Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Redirect gamblingpuma.com


  • Please log in to reply
7 replies to this topic

#1 Vanatter

Vanatter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 14 February 2012 - 11:00 PM

I started noticing tonight that my computer will at times show gamblingpuma.com in the address bar when doing a google search or directly entering an address. It still goes to the correct address. But my computer shut down once tonight by itself just as I was noticing this. It is a little slow now too. What Should I do about this? Virus software isn't seeing anything, and system restore hasn't made a difference. Any help would be greatly appreciated. Thanks.

Edited by Orange Blossom, 14 February 2012 - 11:51 PM.
Moved from Windows 7 to AII. Duplicates deleted. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 15 February 2012 - 09:15 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Vanatter

Vanatter
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 15 February 2012 - 09:14 PM

I have done everything you suggested. here are the logs. Thanks for your help.

18:00:24.0095 1456 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
18:00:24.0454 1456 ============================================================
18:00:24.0454 1456 Current date / time: 2012/02/15 18:00:24.0454
18:00:24.0454 1456 SystemInfo:
18:00:24.0454 1456
18:00:24.0454 1456 OS Version: 6.1.7601 ServicePack: 1.0
18:00:24.0454 1456 Product type: Workstation
18:00:24.0454 1456 ComputerName: JEFF-PC
18:00:24.0454 1456 UserName: Jeff
18:00:24.0454 1456 Windows directory: C:\Windows
18:00:24.0454 1456 System windows directory: C:\Windows
18:00:24.0454 1456 Running under WOW64
18:00:24.0454 1456 Processor architecture: Intel x64
18:00:24.0454 1456 Number of processors: 2
18:00:24.0454 1456 Page size: 0x1000
18:00:24.0454 1456 Boot type: Safe boot with network
18:00:24.0454 1456 ============================================================
18:00:24.0781 1456 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:00:24.0797 1456 \Device\Harddisk0\DR0:
18:00:24.0797 1456 MBR used
18:00:24.0797 1456 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
18:00:24.0797 1456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x72B7BDB0
18:00:24.0828 1456 Initialize success
18:00:24.0828 1456 ============================================================
18:00:45.0264 1368 ============================================================
18:00:45.0264 1368 Scan started
18:00:45.0264 1368 Mode: Manual; TDLFS;
18:00:45.0264 1368 ============================================================
18:00:45.0607 1368 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:00:45.0607 1368 1394ohci - ok
18:00:45.0654 1368 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:00:45.0654 1368 ACPI - ok
18:00:45.0701 1368 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:00:45.0701 1368 AcpiPmi - ok
18:00:45.0826 1368 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:00:45.0826 1368 adp94xx - ok
18:00:45.0873 1368 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:00:45.0873 1368 adpahci - ok
18:00:45.0888 1368 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:00:45.0888 1368 adpu320 - ok
18:00:45.0982 1368 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
18:00:45.0997 1368 AFD - ok
18:00:46.0029 1368 AFS - ok
18:00:46.0075 1368 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:00:46.0075 1368 agp440 - ok
18:00:46.0138 1368 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:00:46.0138 1368 aliide - ok
18:00:46.0153 1368 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:00:46.0153 1368 amdide - ok
18:00:46.0200 1368 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:00:46.0200 1368 AmdK8 - ok
18:00:46.0200 1368 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:00:46.0216 1368 AmdPPM - ok
18:00:46.0263 1368 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:00:46.0263 1368 amdsata - ok
18:00:46.0325 1368 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:00:46.0325 1368 amdsbs - ok
18:00:46.0372 1368 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:00:46.0372 1368 amdxata - ok
18:00:46.0590 1368 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:00:46.0590 1368 AppID - ok
18:00:46.0762 1368 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:00:46.0762 1368 arc - ok
18:00:46.0871 1368 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:00:46.0871 1368 arcsas - ok
18:00:47.0027 1368 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:47.0027 1368 AsyncMac - ok
18:00:47.0183 1368 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:00:47.0183 1368 atapi - ok
18:00:47.0417 1368 AVer7231_x64 (23d28c00264e6540054750e55a210e99) C:\Windows\system32\DRIVERS\AVer7231_x64.sys
18:00:47.0433 1368 AVer7231_x64 - ok
18:00:47.0557 1368 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:00:47.0557 1368 b06bdrv - ok
18:00:47.0604 1368 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:00:47.0604 1368 b57nd60a - ok
18:00:47.0667 1368 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:00:47.0667 1368 Beep - ok
18:00:47.0729 1368 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:00:47.0729 1368 blbdrive - ok
18:00:47.0791 1368 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:00:47.0791 1368 bowser - ok
18:00:47.0838 1368 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:00:47.0838 1368 BrFiltLo - ok
18:00:47.0838 1368 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:00:47.0854 1368 BrFiltUp - ok
18:00:47.0869 1368 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:00:47.0869 1368 Brserid - ok
18:00:47.0885 1368 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:00:47.0885 1368 BrSerWdm - ok
18:00:47.0885 1368 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:00:47.0901 1368 BrUsbMdm - ok
18:00:47.0916 1368 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:00:47.0916 1368 BrUsbSer - ok
18:00:47.0947 1368 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:00:47.0947 1368 BTHMODEM - ok
18:00:48.0025 1368 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:00:48.0025 1368 cdfs - ok
18:00:48.0072 1368 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:00:48.0072 1368 cdrom - ok
18:00:48.0135 1368 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
18:00:48.0135 1368 cfwids - ok
18:00:48.0197 1368 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:00:48.0197 1368 circlass - ok
18:00:48.0228 1368 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:00:48.0228 1368 CLFS - ok
18:00:48.0259 1368 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:48.0259 1368 CmBatt - ok
18:00:48.0291 1368 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:00:48.0291 1368 cmdide - ok
18:00:48.0337 1368 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
18:00:48.0337 1368 CNG - ok
18:00:48.0384 1368 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:00:48.0384 1368 Compbatt - ok
18:00:48.0415 1368 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:00:48.0415 1368 CompositeBus - ok
18:00:48.0447 1368 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:00:48.0447 1368 crcdisk - ok
18:00:48.0525 1368 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:00:48.0525 1368 DfsC - ok
18:00:48.0540 1368 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:00:48.0540 1368 discache - ok
18:00:48.0587 1368 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:00:48.0587 1368 Disk - ok
18:00:48.0634 1368 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:00:48.0634 1368 drmkaud - ok
18:00:48.0696 1368 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:00:48.0696 1368 DXGKrnl - ok
18:00:48.0743 1368 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
18:00:48.0743 1368 e1yexpress - ok
18:00:48.0805 1368 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:00:48.0852 1368 ebdrv - ok
18:00:48.0961 1368 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
18:00:48.0961 1368 ElbyCDIO - ok
18:00:48.0993 1368 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:00:48.0993 1368 elxstor - ok
18:00:49.0039 1368 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:00:49.0039 1368 ErrDev - ok
18:00:49.0086 1368 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:00:49.0086 1368 exfat - ok
18:00:49.0133 1368 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:00:49.0133 1368 fastfat - ok
18:00:49.0164 1368 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:00:49.0164 1368 fdc - ok
18:00:49.0195 1368 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:00:49.0195 1368 FileInfo - ok
18:00:49.0211 1368 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:00:49.0211 1368 Filetrace - ok
18:00:49.0227 1368 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:00:49.0242 1368 flpydisk - ok
18:00:49.0258 1368 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:00:49.0273 1368 FltMgr - ok
18:00:49.0289 1368 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:00:49.0289 1368 FsDepends - ok
18:00:49.0305 1368 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:00:49.0305 1368 Fs_Rec - ok
18:00:49.0351 1368 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:00:49.0351 1368 fvevol - ok
18:00:49.0383 1368 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:00:49.0383 1368 gagp30kx - ok
18:00:49.0414 1368 GEARAspiWDM - ok
18:00:49.0492 1368 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:00:49.0492 1368 hcw85cir - ok
18:00:49.0554 1368 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:00:49.0554 1368 HdAudAddService - ok
18:00:49.0601 1368 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:00:49.0601 1368 HDAudBus - ok
