Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spooldrs.sys


  • This topic is locked This topic is locked
10 replies to this topic

#1 cartong

cartong

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 06 February 2012 - 10:40 PM

My computer keeps getting the blue screen. When I restart it, it says that it recovered from a serious error. When I sent an error report microsoft told me that I had malware, Spooldrs.sys. I tried to run dds.scr and it says "Windows command processor has encountered a problem and needs to close" Then it kept turning on by itself and crashing. I was able to run gmer and I attached the file. I ran microsoft security essentials and it didn't find anything. I can't figure out how to fix it. Thanks.

Attached Files

  • Attached File  ark.txt   16.03KB   7 downloads


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 07 February 2012 - 10:17 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please run the DDS tool again and post the log if you can.

#3 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 07 February 2012 - 02:52 PM

Ran TDSS and here is the log. I had to run it twice. The first time it didn't catch any thing. I expanded the criteria and it found 6 suspicious files.


11:49:58.0453 1692 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
11:50:00.0593 1692 ============================================================
11:50:00.0593 1692 Current date / time: 2012/02/07 11:50:00.0593
11:50:00.0593 1692 SystemInfo:
11:50:00.0593 1692
11:50:00.0593 1692 OS Version: 5.1.2600 ServicePack: 3.0
11:50:00.0593 1692 Product type: Workstation
11:50:00.0593 1692 ComputerName: HP520W
11:50:00.0609 1692 UserName: Owner
11:50:00.0609 1692 Windows directory: C:\WINDOWS
11:50:00.0609 1692 System windows directory: C:\WINDOWS
11:50:00.0609 1692 Processor architecture: Intel x86
11:50:00.0609 1692 Number of processors: 1
11:50:00.0609 1692 Page size: 0x1000
11:50:00.0609 1692 Boot type: Normal boot
11:50:00.0609 1692 ============================================================
11:50:17.0500 1692 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1431, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:50:17.0593 1692 Drive \Device\Harddisk1\DR1 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x295B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:50:17.0921 1692 Drive \Device\Harddisk2\DR4 - Size: 0x4A5BF00000 (297.44 Gb), SectorSize: 0x200, Cylinders: 0x97AB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:50:17.0921 1692 \Device\Harddisk0\DR0:
11:50:18.0250 1692 MBR used
11:50:18.0250 1692 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
11:50:18.0250 1692 \Device\Harddisk1\DR1:
11:50:18.0328 1692 MBR used
11:50:18.0328 1692 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x75300B1
11:50:18.0328 1692 \Device\Harddisk2\DR4:
11:50:18.0343 1692 MBR used
11:50:18.0343 1692 \Device\Harddisk2\DR4\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x252DF000
11:50:18.0875 1692 Initialize success
11:50:18.0875 1692 ============================================================
11:50:23.0750 3296 ============================================================
11:50:23.0750 3296 Scan started
11:50:23.0750 3296 Mode: Manual;
11:50:23.0750 3296 ============================================================
11:50:27.0312 3296 Abiosdsk - ok
11:50:27.0625 3296 abp480n5 - ok
11:50:28.0000 3296 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
11:50:28.0031 3296 ac97intc - ok
11:50:28.0703 3296 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:50:28.0750 3296 ACPI - ok
11:50:29.0250 3296 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:50:29.0296 3296 ACPIEC - ok
11:50:29.0625 3296 adpu160m - ok
11:50:29.0937 3296 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:50:30.0000 3296 aec - ok
11:50:30.0671 3296 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:50:30.0718 3296 AFD - ok
11:50:31.0046 3296 Aha154x - ok
11:50:31.0406 3296 aic78u2 - ok
11:50:31.0703 3296 aic78xx - ok
11:50:32.0093 3296 AliIde - ok
11:50:32.0531 3296 amsint - ok
11:50:32.0953 3296 asc - ok
11:50:33.0218 3296 asc3350p - ok
11:50:33.0734 3296 asc3550 - ok
11:50:34.0171 3296 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
11:50:34.0187 3296 Aspi32 - ok
11:50:34.0781 3296 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:50:34.0828 3296 AsyncMac - ok
11:50:35.0703 3296 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:50:35.0703 3296 atapi - ok
11:50:36.0328 3296 Atdisk - ok
11:50:36.0859 3296 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:50:37.0750 3296 Atmarpc - ok
11:50:38.0281 3296 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:50:38.0375 3296 audstub - ok
11:50:39.0031 3296 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:50:39.0062 3296 Beep - ok
11:50:39.0593 3296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:50:39.0640 3296 cbidf2k - ok
11:50:40.0296 3296 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:50:40.0296 3296 CCDECODE - ok
11:50:40.0906 3296 cd20xrnt - ok
11:50:41.0203 3296 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
11:50:41.0203 3296 CdaD10BA - ok
11:50:41.0468 3296 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:50:41.0484 3296 Cdaudio - ok
11:50:42.0218 3296 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:50:42.0781 3296 Cdfs - ok
11:50:43.0781 3296 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:50:43.0796 3296 Cdrom - ok
11:50:44.0187 3296 Changer - ok
11:50:44.0453 3296 CmdIde - ok
11:50:44.0890 3296 Cpqarray - ok
11:50:45.0250 3296 dac2w2k - ok
11:50:45.0515 3296 dac960nt - ok
11:50:46.0031 3296 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:50:46.0046 3296 Disk - ok
11:50:46.0781 3296 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:50:47.0343 3296 dmboot - ok
11:50:47.0921 3296 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:50:48.0031 3296 dmio - ok
11:50:48.0406 3296 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:50:48.0562 3296 dmload - ok
11:50:49.0156 3296 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:50:49.0203 3296 DMusic - ok
11:50:49.0531 3296 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
11:50:49.0593 3296 DNINDIS5 - ok
11:50:50.0109 3296 dpti2o - ok
11:50:50.0437 3296 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:50:50.0453 3296 drmkaud - ok
11:50:50.0734 3296 eeCtrl - ok
11:50:51.0375 3296 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:50:51.0421 3296 Fastfat - ok
