384 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
18:39:04.0660 5384 USBSTOR - ok
18:39:04.0770 5384 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
18:39:04.0772 5384 usbuhci - ok
18:39:04.0898 5384 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
18:39:04.0904 5384 usbvideo - ok
18:39:05.0009 5384 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\windows\system32\DRIVERS\usb8023x.sys
18:39:05.0011 5384 usb_rndisx - ok
18:39:05.0125 5384 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
18:39:05.0128 5384 vdrvroot - ok
18:39:05.0175 5384 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
18:39:05.0177 5384 vga - ok
18:39:05.0257 5384 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
18:39:05.0260 5384 VgaSave - ok
18:39:05.0320 5384 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
18:39:05.0325 5384 vhdmp - ok
18:39:05.0430 5384 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
18:39:05.0432 5384 viaide - ok
18:39:05.0529 5384 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
18:39:05.0533 5384 volmgr - ok
18:39:05.0639 5384 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
18:39:05.0648 5384 volmgrx - ok
18:39:05.0771 5384 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
18:39:05.0779 5384 volsnap - ok
18:39:05.0892 5384 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
18:39:05.0897 5384 vsmraid - ok
18:39:05.0977 5384 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
18:39:05.0980 5384 vwifibus - ok
18:39:06.0076 5384 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
18:39:06.0078 5384 vwififlt - ok
18:39:06.0196 5384 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
18:39:06.0198 5384 vwifimp - ok
18:39:06.0292 5384 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
18:39:06.0294 5384 WacomPen - ok
18:39:06.0424 5384 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
18:39:06.0428 5384 WANARP - ok
18:39:06.0443 5384 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
18:39:06.0445 5384 Wanarpv6 - ok
18:39:06.0553 5384 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
18:39:06.0556 5384 Wd - ok
18:39:06.0654 5384 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
18:39:06.0669 5384 Wdf01000 - ok
18:39:06.0804 5384 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
18:39:06.0806 5384 WfpLwf - ok
18:39:06.0898 5384 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
18:39:06.0900 5384 WIMMount - ok
18:39:07.0055 5384 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
18:39:07.0058 5384 WinUsb - ok
18:39:07.0158 5384 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
18:39:07.0160 5384 WmiAcpi - ok
18:39:07.0292 5384 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
18:39:07.0294 5384 ws2ifsl - ok
18:39:07.0415 5384 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
18:39:07.0419 5384 WudfPf - ok
18:39:07.0531 5384 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
18:39:07.0536 5384 WUDFRd - ok
18:39:07.0600 5384 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
18:39:07.0669 5384 \Device\Harddisk0\DR0 - ok
18:39:07.0705 5384 Boot (0x1200) (608061466d79693bb9272ae633cf1c64) \Device\Harddisk0\DR0\Partition0
18:39:07.0707 5384 \Device\Harddisk0\DR0\Partition0 - ok
18:39:07.0714 5384 ============================================================
18:39:07.0714 5384 Scan finished
18:39:07.0714 5384 ============================================================
18:39:07.0729 4788 Detected object count: 0
18:39:07.0729 4788 Actual detected object count: 0

#14 Jokerz Wild

Jokerz Wild
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 February 2012 - 07:56 PM

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-11 18:43:07
-----------------------------
18:43:07.325 OS Version: Windows x64 6.1.7601 Service Pack 1
18:43:07.325 Number of processors: 2 586 0x602
18:43:07.326 ComputerName: LAPTOP-PC UserName: test
18:43:08.597 Initialize success
18:43:14.230 AVAST engine defs: 12021101
18:43:40.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:43:40.740 Disk 0 Vendor: TOSHIBA_MK3263GSXN GC002M Size: 305245MB BusType: 11
18:43:40.786 Disk 0 MBR read successfully
18:43:40.793 Disk 0 MBR scan
18:43:40.806 Disk 0 Windows VISTA default MBR code
18:43:40.821 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:43:40.845 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 294431 MB offset 3074048
18:43:40.893 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9313 MB offset 606068736
18:43:40.910 Service scanning
18:43:41.742 Service MpNWMon C:\windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
18:43:42.373 Modules scanning
18:43:42.384 Disk 0 trace - called modules:
18:43:42.429 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:43:42.445 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a95060]
18:43:42.458 3 CLASSPNP.SYS[fffff880016ae43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004627060]
18:43:43.301 AVAST engine scan C:\windows
18:43:49.047 AVAST engine scan C:\windows\system32
18:49:08.170 AVAST engine scan C:\windows\system32\drivers
18:49:28.018 AVAST engine scan C:\Users\test
18:50:21.892 AVAST engine scan C:\ProgramData
18:52:58.773 Scan finished successfully
18:54:32.731 Disk 0 MBR has been saved successfully to "C:\Users\test\Desktop\MBR.dat"
18:54:32.779 The log file has been saved successfully to "C:\Users\test\Desktop\aswMBR.txt"
18:54:59.268 Disk 0 MBR has been saved successfully to "C:\Users\test\Desktop\MBR.dat"
18:54:59.274 The log file has been saved successfully to "C:\Users\test\Desktop\aswMBR.txt"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 AM

Posted 11 February 2012 - 09:01 PM

Download

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

Double click MBRCheck.exe

It will show a Black screen with some information that will contain either the below line if no problem is found:

Press ENTER to exit...

Or

you will see more information like below if a problem is found:
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:


just choose to exit the program at this point since we want to see only the scan results to begin with.
MBRCheck will create a log on the desktop,post the log result




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users