18:00:49.0617 1368 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:00:49.0617 1368 HidBatt - ok
18:00:49.0632 1368 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:00:49.0632 1368 HidBth - ok
18:00:49.0648 1368 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:00:49.0648 1368 HidIr - ok
18:00:49.0726 1368 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:00:49.0726 1368 HidUsb - ok
18:00:49.0741 1368 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:00:49.0741 1368 HpSAMD - ok
18:00:49.0804 1368 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:00:49.0804 1368 HTTP - ok
18:00:49.0804 1368 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:00:49.0819 1368 hwpolicy - ok
18:00:49.0851 1368 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:00:49.0851 1368 i8042prt - ok
18:00:49.0913 1368 iaStor (bf5442dc14608d18949dc83de37e667a) C:\Windows\system32\DRIVERS\iaStor.sys
18:00:49.0913 1368 iaStor - ok
18:00:49.0975 1368 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:00:49.0975 1368 iaStorV - ok
18:00:50.0209 1368 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:00:50.0381 1368 igfx - ok
18:00:50.0428 1368 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:00:50.0428 1368 iirsp - ok
18:00:50.0490 1368 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
18:00:50.0506 1368 IntcAzAudAddService - ok
18:00:50.0568 1368 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
18:00:50.0568 1368 IntcHdmiAddService - ok
18:00:50.0584 1368 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:00:50.0584 1368 intelide - ok
18:00:50.0615 1368 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:00:50.0615 1368 intelppm - ok
18:00:50.0662 1368 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:50.0662 1368 IpFilterDriver - ok
18:00:50.0677 1368 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:00:50.0693 1368 IPMIDRV - ok
18:00:50.0693 1368 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:00:50.0693 1368 IPNAT - ok
18:00:50.0724 1368 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:00:50.0740 1368 IRENUM - ok
18:00:50.0755 1368 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:00:50.0755 1368 isapnp - ok
18:00:50.0771 1368 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:00:50.0771 1368 iScsiPrt - ok
18:00:50.0787 1368 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:00:50.0787 1368 kbdclass - ok
18:00:50.0833 1368 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:00:50.0833 1368 kbdhid - ok
18:00:50.0849 1368 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
18:00:50.0849 1368 KSecDD - ok
18:00:50.0880 1368 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
18:00:50.0880 1368 KSecPkg - ok
18:00:50.0896 1368 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:00:50.0896 1368 ksthunk - ok
18:00:50.0943 1368 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:00:50.0943 1368 lltdio - ok
18:00:51.0005 1368 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:00:51.0005 1368 LSI_FC - ok
18:00:51.0005 1368 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:00:51.0005 1368 LSI_SAS - ok
18:00:51.0021 1368 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:00:51.0021 1368 LSI_SAS2 - ok
18:00:51.0036 1368 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:00:51.0036 1368 LSI_SCSI - ok
18:00:51.0052 1368 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:00:51.0052 1368 luafv - ok
18:00:51.0208 1368 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:00:51.0208 1368 megasas - ok
18:00:51.0223 1368 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:00:51.0223 1368 MegaSR - ok
18:00:51.0255 1368 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
18:00:51.0255 1368 mfeapfk - ok
18:00:51.0301 1368 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
18:00:51.0317 1368 mfeavfk - ok
18:00:51.0348 1368 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
18:00:51.0348 1368 mfefirek - ok
18:00:51.0379 1368 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
18:00:51.0395 1368 mfehidk - ok
18:00:51.0426 1368 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
18:00:51.0426 1368 mfenlfk - ok
18:00:51.0473 1368 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
18:00:51.0489 1368 mferkdet - ok
18:00:51.0535 1368 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
18:00:51.0535 1368 mfewfpk - ok
18:00:51.0551 1368 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:00:51.0567 1368 Modem - ok
18:00:51.0598 1368 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:00:51.0598 1368 monitor - ok
18:00:51.0645 1368 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:00:51.0660 1368 mouclass - ok
18:00:51.0660 1368 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:00:51.0660 1368 mouhid - ok
18:00:51.0707 1368 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:00:51.0707 1368 mountmgr - ok
18:00:51.0738 1368 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:00:51.0754 1368 mpio - ok
18:00:51.0801 1368 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:00:51.0801 1368 mpsdrv - ok
18:00:51.0847 1368 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:00:51.0847 1368 MRxDAV - ok
18:00:51.0863 1368 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:00:51.0863 1368 mrxsmb - ok
18:00:51.0910 1368 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:00:51.0910 1368 mrxsmb10 - ok
18:00:51.0941 1368 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:00:51.0941 1368 mrxsmb20 - ok
18:00:51.0972 1368 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:00:51.0972 1368 msahci - ok
18:00:52.0003 1368 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:00:52.0019 1368 msdsm - ok
18:00:52.0035 1368 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:00:52.0035 1368 Msfs - ok
18:00:52.0050 1368 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:00:52.0050 1368 mshidkmdf - ok
18:00:52.0066 1368 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:00:52.0066 1368 msisadrv - ok
18:00:52.0128 1368 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:00:52.0128 1368 MSKSSRV - ok
18:00:52.0159 1368 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:00:52.0159 1368 MSPCLOCK - ok
18:00:52.0159 1368 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:00:52.0175 1368 MSPQM - ok
18:00:52.0191 1368 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:00:52.0191 1368 MsRPC - ok
18:00:52.0222 1368 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:00:52.0222 1368 mssmbios - ok
18:00:52.0237 1368 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:00:52.0237 1368 MSTEE - ok
18:00:52.0253 1368 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:00:52.0253 1368 MTConfig - ok
18:00:52.0269 1368 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:00:52.0269 1368 Mup - ok
18:00:52.0331 1368 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:00:52.0331 1368 NativeWifiP - ok
18:00:52.0393 1368 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:00:52.0409 1368 NDIS - ok
18:00:52.0440 1368 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:00:52.0440 1368 NdisCap - ok
18:00:52.0456 1368 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:00:52.0456 1368 NdisTapi - ok
18:00:52.0487 1368 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:00:52.0487 1368 Ndisuio - ok
18:00:52.0503 1368 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:00:52.0503 1368 NdisWan - ok
18:00:52.0549 1368 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:00:52.0549 1368 NDProxy - ok
18:00:52.0565 1368 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:00:52.0565 1368 NetBIOS - ok
18:00:52.0581 1368 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:00:52.0581 1368 NetBT - ok
18:00:52.0643 1368 netr28ux (4ae3bc27a3ba9f99aa1259e995dce08e) C:\Windows\system32\DRIVERS\netr28ux.sys
18:00:52.0659 1368 netr28ux - ok
18:00:52.0721 1368 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:00:52.0721 1368 nfrd960 - ok
18:00:52.0752 1368 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:00:52.0752 1368 Npfs - ok
18:00:52.0783 1368 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:00:52.0783 1368 nsiproxy - ok
18:00:52.0830 1368 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:00:52.0846 1368 Ntfs - ok
18:00:52.0877 1368 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:00:52.0877 1368 Null - ok
18:00:52.0924 1368 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:00:52.0939 1368 nvraid - ok
18:00:52.0986 1368 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:00:52.0986 1368 nvstor - ok
18:00:53.0017 1368 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:00:53.0017 1368 nv_agp - ok
18:00:53.0080 1368 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:00:53.0080 1368 ohci1394 - ok
18:00:53.0127 1368 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:00:53.0127 1368 Parport - ok
18:00:53.0142 1368 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:00:53.0142 1368 partmgr - ok
18:00:53.0158 1368 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:00:53.0158 1368 pci - ok
18:00:53.0205 1368 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:00:53.0205 1368 pciide - ok
18:00:53.0220 1368 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:00:53.0236 1368 pcmcia - ok
18:00:53.0251 1368 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:00:53.0251 1368 pcw - ok
18:00:53.0267 1368 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:00:53.0267 1368 PEAUTH - ok
18:00:53.0345 1368 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\Windows\system32\DRIVERS\pnarp.sys
18:00:53.0345 1368 pnarp - ok
18:00:53.0376 1368 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:00:53.0376 1368 PptpMiniport - ok