11:50:51.0968 3296 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:50:51.0984 3296 Fdc - ok
11:50:52.0281 3296 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:50:52.0312 3296 Fips - ok
11:50:52.0656 3296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:50:52.0656 3296 Flpydisk - ok
11:50:53.0187 3296 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:50:53.0218 3296 FltMgr - ok
11:50:53.0687 3296 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
11:50:53.0718 3296 fssfltr - ok
11:50:54.0234 3296 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:50:54.0250 3296 Fs_Rec - ok
11:50:54.0562 3296 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:50:54.0625 3296 Ftdisk - ok
11:50:55.0265 3296 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:50:55.0281 3296 gameenum - ok
11:50:55.0671 3296 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:50:55.0687 3296 GEARAspiWDM - ok
11:50:56.0265 3296 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:50:56.0281 3296 Gpc - ok
11:50:56.0718 3296 gsplittm - ok
11:50:57.0328 3296 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:50:57.0406 3296 HidUsb - ok
11:50:57.0718 3296 hpn - ok
11:50:58.0125 3296 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:50:58.0140 3296 HPZid412 - ok
11:50:58.0500 3296 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:50:58.0500 3296 HPZipr12 - ok
11:50:59.0031 3296 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:50:59.0031 3296 HPZius12 - ok
11:50:59.0515 3296 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:50:59.0656 3296 HTTP - ok
11:51:00.0078 3296 i2omgmt - ok
11:51:00.0343 3296 i2omp - ok
11:51:00.0687 3296 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:51:00.0750 3296 i8042prt - ok
11:51:01.0312 3296 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
11:51:01.0390 3296 i81x - ok
11:51:01.0843 3296 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
11:51:01.0843 3296 iAimFP0 - ok
11:51:02.0296 3296 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
11:51:02.0375 3296 iAimFP1 - ok
11:51:02.0781 3296 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
11:51:02.0812 3296 iAimFP2 - ok
11:51:03.0328 3296 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
11:51:03.0343 3296 iAimFP3 - ok
11:51:03.0687 3296 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
11:51:03.0718 3296 iAimFP4 - ok
11:51:04.0265 3296 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
11:51:04.0281 3296 iAimFP5 - ok
11:51:04.0765 3296 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
11:51:04.0796 3296 iAimFP6 - ok
11:51:05.0328 3296 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
11:51:05.0343 3296 iAimFP7 - ok
11:51:05.0796 3296 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
11:51:05.0796 3296 iAimTV0 - ok
11:51:06.0312 3296 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
11:51:06.0312 3296 iAimTV1 - ok
11:51:06.0781 3296 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
11:51:06.0812 3296 iAimTV3 - ok
11:51:07.0343 3296 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
11:51:07.0359 3296 iAimTV4 - ok
11:51:07.0796 3296 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
11:51:07.0796 3296 iAimTV5 - ok
11:51:08.0343 3296 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
11:51:08.0375 3296 iAimTV6 - ok
11:51:08.0875 3296 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:51:08.0890 3296 Imapi - ok
11:51:09.0343 3296 ini910u - ok
11:51:09.0796 3296 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:51:09.0812 3296 IntelIde - ok
11:51:10.0203 3296 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:51:10.0218 3296 Ip6Fw - ok
11:51:10.0625 3296 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:51:10.0640 3296 IpFilterDriver - ok
11:51:10.0984 3296 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:51:11.0015 3296 IpInIp - ok
11:51:11.0453 3296 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:51:11.0531 3296 IpNat - ok
11:51:11.0890 3296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:51:11.0906 3296 IPSec - ok
11:51:12.0328 3296 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:51:12.0375 3296 IRENUM - ok
11:51:12.0921 3296 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:51:12.0937 3296 isapnp - ok
11:51:13.0265 3296 ivusb - ok
11:51:14.0015 3296 JSWSCIMD (ad67795900aa8c05cc4570f5349e0639) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
11:51:14.0031 3296 JSWSCIMD - ok
11:51:14.0421 3296 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:51:14.0453 3296 Kbdclass - ok
11:51:14.0875 3296 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:51:14.0875 3296 kbdhid - ok
11:51:15.0531 3296 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:51:15.0609 3296 kmixer - ok
11:51:16.0000 3296 KmxAgent (56d92667798228ae7f6ac8216f06b407) C:\WINDOWS\system32\DRIVERS\kmxagent.sys
11:51:16.0031 3296 KmxAgent - ok
11:51:16.0390 3296 KmxCfg (3c55c1df01e960e631449766b1b6a482) C:\WINDOWS\system32\DRIVERS\kmxcfg.sys
11:51:16.0531 3296 KmxCfg - ok
11:51:16.0968 3296 KmxStart (6f6650fba838731ab796635cf7b25271) C:\WINDOWS\system32\DRIVERS\kmxstart.sys
11:51:17.0031 3296 KmxStart - ok
11:51:17.0453 3296 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:51:17.0484 3296 KSecDD - ok
11:51:17.0984 3296 lbrtfdc - ok
11:51:18.0593 3296 ltmodem5 (fa2ed4a054360f3f873c15420f1f19cc) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
11:51:18.0812 3296 ltmodem5 - ok
11:51:19.0203 3296 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11:51:19.0234 3296 MBAMSwissArmy - ok
11:51:19.0625 3296 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
11:51:19.0671 3296 MCSTRM - ok
11:51:20.0109 3296 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:51:20.0109 3296 mnmdd - ok
11:51:20.0468 3296 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:51:20.0468 3296 Modem - ok
11:51:20.0781 3296 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:51:20.0796 3296 Mouclass - ok
11:51:21.0125 3296 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:51:21.0140 3296 mouhid - ok
11:51:21.0468 3296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:51:21.0484 3296 MountMgr - ok
11:51:22.0218 3296 MpFilter (eb950bfe2432d4fdcd2dda9ca7665055) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:51:22.0265 3296 MpFilter - ok
11:51:22.0687 3296 MpKsl90640daf (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D93D5E4E-8C85-40BB-9F76-C4B723902762}\MpKsl90640daf.sys