18:00:53.0392 1368 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:00:53.0392 1368 Processor - ok
18:00:53.0439 1368 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:00:53.0439 1368 Psched - ok
18:00:53.0470 1368 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\Windows\system32\DRIVERS\purendis.sys
18:00:53.0470 1368 purendis - ok
18:00:53.0517 1368 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:00:53.0532 1368 ql2300 - ok
18:00:53.0563 1368 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:00:53.0563 1368 ql40xx - ok
18:00:53.0579 1368 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:00:53.0579 1368 QWAVEdrv - ok
18:00:53.0610 1368 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:00:53.0610 1368 RasAcd - ok
18:00:53.0657 1368 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:00:53.0657 1368 RasAgileVpn - ok
18:00:53.0673 1368 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:00:53.0673 1368 Rasl2tp - ok
18:00:53.0688 1368 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:00:53.0688 1368 RasPppoe - ok
18:00:53.0704 1368 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:00:53.0704 1368 RasSstp - ok
18:00:53.0735 1368 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:00:53.0735 1368 rdbss - ok
18:00:53.0751 1368 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:00:53.0751 1368 rdpbus - ok
18:00:53.0766 1368 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:00:53.0766 1368 RDPCDD - ok
18:00:53.0782 1368 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:00:53.0782 1368 RDPENCDD - ok
18:00:53.0797 1368 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:00:53.0797 1368 RDPREFMP - ok
18:00:53.0844 1368 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:00:53.0844 1368 RDPWD - ok
18:00:53.0891 1368 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:00:53.0891 1368 rdyboost - ok
18:00:53.0938 1368 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:00:53.0938 1368 rspndr - ok
18:00:53.0953 1368 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:00:53.0953 1368 sbp2port - ok
18:00:53.0985 1368 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:00:53.0985 1368 scfilter - ok
18:00:54.0016 1368 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:00:54.0016 1368 secdrv - ok
18:00:54.0047 1368 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:00:54.0047 1368 Serenum - ok
18:00:54.0078 1368 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:00:54.0078 1368 Serial - ok
18:00:54.0109 1368 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:00:54.0109 1368 sermouse - ok
18:00:54.0156 1368 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:00:54.0156 1368 sffdisk - ok
18:00:54.0172 1368 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:00:54.0172 1368 sffp_mmc - ok
18:00:54.0187 1368 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:00:54.0187 1368 sffp_sd - ok
18:00:54.0219 1368 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:00:54.0219 1368 sfloppy - ok
18:00:54.0250 1368 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:00:54.0250 1368 SiSRaid2 - ok
18:00:54.0265 1368 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:00:54.0265 1368 SiSRaid4 - ok
18:00:54.0265 1368 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:00:54.0265 1368 Smb - ok
18:00:54.0297 1368 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:00:54.0297 1368 spldr - ok
18:00:54.0343 1368 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
18:00:54.0343 1368 srv - ok
18:00:54.0375 1368 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
18:00:54.0375 1368 srv2 - ok
18:00:54.0390 1368 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
18:00:54.0390 1368 srvnet - ok
18:00:54.0406 1368 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:00:54.0406 1368 stexstor - ok
18:00:54.0421 1368 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:00:54.0421 1368 swenum - ok
18:00:54.0468 1368 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
18:00:54.0499 1368 Tcpip - ok
18:00:54.0546 1368 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
18:00:54.0546 1368 TCPIP6 - ok
18:00:54.0593 1368 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:00:54.0593 1368 tcpipreg - ok
18:00:54.0624 1368 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:00:54.0624 1368 TDPIPE - ok
18:00:54.0624 1368 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:00:54.0624 1368 TDTCP - ok
18:00:54.0671 1368 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:00:54.0671 1368 tdx - ok
18:00:54.0687 1368 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:00:54.0687 1368 TermDD - ok
18:00:54.0718 1368 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:00:54.0733 1368 tssecsrv - ok
18:00:54.0796 1368 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:00:54.0796 1368 TsUsbFlt - ok
18:00:54.0858 1368 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:00:54.0858 1368 tunnel - ok
18:00:54.0858 1368 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:00:54.0858 1368 uagp35 - ok
18:00:54.0874 1368 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:00:54.0889 1368 udfs - ok
18:00:54.0921 1368 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:00:54.0921 1368 uliagpkx - ok
18:00:54.0936 1368 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:00:54.0936 1368 umbus - ok
18:00:54.0952 1368 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:00:54.0952 1368 UmPass - ok
18:00:54.0999 1368 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
18:00:55.0014 1368 usbccgp - ok
18:00:55.0061 1368 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:00:55.0061 1368 usbcir - ok
18:00:55.0077 1368 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
18:00:55.0077 1368 usbehci - ok
18:00:55.0139 1368 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
18:00:55.0139 1368 usbhub - ok
18:00:55.0155 1368 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
18:00:55.0155 1368 usbohci - ok
18:00:55.0186 1368 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:00:55.0186 1368 usbprint - ok
18:00:55.0201 1368 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:00:55.0201 1368 USBSTOR - ok
18:00:55.0217 1368 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:00:55.0217 1368 usbuhci - ok
18:00:55.0248 1368 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
18:00:55.0248 1368 VClone - ok
18:00:55.0279 1368 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:00:55.0279 1368 vdrvroot - ok
18:00:55.0311 1368 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:00:55.0311 1368 vga - ok
18:00:55.0326 1368 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:00:55.0326 1368 VgaSave - ok
18:00:55.0342 1368 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:00:55.0357 1368 vhdmp - ok
18:00:55.0389 1368 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:00:55.0389 1368 viaide - ok
18:00:55.0404 1368 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:00:55.0404 1368 volmgr - ok
18:00:55.0435 1368 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:00:55.0435 1368 volmgrx - ok
18:00:55.0467 1368 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:00:55.0467 1368 volsnap - ok
18:00:55.0482 1368 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:00:55.0482 1368 vsmraid - ok
18:00:55.0498 1368 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:00:55.0498 1368 vwifibus - ok
18:00:55.0545 1368 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:00:55.0545 1368 vwififlt - ok
18:00:55.0560 1368 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:00:55.0560 1368 WacomPen - ok
18:00:55.0623 1368 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:00:55.0623 1368 WANARP - ok
18:00:55.0623 1368 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:00:55.0623 1368 Wanarpv6 - ok
18:00:55.0685 1368 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:00:55.0685 1368 Wd - ok
18:00:55.0701 1368 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:00:55.0716 1368 Wdf01000 - ok
18:00:55.0732 1368 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:00:55.0732 1368 WfpLwf - ok
18:00:55.0747 1368 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:00:55.0747 1368 WIMMount - ok
18:00:55.0810 1368 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:00:55.0810 1368 WinUsb - ok
18:00:55.0825 1368 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:00:55.0825 1368 WmiAcpi - ok
18:00:55.0888 1368 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:00:55.0888 1368 ws2ifsl - ok
18:00:55.0919 1368 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:00:55.0919 1368 WudfPf - ok
18:00:55.0935 1368 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:00:55.0935 1368 WUDFRd - ok
18:00:55.0997 1368 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
18:00:56.0013 1368 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:00:56.0013 1368 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:00:56.0044 1368 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:00:56.0044 1368 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:00:56.0075 1368 Boot (0x1200) (b57f793d31ccf623b804a8d8d8da0edc) \Device\Harddisk0\DR0\Partition0
18:00:56.0075 1368 \Device\Harddisk0\DR0\Partition0 - ok
18:00:56.0075 1368 Boot (0x1200) (dad100ce0f2eb33d4211933073cd3573) \Device\Harddisk0\DR0\Partition1
18:00:56.0091 1368 \Device\Harddisk0\DR0\Partition1 - ok
18:00:56.0091 1368 ============================================================
18:00:56.0091 1368 Scan finished
18:00:56.0091 1368 ============================================================
18:00:56.0091 1712 Detected object count: 2
18:00:56.0091 1712 Actual detected object count: 2