11:51:22.0703 3296 MpKsl90640daf - ok
11:51:23.0078 3296 MR97310_USB_DUAL_CAMERA (2d5990203cb98b7dfd13d73d71c48028) C:\WINDOWS\system32\DRIVERS\mr97310c.sys
11:51:23.0140 3296 MR97310_USB_DUAL_CAMERA - ok
11:51:23.0390 3296 mraid35x - ok
11:51:23.0734 3296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:51:23.0796 3296 MRxDAV - ok
11:51:24.0281 3296 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:51:24.0437 3296 MRxSmb - ok
11:51:24.0859 3296 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:51:24.0875 3296 Msfs - ok
11:51:25.0312 3296 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:51:25.0328 3296 MSKSSRV - ok
11:51:25.0859 3296 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:51:25.0875 3296 MSPCLOCK - ok
11:51:26.0250 3296 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:51:26.0265 3296 MSPQM - ok
11:51:26.0781 3296 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:51:26.0796 3296 mssmbios - ok
11:51:27.0359 3296 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:51:27.0375 3296 MSTEE - ok
11:51:27.0968 3296 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
11:51:27.0968 3296 ms_mpu401 - ok
11:51:28.0625 3296 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:51:28.0703 3296 Mup - ok
11:51:29.0109 3296 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:51:29.0140 3296 NABTSFEC - ok
11:51:29.0828 3296 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:51:29.0906 3296 NDIS - ok
11:51:30.0281 3296 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:51:30.0390 3296 NdisIP - ok
11:51:31.0421 3296 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:51:31.0468 3296 NdisTapi - ok
11:51:32.0140 3296 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:51:32.0171 3296 Ndisuio - ok
11:51:32.0609 3296 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:51:32.0718 3296 NdisWan - ok
11:51:33.0171 3296 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:51:33.0234 3296 NDProxy - ok
11:51:33.0812 3296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:51:33.0828 3296 NetBIOS - ok
11:51:34.0625 3296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:51:34.0671 3296 NetBT - ok
11:51:35.0515 3296 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:51:35.0562 3296 Npfs - ok
11:51:36.0296 3296 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:51:36.0640 3296 Ntfs - ok
11:51:37.0421 3296 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:51:37.0500 3296 Null - ok
11:51:39.0437 3296 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:51:40.0718 3296 nv - ok
11:51:41.0703 3296 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:51:41.0781 3296 NwlnkFlt - ok
11:51:42.0437 3296 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:51:42.0500 3296 NwlnkFwd - ok
11:51:43.0171 3296 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:51:43.0265 3296 Parport - ok
11:51:43.0812 3296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:51:43.0828 3296 PartMgr - ok
11:51:44.0546 3296 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:51:44.0593 3296 ParVdm - ok
11:51:45.0203 3296 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:51:45.0234 3296 PCI - ok
11:51:45.0812 3296 PCIDump - ok
11:51:46.0500 3296 PCIIde - ok
11:51:47.0046 3296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:51:47.0359 3296 Pcmcia - ok
11:51:48.0421 3296 PDCOMP - ok
11:51:49.0484 3296 PDFRAME - ok
11:51:49.0921 3296 PDRELI - ok
11:51:50.0234 3296 PDRFRAME - ok
11:51:50.0609 3296 perc2 - ok
11:51:51.0062 3296 perc2hib - ok
11:51:51.0781 3296 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:51:51.0828 3296 PptpMiniport - ok
11:51:52.0328 3296 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:51:52.0593 3296 PSched - ok
11:51:53.0093 3296 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:51:53.0843 3296 Ptilink - ok
11:51:54.0531 3296 ql1080 - ok
11:51:55.0218 3296 Ql10wnt - ok
11:51:55.0546 3296 ql12160 - ok
11:51:55.0859 3296 ql1240 - ok
11:51:56.0171 3296 ql1280 - ok
11:51:56.0468 3296 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:51:56.0515 3296 RasAcd - ok
11:51:57.0593 3296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:51:57.0812 3296 Rasl2tp - ok
11:51:58.0250 3296 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:51:58.0281 3296 RasPppoe - ok
11:51:58.0562 3296 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:51:58.0640 3296 Raspti - ok
11:51:59.0015 3296 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:51:59.0078 3296 Rdbss - ok
11:52:00.0031 3296 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:52:00.0031 3296 RDPCDD - ok
11:52:00.0687 3296 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:52:00.0812 3296 RDPWD - ok
11:52:02.0437 3296 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:52:02.0562 3296 redbook - ok
11:52:03.0406 3296 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
11:52:03.0531 3296 RTL8023xp - ok
11:52:03.0921 3296 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:52:03.0968 3296 rtl8139 - ok
11:52:04.0421 3296 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:52:04.0437 3296 Secdrv - ok
11:52:04.0828 3296 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:52:04.0859 3296 serenum - ok
11:52:05.0234 3296 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:52:05.0328 3296 Serial - ok
11:52:05.0765 3296 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:52:05.0765 3296 Sfloppy - ok
11:52:06.0296 3296 Simbad - ok
11:52:06.0640 3296 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:52:06.0671 3296 SLIP - ok
11:52:07.0015 3296 Sparrow - ok
11:52:07.0328 3296 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:52:07.0453 3296 splitter - ok
11:52:07.0812 3296 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:52:07.0843 3296 sr - ok
11:52:08.0281 3296 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:52:08.0437 3296 Srv - ok
11:52:09.0000 3296 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
11:52:09.0046 3296 StillCam - ok
11:52:09.0625 3296 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:52:09.0906 3296 streamip - ok
11:52:11.0046 3296 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:52:11.0140 3296 swenum - ok
11:52:11.0671 3296 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:52:11.0687 3296 swmidi - ok
11:52:12.0187 3296 symc810 - ok
11:52:12.0453 3296 symc8xx - ok
11:52:12.0828 3296 sym_hi - ok
11:52:13.0078 3296 sym_u3 - ok