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-15 19:03:57
Windows 6.1.7601 Service Pack 1
Running: 4ktoge8t.exe


---- Files - GMER 1.0.15 ----

File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\latestgossip[1].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\style_beauty[1].txt 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\20120216005045@x02[1].htm 3247 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\afr[1].php 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GX5318Q\ttj[1] 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\detect[1].act 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\if[1].txt 449 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\if[2].txt 449 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\bdb5351e-a374-4228-8222-2d65a7390f08[1].htm 707 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\iframe3[2].htm 3001 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\iframe3[3].htm 3001 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\iframe[1].htm 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\iframe[2].htm 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\st[2] 4478 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\st[3] 4472 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\ddc[8].htm 11861 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHLDNR7U\isolate[1].html 694 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\isolate[1].html 694 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\afrCAGCPRL2.htm 0 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\cb,INSERT_RANDOM_NUMBER_HERE[1].htm 233 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\cb,INSERT_RANDOM_NUMBER_HERE[2].htm 232 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\iframe3[2].htm 3001 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\c76656eb-d459-47b5-8d67-ebad80bbaf51[1].htm 707 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\ddc[8].htm 11861 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\st[4] 4454 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\st[5] 4457 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\cb,INSERT_RANDOM_NUMBER_HERE[1].htm 233 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\iframe3[4].htm 1317 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q18USE3B\iframe3[5].htm 1311 bytes
File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BZQUDZWM\secure-us.imrworldwide.com\_ggMCvar_2.sol 0 bytes

---- EOF - GMER 1.0.15 ----


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-15 19:04:14
-----------------------------
19:04:14.566 OS Version: Windows x64 6.1.7601 Service Pack 1
19:04:14.566 Number of processors: 2 586 0x170A
19:04:14.566 ComputerName: JEFF-PC UserName: Jeff
19:04:19.122 Initialize success
19:05:32.254 AVAST engine defs: 12021501
19:05:47.464 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:05:47.464 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
19:05:47.464 Device \Driver\iaStor -> MajorFunction fffffa8007bb75c4
19:05:47.464 Disk 0 MBR read successfully
19:05:47.480 Disk 0 MBR scan
19:05:47.480 Disk 0 Windows 7 default MBR code
19:05:47.480 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
19:05:47.496 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
19:05:47.511 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939767 MB offset 28878848
19:05:47.511 Service scanning
19:05:48.556 Modules scanning
19:05:48.556 Disk 0 trace - called modules:
19:05:48.556 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800828c280]<<28056075.sys >>UNKNOWN [0xfffffa8007bb75c4]<<
19:05:48.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007246060]
19:05:48.572 3 CLASSPNP.SYS[fffff88001aa643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f4f050]
19:05:48.572 \Driver\iaStor[0xfffffa8007ae1420] -> IRP_MJ_CREATE -> 0xfffffa8007bb75c4
19:05:51.770 AVAST engine scan C:\Windows
19:05:56.216 AVAST engine scan C:\Windows\system32
19:07:31.595 AVAST engine scan C:\Windows\system32\drivers
19:07:40.627 AVAST engine scan C:\Users\Jeff
19:27:46.728 AVAST engine scan C:\ProgramData
19:53:31.162 File: C:\ProgramData\Microsoft\Windows\DRM\29CC.tmp **INFECTED** Win32:Malware-gen
19:53:31.208 File: C:\ProgramData\Microsoft\Windows\DRM\29CD.tmp **INFECTED** Win32:Malware-gen
19:56:23.823 Scan finished successfully
20:00:26.122 Disk 0 MBR has been saved successfully to "C:\Users\Jeff\Desktop\MBR.dat"
20:00:26.122 The log file has been saved successfully to "C:\Users\Jeff\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 16 February 2012 - 12:55 AM

Run TDSSkiller once again and post the log(Post the complete log content)

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Post the clean log



Download

ESET online

scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Please re run ASWMBR again after ESET scanner and post the log

#5 Vanatter

Vanatter
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 16 February 2012 - 09:43 PM

Here are the logs from everything. Thanks again for your help.

06:43:14.0539 3836 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
06:43:14.0851 3836 ============================================================
06:43:14.0851 3836 Current date / time: 2012/02/16 06:43:14.0851
06:43:14.0851 3836 SystemInfo:
06:43:14.0851 3836
06:43:14.0851 3836 OS Version: 6.1.7601 ServicePack: 1.0
06:43:14.0851 3836 Product type: Workstation
06:43:14.0851 3836 ComputerName: JEFF-PC
06:43:14.0851 3836 UserName: Jeff
06:43:14.0851 3836 Windows directory: C:\Windows
06:43:14.0851 3836 System windows directory: C:\Windows
06:43:14.0851 3836 Running under WOW64
06:43:14.0851 3836 Processor architecture: Intel x64
06:43:14.0851 3836 Number of processors: 2
06:43:14.0851 3836 Page size: 0x1000
06:43:14.0851 3836 Boot type: Normal boot
06:43:14.0851 3836 ============================================================
06:43:15.0459 3836 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:43:15.0475 3836 \Device\Harddisk0\DR0:
06:43:15.0475 3836 MBR used
06:43:15.0475 3836 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
06:43:15.0475 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x72B7BDB0
06:43:15.0490 3836 Initialize success
06:43:15.0490 3836 ============================================================
06:43:26.0317 2732 ============================================================
06:43:26.0317 2732 Scan started
06:43:26.0317 2732 Mode: Manual; TDLFS;
06:43:26.0317 2732 ============================================================
06:43:26.0691 2732 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
06:43:26.0691 2732 1394ohci - ok
06:43:26.0738 2732 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
06:43:26.0738 2732 ACPI - ok
06:43:26.0769 2732 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
06:43:26.0816 2732 AcpiPmi - ok
06:43:26.0894 2732 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
06:43:26.0910 2732 adp94xx - ok
06:43:26.0925 2732 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
06:43:26.0941 2732 adpahci - ok
06:43:26.0957 2732 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
06:43:26.0972 2732 adpu320 - ok
06:43:26.0988 2732 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
06:43:26.0988 2732 AFD - ok
06:43:27.0003 2732 AFS - ok
06:43:27.0019 2732 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
06:43:27.0019 2732 agp440 - ok
06:43:27.0035 2732 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
06:43:27.0035 2732 aliide - ok
06:43:27.0066 2732 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
06:43:27.0081 2732 amdide - ok
06:43:27.0081 2732 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
06:43:27.0081 2732 AmdK8 - ok
06:43:27.0097 2732 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
06:43:27.0097 2732 AmdPPM - ok
06:43:27.0159 2732 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
06:43:27.0206 2732 amdsata - ok
06:43:27.0269 2732 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
06:43:27.0284 2732 amdsbs - ok
06:43:27.0300 2732 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
06:43:27.0362 2732 amdxata - ok
06:43:27.0409 2732 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
06:43:27.0425 2732 AppID - ok
06:43:27.0456 2732 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
06:43:27.0456 2732 arc - ok
06:43:27.0487 2732 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
06:43:27.0487 2732 arcsas - ok
06:43:27.0534 2732 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
06:43:27.0534 2732 AsyncMac - ok
06:43:27.0549 2732 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
06:43:27.0565 2732 atapi - ok
06:43:27.0643 2732 AVer7231_x64 (23d28c00264e6540054750e55a210e99) C:\Windows\system32\DRIVERS\AVer7231_x64.sys
06:43:27.0705 2732 AVer7231_x64 - ok
06:43:27.0768 2732 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
06:43:27.0783 2732 b06bdrv - ok
06:43:27.0799 2732 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
06:43:27.0799 2732 b57nd60a - ok
06:43:27.0830 2732 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
06:43:27.0830 2732 Beep - ok
06:43:27.0893 2732 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
06:43:27.0893 2732 blbdrive - ok
06:43:27.0908 2732 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
06:43:27.0939 2732 bowser - ok
06:43:27.0986 2732 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:43:27.0986 2732 BrFiltLo - ok
06:43:28.0002 2732 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:43:28.0017 2732 BrFiltUp - ok
06:43:28.0017 2732 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
06:43:28.0033 2732 Brserid - ok
06:43:28.0033 2732 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
06:43:28.0049 2732 BrSerWdm - ok
06:43:28.0049 2732 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
06:43:28.0049 2732 BrUsbMdm - ok
06:43:28.0095 2732 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
06:43:28.0095 2732 BrUsbSer - ok
06:43:28.0095 2732 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
06:43:28.0095 2732 BTHMODEM - ok
06:43:28.0127 2732 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
06:43:28.0127 2732 cdfs - ok
06:43:28.0142 2732 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
06:43:28.0173 2732 cdrom - ok
06:43:28.0283 2732 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
06:43:28.0329 2732 cfwids - ok
06:43:28.0376 2732 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
06:43:28.0376 2732 circlass - ok
06:43:28.0423 2732 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
06:43:28.0423 2732 CLFS - ok
06:43:28.0485 2732 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
06:43:28.0485 2732 CmBatt - ok
06:43:28.0501 2732 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
06:43:28.0501 2732 cmdide - ok
06:43:28.0548 2732 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
06:43:28.0595 2732 CNG - ok
06:43:28.0595 2732 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
06:43:28.0610 2732 Compbatt - ok
06:43:28.0641 2732 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
06:43:28.0688 2732 CompositeBus - ok
06:43:28.0704 2732 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
06:43:28.0704 2732 crcdisk - ok
06:43:28.0782 2732 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
06:43:28.0813 2732 DfsC - ok
06:43:28.0844 2732 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
06:43:28.0844 2732 discache - ok
06:43:28.0907 2732 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
06:43:28.0907 2732 Disk - ok
06:43:28.0969 2732 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
06:43:28.0969 2732 drmkaud - ok
06:43:29.0016 2732 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
06:43:29.0078 2732 DXGKrnl - ok
06:43:29.0125 2732 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
06:43:29.0125 2732 e1yexpress - ok
06:43:29.0203 2732 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
06:43:29.0265 2732 ebdrv - ok
06:43:29.0343 2732 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
06:43:29.0406 2732 ElbyCDIO - ok
06:43:29.0421 2732 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
06:43:29.0437 2732 elxstor - ok
06:43:29.0453 2732 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
06:43:29.0453 2732 ErrDev - ok
06:43:29.0484 2732 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
06:43:29.0484 2732 exfat - ok
06:43:29.0499 2732 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
06:43:29.0515 2732 fastfat - ok
06:43:29.0531 2732 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
06:43:29.0531 2732 fdc - ok
06:43:29.0562 2732 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
06:43:29.0562 2732 FileInfo - ok
06:43:29.0577 2732 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
06:43:29.0577 2732 Filetrace - ok
06:43:29.0593 2732 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
06:43:29.0593 2732 flpydisk - ok
06:43:29.0609 2732 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
06:43:29.0640 2732 FltMgr - ok
06:43:29.0655 2732 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
06:43:29.0655 2732 FsDepends - ok
06:43:29.0671 2732 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
06:43:29.0687 2732 Fs_Rec - ok
06:43:29.0733 2732 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
06:43:29.0733 2732 fvevol - ok
06:43:29.0765 2732 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
06:43:29.0765 2732 gagp30kx - ok
06:43:29.0796 2732 GEARAspiWDM - ok
06:43:29.0843 2732 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
06:43:29.0858 2732 hcw85cir - ok
06:43:29.0921 2732 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
06:43:29.0967 2732 HdAudAddService - ok
06:43:30.0030 2732 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
06:43:30.0030 2732 HDAudBus - ok
06:43:30.0045 2732 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
06:43:30.0045 2732 HidBatt - ok
06:43:30.0077 2732 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
06:43:30.0077 2732 HidBth - ok
06:43:30.0092 2732 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
06:43:30.0108 2732 HidIr - ok
06:43:30.0155 2732 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
06:43:30.0217 2732 HidUsb - ok
06:43:30.0264 2732 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
06:43:30.0295 2732 HpSAMD - ok
06:43:30.0326 2732 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
06:43:30.0326 2732 HTTP - ok
06:43:30.0342 2732 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
06:43:30.0342 2732 hwpolicy - ok
06:43:30.0373 2732 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
06:43:30.0373 2732 i8042prt - ok