11:52:13.0421 3296 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:52:13.0468 3296 sysaudio - ok
11:52:13.0968 3296 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:52:14.0218 3296 Tcpip - ok
11:52:14.0656 3296 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:52:14.0703 3296 TDPIPE - ok
11:52:15.0031 3296 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:52:15.0062 3296 TDTCP - ok
11:52:15.0390 3296 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:52:15.0468 3296 TermDD - ok
11:52:15.0828 3296 TosIde - ok
11:52:16.0203 3296 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:52:16.0234 3296 Udfs - ok
11:52:16.0531 3296 ultra - ok
11:52:17.0531 3296 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:52:17.0765 3296 Update - ok
11:52:18.0312 3296 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:52:18.0328 3296 usbccgp - ok
11:52:18.0718 3296 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:52:18.0828 3296 usbhub - ok
11:52:19.0265 3296 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:52:19.0296 3296 usbprint - ok
11:52:19.0937 3296 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:52:20.0109 3296 usbscan - ok
11:52:20.0671 3296 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:52:20.0718 3296 USBSTOR - ok
11:52:21.0250 3296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:52:21.0265 3296 usbuhci - ok
11:52:21.0625 3296 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:52:21.0656 3296 VgaSave - ok
11:52:22.0906 3296 ViaIde - ok
11:52:23.0218 3296 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:52:23.0718 3296 VolSnap - ok
11:52:24.0156 3296 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:52:24.0187 3296 Wanarp - ok11:52:24.0609 3296 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
11:52:25.0109 3296 WDC_SAM - ok
11:52:26.0171 3296 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:52:27.0265 3296 Wdf01000 - ok
11:52:28.0015 3296 WDICA - ok
11:52:29.0203 3296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:52:29.0234 3296 wdmaud - ok
11:52:30.0390 3296 WNDA3100 (966860e5ea3591aa471ec9ced49dc8d2) C:\WINDOWS\system32\DRIVERS\WNDA31.sys
11:52:30.0687 3296 WNDA3100 - ok
11:52:31.0296 3296 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:52:31.0328 3296 WpdUsb - ok
11:52:31.0890 3296 WRkrn (5cbfd0dff695abb7cef5cf88707edc42) C:\WINDOWS\system32\drivers\WRkrn.sys
11:52:31.0921 3296 WRkrn - ok
11:52:32.0406 3296 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:52:32.0453 3296 WS2IFSL - ok
11:52:33.0078 3296 WSIMD (43f767d59bfc25d8f4fc2eb42043ec1e) C:\WINDOWS\system32\DRIVERS\wsimd.sys
11:52:33.0281 3296 WSIMD - ok
11:52:33.0765 3296 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:52:33.0828 3296 WSTCODEC - ok
11:52:34.0578 3296 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:52:34.0656 3296 WudfPf - ok
11:52:35.0328 3296 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:52:35.0453 3296 WudfRd - ok
11:52:35.0750 3296 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:52:36.0625 3296 \Device\Harddisk0\DR0 - ok
11:52:36.0703 3296 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:52:36.0734 3296 \Device\Harddisk1\DR1 - ok
11:52:36.0828 3296 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR4
11:52:36.0859 3296 \Device\Harddisk2\DR4 - ok
11:52:36.0921 3296 Boot (0x1200) (a1420a3fdd9614fa7d58499eb984d104) \Device\Harddisk0\DR0\Partition0
11:52:36.0921 3296 \Device\Harddisk0\DR0\Partition0 - ok
11:52:36.0953 3296 Boot (0x1200) (43b8bf1185dc2be57d80f3bb148140f0) \Device\Harddisk1\DR1\Partition0
11:52:36.0953 3296 \Device\Harddisk1\DR1\Partition0 - ok
11:52:37.0015 3296 Boot (0x1200) (961133fbb2b8fb28b7bc73143fdf30f7) \Device\Harddisk2\DR4\Partition0
11:52:37.0031 3296 \Device\Harddisk2\DR4\Partition0 - ok
11:52:37.0046 3296 ============================================================
11:52:37.0046 3296 Scan finished
11:52:37.0046 3296 ============================================================
11:52:37.0125 3812 Detected object count: 0
11:52:37.0125 3812 Actual detected object count: 0
11:52:50.0781 0668 ============================================================
11:52:50.0781 0668 Scan started
11:52:50.0781 0668 Mode: Manual; SigCheck; TDLFS;
11:52:50.0781 0668 ============================================================
11:52:52.0984 0668 Abiosdsk - ok
11:52:53.0281 0668 abp480n5 - ok
11:52:53.0734 0668 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
11:53:09.0609 0668 ac97intc - ok
11:53:10.0296 0668 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:53:11.0328 0668 ACPI - ok
11:53:12.0359 0668 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:53:13.0468 0668 ACPIEC - ok
11:53:14.0046 0668 adpu160m - ok
11:53:14.0765 0668 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:53:15.0718 0668 aec - ok
11:53:16.0093 0668 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:53:16.0500 0668 AFD - ok
11:53:16.0984 0668 Aha154x - ok
11:53:17.0515 0668 aic78u2 - ok
11:53:18.0000 0668 aic78xx - ok
11:53:18.0312 0668 AliIde - ok
11:53:18.0609 0668 amsint - ok
11:53:19.0156 0668 asc - ok
11:53:19.0437 0668 asc3350p - ok
11:53:19.0718 0668 asc3550 - ok
11:53:20.0234 0668 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
11:53:20.0359 0668 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
11:53:20.0359 0668 Aspi32 - detected UnsignedFile.Multi.Generic (1)
11:53:20.0671 0668 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:53:21.0406 0668 AsyncMac - ok
11:53:22.0000 0668 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:53:23.0359 0668 atapi - ok
11:53:24.0015 0668 Atdisk - ok
11:53:24.0562 0668 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:53:25.0296 0668 Atmarpc - ok
11:53:25.0671 0668 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:53:26.0312 0668 audstub - ok
11:53:26.0734 0668 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:53:27.0578 0668 Beep - ok
11:53:28.0171 0668 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:53:29.0187 0668 cbidf2k - ok
11:53:29.0812 0668 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:53:30.0468 0668 CCDECODE - ok
11:53:33.0406 0668 cd20xrnt - ok
11:53:34.0078 0668 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
11:53:34.0218 0668 CdaD10BA ( UnsignedFile.Multi.Generic ) - warning
11:53:34.0218 0668 CdaD10BA - detected UnsignedFile.Multi.Generic (1)
11:53:34.0578 0668 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:53:35.0312 0668 Cdaudio - ok