06:43:30.0404 2732 iaStor (bf5442dc14608d18949dc83de37e667a) C:\Windows\system32\DRIVERS\iaStor.sys
06:43:30.0404 2732 iaStor - ok
06:43:30.0482 2732 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
06:43:30.0529 2732 iaStorV - ok
06:43:30.0732 2732 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
06:43:30.0981 2732 igfx - ok
06:43:31.0013 2732 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
06:43:31.0013 2732 iirsp - ok
06:43:31.0075 2732 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
06:43:31.0106 2732 IntcAzAudAddService - ok
06:43:31.0137 2732 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
06:43:31.0169 2732 IntcHdmiAddService - ok
06:43:31.0200 2732 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
06:43:31.0200 2732 intelide - ok
06:43:31.0231 2732 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
06:43:31.0247 2732 intelppm - ok
06:43:31.0278 2732 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:43:31.0325 2732 IpFilterDriver - ok
06:43:31.0356 2732 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
06:43:31.0387 2732 IPMIDRV - ok
06:43:31.0387 2732 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
06:43:31.0403 2732 IPNAT - ok
06:43:31.0418 2732 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
06:43:31.0418 2732 IRENUM - ok
06:43:31.0434 2732 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
06:43:31.0434 2732 isapnp - ok
06:43:31.0449 2732 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
06:43:31.0496 2732 iScsiPrt - ok
06:43:31.0512 2732 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
06:43:31.0527 2732 kbdclass - ok
06:43:31.0543 2732 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
06:43:31.0574 2732 kbdhid - ok
06:43:31.0605 2732 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
06:43:31.0621 2732 KSecDD - ok
06:43:31.0652 2732 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
06:43:31.0683 2732 KSecPkg - ok
06:43:31.0699 2732 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
06:43:31.0699 2732 ksthunk - ok
06:43:31.0777 2732 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
06:43:31.0777 2732 lltdio - ok
06:43:31.0824 2732 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
06:43:31.0824 2732 LSI_FC - ok
06:43:31.0839 2732 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
06:43:31.0839 2732 LSI_SAS - ok
06:43:31.0855 2732 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:43:31.0871 2732 LSI_SAS2 - ok
06:43:31.0871 2732 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:43:31.0886 2732 LSI_SCSI - ok
06:43:31.0902 2732 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
06:43:31.0902 2732 luafv - ok
06:43:32.0042 2732 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
06:43:32.0058 2732 megasas - ok
06:43:32.0073 2732 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
06:43:32.0089 2732 MegaSR - ok
06:43:32.0120 2732 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
06:43:32.0167 2732 mfeapfk - ok
06:43:32.0214 2732 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
06:43:32.0276 2732 mfeavfk - ok
06:43:32.0292 2732 mfeavfk01 - ok
06:43:32.0339 2732 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
06:43:32.0385 2732 mfefirek - ok
06:43:32.0417 2732 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
06:43:32.0463 2732 mfehidk - ok
06:43:32.0495 2732 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
06:43:32.0526 2732 mfenlfk - ok
06:43:32.0541 2732 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
06:43:32.0557 2732 mferkdet - ok
06:43:32.0604 2732 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
06:43:32.0635 2732 mfewfpk - ok
06:43:32.0666 2732 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
06:43:32.0666 2732 Modem - ok
06:43:32.0713 2732 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
06:43:32.0713 2732 monitor - ok
06:43:32.0729 2732 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
06:43:32.0729 2732 mouclass - ok
06:43:32.0729 2732 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
06:43:32.0744 2732 mouhid - ok
06:43:32.0760 2732 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
06:43:32.0760 2732 mountmgr - ok
06:43:32.0791 2732 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
06:43:32.0822 2732 mpio - ok
06:43:32.0838 2732 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
06:43:32.0853 2732 mpsdrv - ok
06:43:32.0885 2732 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
06:43:32.0916 2732 MRxDAV - ok
06:43:32.0947 2732 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:43:32.0978 2732 mrxsmb - ok
06:43:33.0025 2732 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:43:33.0056 2732 mrxsmb10 - ok
06:43:33.0072 2732 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:43:33.0103 2732 mrxsmb20 - ok
06:43:33.0134 2732 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
06:43:33.0165 2732 msahci - ok
06:43:33.0197 2732 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
06:43:33.0259 2732 msdsm - ok
06:43:33.0275 2732 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
06:43:33.0290 2732 Msfs - ok
06:43:33.0290 2732 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
06:43:33.0306 2732 mshidkmdf - ok
06:43:33.0321 2732 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
06:43:33.0321 2732 msisadrv - ok
06:43:33.0368 2732 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
06:43:33.0368 2732 MSKSSRV - ok
06:43:33.0384 2732 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
06:43:33.0399 2732 MSPCLOCK - ok
06:43:33.0415 2732 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
06:43:33.0415 2732 MSPQM - ok
06:43:33.0431 2732 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
06:43:33.0462 2732 MsRPC - ok
06:43:33.0477 2732 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
06:43:33.0477 2732 mssmbios - ok
06:43:33.0509 2732 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
06:43:33.0509 2732 MSTEE - ok
06:43:33.0509 2732 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
06:43:33.0509 2732 MTConfig - ok
06:43:33.0524 2732 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
06:43:33.0540 2732 Mup - ok
06:43:33.0602 2732 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
06:43:33.0602 2732 NativeWifiP - ok
06:43:33.0711 2732 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
06:43:33.0711 2732 NDIS - ok
06:43:33.0758 2732 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
06:43:33.0774 2732 NdisCap - ok
06:43:33.0789 2732 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
06:43:33.0789 2732 NdisTapi - ok
06:43:33.0836 2732 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
06:43:33.0899 2732 Ndisuio - ok
06:43:33.0914 2732 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
06:43:33.0945 2732 NdisWan - ok
06:43:33.0977 2732 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
06:43:34.0008 2732 NDProxy - ok
06:43:34.0055 2732 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
06:43:34.0055 2732 NetBIOS - ok
06:43:34.0086 2732 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
06:43:34.0086 2732 NetBT - ok
06:43:34.0179 2732 netr28ux (4ae3bc27a3ba9f99aa1259e995dce08e) C:\Windows\system32\DRIVERS\netr28ux.sys
06:43:34.0242 2732 netr28ux - ok
06:43:34.0273 2732 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
06:43:34.0273 2732 nfrd960 - ok
06:43:34.0320 2732 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
06:43:34.0320 2732 Npfs - ok
06:43:34.0351 2732 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
06:43:34.0351 2732 nsiproxy - ok
06:43:34.0398 2732 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
06:43:34.0460 2732 Ntfs - ok
06:43:34.0476 2732 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
06:43:34.0476 2732 Null - ok
06:43:34.0523 2732 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
06:43:34.0554 2732 nvraid - ok
06:43:34.0616 2732 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
06:43:34.0663 2732 nvstor - ok
06:43:34.0694 2732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
06:43:34.0710 2732 nv_agp - ok
06:43:34.0757 2732 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
06:43:34.0757 2732 ohci1394 - ok
06:43:34.0819 2732 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
06:43:34.0819 2732 Parport - ok
06:43:34.0850 2732 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
06:43:34.0897 2732 partmgr - ok
06:43:34.0913 2732 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
06:43:34.0959 2732 pci - ok
06:43:34.0975 2732 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
06:43:34.0975 2732 pciide - ok
06:43:34.0991 2732 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
06:43:34.0991 2732 pcmcia - ok
06:43:35.0022 2732 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
06:43:35.0022 2732 pcw - ok
06:43:35.0037 2732 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
06:43:35.0053 2732 PEAUTH - ok
06:43:35.0115 2732 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\Windows\system32\DRIVERS\pnarp.sys
06:43:35.0147 2732 pnarp - ok
06:43:35.0178 2732 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
06:43:35.0209 2732 PptpMiniport - ok
06:43:35.0225 2732 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
06:43:35.0225 2732 Processor - ok
06:43:35.0271 2732 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
06:43:35.0271 2732 Psched - ok
06:43:35.0318 2732 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\Windows\system32\DRIVERS\purendis.sys
06:43:35.0365 2732 purendis - ok
06:43:35.0412 2732 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
06:43:35.0427 2732 ql2300 - ok
06:43:35.0443 2732 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
06:43:35.0443 2732 ql40xx - ok
06:43:35.0474 2732 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
06:43:35.0474 2732 QWAVEdrv - ok
06:43:35.0490 2732 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
06:43:35.0505 2732 RasAcd - ok
06:43:35.0521 2732 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
06:43:35.0521 2732 RasAgileVpn - ok
06:43:35.0552 2732 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:43:35.0583 2732 Rasl2tp - ok
06:43:35.0599 2732 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
06:43:35.0615 2732 RasPppoe - ok
06:43:35.0630 2732 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
06:43:35.0630 2732 RasSstp - ok
06:43:35.0646 2732 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
06:43:35.0677 2732 rdbss - ok
06:43:35.0693 2732 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
06:43:35.0693 2732 rdpbus - ok
06:43:35.0724 2732 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:43:35.0724 2732 RDPCDD - ok
06:43:35.0724 2732 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
06:43:35.0724 2732 RDPENCDD - ok
06:43:35.0739 2732 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
06:43:35.0739 2732 RDPREFMP - ok
06:43:35.0786 2732 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
06:43:35.0849 2732 RDPWD - ok
06:43:35.0864 2732 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
06:43:35.0895 2732 rdyboost - ok
06:43:35.0942 2732 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
06:43:35.0942 2732 rspndr - ok
06:43:35.0973 2732 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
06:43:36.0005 2732 sbp2port - ok
06:43:36.0036 2732 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
06:43:36.0067 2732 scfilter - ok
06:43:36.0098 2732 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
06:43:36.0098 2732 secdrv - ok
06:43:36.0114 2732 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
06:43:36.0114 2732 Serenum - ok
06:43:36.0145 2732 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
06:43:36.0161 2732 Serial - ok
06:43:36.0176 2732 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
06:43:36.0192 2732 sermouse - ok
06:43:36.0223 2732 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
06:43:36.0239 2732 sffdisk - ok
06:43:36.0254 2732 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
06:43:36.0254 2732 sffp_mmc - ok
06:43:36.0285 2732 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
06:43:36.0317 2732 sffp_sd - ok
06:43:36.0332 2732 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
06:43:36.0332 2732 sfloppy - ok
06:43:36.0363 2732 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:43:36.0363 2732 SiSRaid2 - ok
06:43:36.0363 2732 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
06:43:36.0379 2732 SiSRaid4 - ok
06:43:36.0379 2732 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
06:43:36.0395 2732 Smb - ok
06:43:36.0426 2732 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
06:43:36.0426 2732 spldr - ok
06:43:36.0457 2732 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
06:43:36.0488 2732 srv - ok
06:43:36.0519 2732 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
06:43:36.0551 2732 srv2 - ok
06:43:36.0566 2732 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
06:43:36.0597 2732 srvnet - ok
06:43:36.0644 2732 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
06:43:36.0644 2732 stexstor - ok
06:43:36.0691 2732 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
06:43:36.0691 2732 swenum - ok
06:43:36.0753 2732 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
06:43:36.0831 2732 Tcpip - ok
06:43:36.0863 2732 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
06:43:36.0878 2732 TCPIP6 - ok
06:43:36.0909 2732 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
06:43:36.0941 2732 tcpipreg - ok
06:43:36.0972 2732 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
06:43:36.0972 2732 TDPIPE - ok
06:43:36.0972 2732 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
06:43:36.0987 2732 TDTCP - ok
06:43:37.0003 2732 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
06:43:37.0034 2732 tdx - ok
06:43:37.0050 2732 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
06:43:37.0065 2732 TermDD - ok
06:43:37.0112 2732 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:43:37.0143 2732 tssecsrv - ok
06:43:37.0206 2732 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
06:43:37.0268 2732 TsUsbFlt - ok
06:43:37.0315 2732 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
06:43:37.0362 2732 tunnel - ok
06:43:37.0362 2732 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
06:43:37.0362 2732 uagp35 - ok
06:43:37.0393 2732 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
06:43:37.0424 2732 udfs - ok
06:43:37.0471 2732 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
06:43:37.0471 2732 uliagpkx - ok
06:43:37.0518 2732 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
06:43:37.0549 2732 umbus - ok
06:43:37.0549 2732 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
06:43:37.0549 2732 UmPass - ok
06:43:37.0611 2732 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
06:43:37.0658 2732 usbccgp - ok
06:43:37.0705 2732 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
06:43:37.0705 2732 usbcir - ok
06:43:37.0721 2732 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
06:43:37.0721 2732 usbehci - ok
06:43:37.0752 2732 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
06:43:37.0783 2732 usbhub - ok
06:43:37.0799 2732 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
06:43:37.0814 2732 usbohci - ok
06:43:37.0845 2732 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
06:43:37.0845 2732 usbprint - ok
06:43:37.0861 2732 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:43:37.0861 2732 USBSTOR - ok
06:43:37.0877 2732 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
06:43:37.0877 2732 usbuhci - ok
06:43:37.0923 2732 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
06:43:37.0970 2732 VClone - ok
06:43:37.0986 2732 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
06:43:37.0986 2732 vdrvroot - ok
06:43:38.0017 2732 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
06:43:38.0017 2732 vga - ok
06:43:38.0033 2732 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
06:43:38.0048 2732 VgaSave - ok
06:43:38.0079 2732 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
06:43:38.0111 2732 vhdmp - ok
06:43:38.0142 2732 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
06:43:38.0142 2732 viaide - ok
06:43:38.0157 2732 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
06:43:38.0189 2732 volmgr - ok
06:43:38.0204 2732 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
06:43:38.0220 2732 volmgrx - ok
06:43:38.0235 2732 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
06:43:38.0267 2732 volsnap - ok
06:43:38.0313 2732 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
06:43:38.0329 2732 vsmraid - ok
06:43:38.0345 2732 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
06:43:38.0345 2732 vwifibus - ok
06:43:38.0391 2732 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
06:43:38.0391 2732 vwififlt - ok
06:43:38.0423 2732 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
06:43:38.0423 2732 WacomPen - ok
06:43:38.0485 2732 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
06:43:38.0516 2732 WANARP - ok
06:43:38.0547 2732 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
06:43:38.0547 2732 Wanarpv6 - ok
06:43:38.0563 2732 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
06:43:38.0563 2732 Wd - ok
06:43:38.0610 2732 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
06:43:38.0641 2732 Wdf01000 - ok
06:43:38.0688 2732 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
06:43:38.0688 2732 WfpLwf - ok
06:43:38.0703 2732 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
06:43:38.0719 2732 WIMMount - ok
06:43:38.0766 2732 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
06:43:38.0797 2732 WinUsb - ok
06:43:38.0813 2732 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
06:43:38.0813 2732 WmiAcpi - ok
06:43:38.0859 2732 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
06:43:38.0859 2732 ws2ifsl - ok
06:43:38.0906 2732 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
06:43:38.0953 2732 WudfPf - ok
06:43:38.0969 2732 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:43:38.0969 2732 WUDFRd - ok
06:43:39.0015 2732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
06:43:39.0140 2732 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
06:43:39.0140 2732 \Device\Harddisk0\DR0 - detected TDSS File System (1)
06:43:39.0171 2732 Boot (0x1200) (b57f793d31ccf623b804a8d8d8da0edc) \Device\Harddisk0\DR0\Partition0
06:43:39.0171 2732 \Device\Harddisk0\DR0\Partition0 - ok
06:43:39.0187 2732 Boot (0x1200) (dad100ce0f2eb33d4211933073cd3573) \Device\Harddisk0\DR0\Partition1
06:43:39.0187 2732 \Device\Harddisk0\DR0\Partition1 - ok
06:43:39.0187 2732 ============================================================
06:43:39.0187 2732 Scan finished
06:43:39.0187 2732 ============================================================
06:43:39.0203 4900 Detected object count: 1
06:43:39.0203 4900 Actual detected object count: 1
06:43:59.0748 4900 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
06:43:59.0748 4900 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
06:44:44.0517 1096 Deinitialize success