11:53:35.0734 0668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:53:36.0531 0668 Cdfs - ok
11:53:36.0937 0668 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:53:38.0140 0668 Cdrom - ok
11:53:38.0453 0668 Changer - ok
11:53:38.0953 0668 CmdIde - ok
11:53:39.0343 0668 Cpqarray - ok
11:53:39.0937 0668 dac2w2k - ok
11:53:40.0312 0668 dac960nt - ok
11:53:40.0828 0668 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:53:42.0140 0668 Disk - ok
11:53:42.0781 0668 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:53:44.0187 0668 dmboot - ok
11:53:44.0609 0668 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:53:45.0859 0668 dmio - ok
11:53:46.0171 0668 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:53:47.0328 0668 dmload - ok
11:53:47.0734 0668 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:53:48.0906 0668 DMusic - ok
11:53:49.0359 0668 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
11:53:50.0187 0668 DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
11:53:50.0187 0668 DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
11:53:50.0562 0668 dpti2o - ok
11:53:50.0937 0668 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:53:52.0203 0668 drmkaud - ok
11:53:52.0390 0668 eeCtrl - ok
11:53:52.0875 0668 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:53:54.0203 0668 Fastfat - ok
11:53:54.0859 0668 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:53:55.0640 0668 Fdc - ok
11:53:56.0375 0668 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:53:57.0046 0668 Fips - ok
11:53:57.0578 0668 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:53:58.0187 0668 Flpydisk - ok
11:53:58.0718 0668 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:53:59.0296 0668 FltMgr - ok
11:53:59.0828 0668 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
11:54:00.0000 0668 fssfltr - ok
11:54:00.0750 0668 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:54:01.0375 0668 Fs_Rec - ok
11:54:02.0078 0668 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:54:02.0953 0668 Ftdisk - ok
11:54:03.0531 0668 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:54:04.0046 0668 gameenum - ok
11:54:04.0640 0668 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:54:04.0812 0668 GEARAspiWDM - ok
11:54:05.0234 0668 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:54:05.0937 0668 Gpc - ok
11:54:06.0250 0668 gsplittm - ok
11:54:06.0765 0668 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:54:07.0437 0668 HidUsb - ok
11:54:07.0765 0668 hpn - ok
11:54:08.0750 0668 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:54:09.0015 0668 HPZid412 - ok
11:54:09.0453 0668 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:54:09.0765 0668 HPZipr12 - ok
11:54:10.0125 0668 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:54:10.0515 0668 HPZius12 - ok
11:54:10.0921 0668 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:54:11.0343 0668 HTTP - ok
11:54:11.0781 0668 i2omgmt - ok
11:54:12.0078 0668 i2omp - ok
11:54:12.0531 0668 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:54:13.0531 0668 i8042prt - ok
11:54:14.0093 0668 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
11:54:14.0875 0668 i81x - ok
11:54:15.0234 0668 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
11:54:15.0875 0668 iAimFP0 - ok
11:54:16.0203 0668 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
11:54:16.0890 0668 iAimFP1 - ok
11:54:17.0437 0668 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
11:54:18.0093 0668 iAimFP2 - ok
11:54:18.0828 0668 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
11:54:19.0562 0668 iAimFP3 - ok
11:54:19.0937 0668 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
11:54:20.0734 0668 iAimFP4 - ok
11:54:21.0265 0668 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
11:54:21.0781 0668 iAimFP5 - ok
11:54:22.0203 0668 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
11:54:22.0875 0668 iAimFP6 - ok
11:54:23.0281 0668 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
11:54:23.0843 0668 iAimFP7 - ok
11:54:24.0203 0668 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
11:54:24.0812 0668 iAimTV0 - ok
11:54:25.0203 0668 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
11:54:26.0000 0668 iAimTV1 - ok
11:54:26.0703 0668 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
11:54:27.0281 0668 iAimTV3 - ok
11:54:27.0875 0668 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
11:54:28.0484 0668 iAimTV4 - ok
11:54:28.0890 0668 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
11:54:29.0421 0668 iAimTV5 - ok
11:54:29.0796 0668 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
11:54:30.0390 0668 iAimTV6 - ok
11:54:30.0812 0668 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:54:31.0671 0668 Imapi - ok
11:54:32.0062 0668 ini910u - ok
11:54:32.0375 0668 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:54:32.0875 0668 IntelIde - ok
11:54:33.0343 0668 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:54:33.0921 0668 Ip6Fw - ok
11:54:34.0531 0668 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:54:35.0250 0668 IpFilterDriver - ok
11:54:35.0609 0668 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:54:36.0812 0668 IpInIp - ok
11:54:37.0234 0668 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:54:38.0500 0668 IpNat - ok
11:54:38.0984 0668 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:54:39.0750 0668 IPSec - ok
11:54:40.0062 0668 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:54:40.0718 0668 IRENUM - ok
11:54:41.0625 0668 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:54:42.0406 0668 isapnp - ok
11:54:42.0953 0668 ivusb - ok
11:54:43.0578 0668 JSWSCIMD (ad67795900aa8c05cc4570f5349e0639) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
11:54:43.0953 0668 JSWSCIMD - ok
11:54:44.0562 0668 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:54:45.0203 0668 Kbdclass - ok
11:54:45.0546 0668 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:54:46.0765 0668 kbdhid - ok
11:54:47.0484 0668 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:54:48.0312 0668 kmixer - ok
11:54:48.0984 0668 KmxAgent (56d92667798228ae7f6ac8216f06b407) C:\WINDOWS\system32\DRIVERS\kmxagent.sys
11:54:50.0312 0668 KmxAgent - ok
11:54:50.0734 0668 KmxCfg (3c55c1df01e960e631449766b1b6a482) C:\WINDOWS\system32\DRIVERS\kmxcfg.sys
11:54:51.0000 0668 KmxCfg ( UnsignedFile.Multi.Generic ) - warning
11:54:51.0000 0668 KmxCfg - detected UnsignedFile.Multi.Generic (1)
11:54:51.0625 0668 KmxStart (6f6650fba838731ab796635cf7b25271) C:\WINDOWS\system32\DRIVERS\kmxstart.sys
11:54:52.0093 0668 KmxStart - ok
11:54:52.0484 0668 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:54:53.0312 0668 KSecDD - ok
11:54:53.0656 0668 lbrtfdc - ok
11:54:54.0328 0668 ltmodem5 (fa2ed4a054360f3f873c15420f1f19cc) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
11:54:55.0203 0668 ltmodem5 - ok
11:54:55.0718 0668 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11:54:55.0921 0668 MBAMSwissArmy - ok
11:54:56.0343 0668 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
11:54:56.0546 0668 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
11:54:56.0546 0668 MCSTRM - detected UnsignedFile.Multi.Generic (1)
11:54:57.0078 0668 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:54:58.0359 0668 mnmdd - ok
11:54:59.0484 0668 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:55:00.0187 0668 Modem - ok
11:55:00.0703 0668 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:55:01.0296 0668 Mouclass - ok
11:55:01.0750 0668 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:55:02.0328 0668 mouhid - ok
11:55:02.0750 0668 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:55:03.0390 0668 MountMgr - ok
11:55:03.0843 0668 MpFilter (eb950bfe2432d4fdcd2dda9ca7665055) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:55:04.0062 0668 MpFilter - ok
11:55:04.0406 0668 MpKsl90640daf (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D93D5E4E-8C85-40BB-9F76-C4B723902762}\MpKsl90640daf.sys
11:55:04.0546 0668 MpKsl90640daf - ok
11:55:04.0921 0668 MR97310_USB_DUAL_CAMERA (2d5990203cb98b7dfd13d73d71c48028) C:\WINDOWS\system32\DRIVERS\mr97310c.sys
11:55:05.0390 0668 MR97310_USB_DUAL_CAMERA - ok
11:55:05.0953 0668 mraid35x - ok
11:55:06.0328 0668 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:55:07.0125 0668 MRxDAV - ok
11:55:07.0609 0668 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:55:09.0031 0668 MRxSmb - ok
11:55:09.0593 0668 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:55:10.0281 0668 Msfs - ok
11:55:11.0187 0668 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:55:11.0984 0668 MSKSSRV - ok
11:55:12.0640 0668 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:55:15.0062 0668 MSPCLOCK - ok
11:55:15.0890 0668 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:55:16.0531 0668 MSPQM - ok
11:55:16.0875 0668 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:55:17.0703 0668 mssmbios - ok
11:55:18.0234 0668 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:55:18.0937 0668 MSTEE - ok
11:55:19.0343 0668 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
11:55:20.0093 0668 ms_mpu401 - ok
11:55:20.0843 0668 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:55:21.0156 0668 Mup - ok
11:55:21.0640 0668 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:55:22.0328 0668 NABTSFEC - ok
11:55:22.0875 0668 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:55:23.0546 0668 NDIS - ok
11:55:23.0843 0668 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:55:24.0437 0668 NdisIP - ok
11:55:25.0078 0668 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:55:25.0343 0668 NdisTapi - ok
11:55:25.0718 0668 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:55:26.0312 0668 Ndisuio - ok
11:55:26.0843 0668 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:27.0500 0668 NdisWan - ok
11:55:27.0875 0668 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:55:28.0109 0668 NDProxy - ok
11:55:28.0687 0668 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:55:29.0390 0668 NetBIOS - ok
11:55:29.0828 0668 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:55:30.0390 0668 NetBT - ok
11:55:30.0906 0668 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:55:31.0500 0668 Npfs - ok
11:55:32.0062 0668 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:55:32.0765 0668 Ntfs - ok
11:55:33.0265 0668 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:55:34.0015 0668 Null - ok
11:55:35.0640 0668 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:55:37.0218 0668 nv - ok
11:55:37.0718 0668 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:55:38.0296 0668 NwlnkFlt - ok
11:55:38.0828 0668 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:55:39.0406 0668 NwlnkFwd - ok
11:55:39.0906 0668 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:55:40.0593 0668 Parport - ok
11:55:41.0046 0668 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:55:41.0656 0668 PartMgr - ok
11:55:42.0156 0668 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:55:42.0828 0668 ParVdm - ok
11:55:43.0265 0668 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:55:44.0078 0668 PCI - ok
11:55:44.0546 0668 PCIDump - ok
11:55:44.0953 0668 PCIIde - ok
11:55:45.0453 0668 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:55:46.0125 0668 Pcmcia - ok
11:55:46.0515 0668 PDCOMP - ok
11:55:46.0828 0668 PDFRAME - ok
11:55:47.0109 0668 PDRELI - ok
11:55:47.0390 0668 PDRFRAME - ok
11:55:47.0625 0668 perc2 - ok
11:55:47.0937 0668 perc2hib - ok
11:55:48.0578 0668 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:55:49.0187 0668 PptpMiniport - ok
11:55:49.0718 0668 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:55:50.0468 0668 PSched - ok
11:55:50.0875 0668 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:55:51.0421 0668 Ptilink - ok
11:55:51.0906 0668 ql1080 - ok
11:55:52.0343 0668 Ql10wnt - ok
11:55:52.0750 0668 ql12160 - ok
11:55:53.0203 0668 ql1240 - ok
11:55:53.0546 0668 ql1280 - ok
11:55:53.0906 0668 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:55:54.0437 0668 RasAcd - ok
11:55:54.0812 0668 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:55:55.0421 0668 Rasl2tp - ok
11:55:55.0968 0668 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:55:56.0546 0668 RasPppoe - ok
11:55:56.0937 0668 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:55:57.0468 0668 Raspti - ok
11:55:58.0062 0668 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:55:58.0765 0668 Rdbss - ok
11:55:59.0250 0668 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:55:59.0765 0668 RDPCDD - ok
11:56:00.0484 0668 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:56:00.0843 0668 RDPWD - ok
11:56:01.0531 0668 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:56:02.0140 0668 redbook - ok
11:56:02.0625 0668 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
11:56:03.0140 0668 RTL8023xp - ok
11:56:03.0640 0668 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:56:04.0390 0668 rtl8139 - ok
11:56:04.0906 0668 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:56:05.0265 0668 Secdrv - ok
11:56:05.0796 0668 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:56:06.0359 0668 serenum - ok
11:56:06.0843 0668 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:56:07.0593 0668 Serial - ok
11:56:08.0203 0668 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:56:08.0750 0668 Sfloppy - ok
11:56:09.0171 0668 Simbad - ok
11:56:09.0546 0668 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:56:10.0109 0668 SLIP - ok
11:56:10.0500 0668 Sparrow - ok
11:56:10.0781 0668 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:56:11.0296 0668 splitter - ok
11:56:11.0718 0668 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:56:12.0078 0668 sr - ok
11:56:12.0593 0668 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:56:12.0984 0668 Srv - ok
11:56:13.0390 0668 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
11:56:13.0859 0668 StillCam - ok
11:56:14.0234 0668 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:56:14.0750 0668 streamip - ok
11:56:15.0140 0668 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:56:15.0671 0668 swenum - ok
11:56:16.0031 0668 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:56:16.0671 0668 swmidi - ok
11:56:17.0031 0668 symc810 - ok
11:56:17.0281 0668 symc8xx - ok
11:56:17.0562 0668 sym_hi - ok
11:56:18.0171 0668 sym_u3 - ok
11:56:18.0484 0668 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:56:19.0171 0668 sysaudio - ok
11:56:19.0687 0668 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:56:20.0171 0668 Tcpip - ok
11:56:20.0562 0668 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:56:21.0125 0668 TDPIPE - ok
11:56:21.0546 0668 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:56:22.0562 0668 TDTCP - ok
11:56:23.0062 0668 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:56:23.0640 0668 TermDD - ok
11:56:24.0250 0668 TosIde - ok
11:56:24.0734 0668 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:56:25.0546 0668 Udfs - ok
11:56:26.0093 0668 ultra - ok
11:56:26.0593 0668 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:56:27.0265 0668 Update - ok
11:56:27.0984 0668 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:56:28.0843 0668 usbccgp - ok
11:56:29.0234 0668 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:56:29.0890 0668 usbhub - ok
11:56:30.0406 0668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:56:31.0515 0668 usbprint - ok
11:56:32.0281 0668 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:56:32.0843 0668 usbscan - ok
11:56:33.0421 0668 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:56:34.0078 0668 USBSTOR - ok
11:56:34.0437 0668 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:56:35.0015 0668 usbuhci - ok
11:56:35.0421 0668 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:56:36.0546 0668 VgaSave - ok
11:56:36.0921 0668 ViaIde - ok
11:56:37.0500 0668 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:56:38.0187 0668 VolSnap - ok
11:56:38.0828 0668 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:56:39.0765 0668 Wanarp - ok
11:56:40.0296 0668 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
11:56:40.0703 0668 WDC_SAM - ok
11:56:41.0375 0668 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:56:42.0718 0668 Wdf01000 - ok
11:56:43.0218 0668 WDICA - ok
11:56:43.0515 0668 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:56:44.0156 0668 wdmaud - ok
11:56:45.0078 0668 WNDA3100 (966860e5ea3591aa471ec9ced49dc8d2) C:\WINDOWS\system32\DRIVERS\WNDA31.sys
11:56:45.0437 0668 WNDA3100 - ok
11:56:45.0968 0668 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:56:46.0156 0668 WpdUsb - ok
11:56:46.0656 0668 WRkrn (5cbfd0dff695abb7cef5cf88707edc42) C:\WINDOWS\system32\drivers\WRkrn.sys
11:56:47.0140 0668 WRkrn - ok
11:56:47.0593 0668 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:56:48.0171 0668 WS2IFSL - ok
11:56:48.0640 0668 WSIMD (43f767d59bfc25d8f4fc2eb42043ec1e) C:\WINDOWS\system32\DRIVERS\wsimd.sys
11:56:48.0796 0668 WSIMD ( UnsignedFile.Multi.Generic ) - warning
11:56:48.0796 0668 WSIMD - detected UnsignedFile.Multi.Generic (1)
11:56:49.0187 0668 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:56:49.0781 0668 WSTCODEC - ok
11:56:50.0312 0668 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:56:50.0921 0668 WudfPf - ok
11:56:51.0468 0668 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:56:51.0859 0668 WudfRd - ok
11:56:52.0125 0668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:56:56.0796 0668 \Device\Harddisk0\DR0 - ok
11:56:56.0843 0668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:56:57.0218 0668 \Device\Harddisk1\DR1 - ok
11:56:57.0296 0668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR4
11:56:59.0156 0668 \Device\Harddisk2\DR4 - ok
11:56:59.0218 0668 Boot (0x1200) (a1420a3fdd9614fa7d58499eb984d104) \Device\Harddisk0\DR0\Partition0
11:56:59.0218 0668 \Device\Harddisk0\DR0\Partition0 - ok
11:56:59.0281 0668 Boot (0x1200) (43b8bf1185dc2be57d80f3bb148140f0) \Device\Harddisk1\DR1\Partition0
11:56:59.0281 0668 \Device\Harddisk1\DR1\Partition0 - ok
11:56:59.0312 0668 Boot (0x1200) (961133fbb2b8fb28b7bc73143fdf30f7) \Device\Harddisk2\DR4\Partition0
11:56:59.0328 0668 \Device\Harddisk2\DR4\Partition0 - ok
11:56:59.0328 0668 ============================================================
11:56:59.0328 0668 Scan finished
11:56:59.0328 0668 ============================================================
11:56:59.0515 0616 Detected object count: 6
11:56:59.0515 0616 Actual detected object count: 6
11:58:58.0390 0616 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0390 0616 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:58.0421 0616 CdaD10BA ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0421 0616 CdaD10BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:58.0421 0616 DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0421 0616 DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:58.0421 0616 KmxCfg ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0421 0616 KmxCfg ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:58.0437 0616 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0437 0616 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:58.0437 0616 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:58.0437 0616 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip

I ran the MBR as directed and saved the log and compressed the dat file. I'm still having a hard time running the DDS tool. I double click it and notepad opens up and says it cant be run in dos mode. I right click and select install and it runs but crashes.

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 08 February 2012 - 08:50 AM

This fix is for Windows XP. If you have an other operating system do not run it let me know what you have.

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass this installation. You may regret it.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Do not mouse click ComboFix's window while it's running. That may cause it to stall
===

#5 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 08 February 2012 - 01:41 PM

Ran Combofix, restarted. It has been running the "preparing log" screen for an hour now. The dds still is running on its own. I think it may be because I installed as a screensaver...Would restarting the computer be a good idea? Surely I can't re-run the combofix. It may have stalled because of the mouse clicking...

Edited by cartong, 08 February 2012 - 01:43 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 09 February 2012 - 09:11 AM

Stop both processes.

Run ComboFix again. If not completed after 30 minutes stop it again and let me know.

#7 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 09 February 2012 - 01:36 PM

Ran Combofix again and finally gave me a log. I've attached the log.

Attached Files



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 10 February 2012 - 09:12 AM

The log is clean.

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please let me know of the remaining issues with this computer.

#9 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 13 February 2012 - 11:28 AM

Ran Security Test, attached the txt. Going to update Java. Computer is working fine.

Attached Files



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 13 February 2012 - 01:20 PM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java™ 6 Update 13
Java™ 6 Update 2


===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Include in your download" this is not required. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
===

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.

Surf Safely, and Think Prevention!
===

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:19 AM

Posted 19 February 2012 - 10:05 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users