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.16.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jeff :: JEFF-PC [administrator]

Protection: Enabled

2/16/2012 6:46:30 AM
mbam-log-2012-02-16 (12-33-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 594831
Time elapsed: 4 hour(s), 19 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Recycle.Bin (Trojan.Spyeyes) -> No action taken.

Files Detected: 0
(No malicious items detected)

(end)

ESET
C:\ProgramData\Microsoft\Windows\DRM\29CC.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\29CD.tmp Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.02.2012_18.00.24\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.02.2012_18.00.24\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.02.2012_18.00.24\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\z8bmv0xm.default\extensions\{204a74ce-f1fd-4de2-8168-08bbbb238536}\chrome\xulcache.jar JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\z8bmv0xm.default\extensions\{650bb287-7c08-4e74-a237-99047ba01229}\chrome\xulcache.jar JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\z8bmv0xm.default\extensions\{d9d2c0f4-aa37-4973-823a-99b912654faf}\chrome\xulcache.jar JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Users\Jeff\Desktop\MP3 Programs\Done\xilisoft-mkv-converter-5.1.37.0305.exe a variant of Win32/Agent.QRF trojan deleted - quarantined


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-16 17:08:47
-----------------------------
17:08:47.480 OS Version: Windows x64 6.1.7601 Service Pack 1
17:08:47.480 Number of processors: 2 586 0x170A
17:08:47.480 ComputerName: JEFF-PC UserName: Jeff
17:08:48.994 Initialize success
17:08:54.110 AVAST engine defs: 12021501
17:09:12.752 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:09:12.752 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
17:09:12.768 Disk 0 MBR read successfully
17:09:12.768 Disk 0 MBR scan
17:09:12.784 Disk 0 Windows 7 default MBR code
17:09:12.784 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
17:09:12.799 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
17:09:12.799 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939767 MB offset 28878848
17:09:12.799 Service scanning
17:09:13.860 Modules scanning
17:09:13.860 Disk 0 trace - called modules:
17:09:13.860 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:09:13.876 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008277640]
17:09:13.876 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005ebd050]
17:09:15.202 AVAST engine scan C:\Windows
17:09:19.897 AVAST engine scan C:\Windows\system32
17:12:36.052 AVAST engine scan C:\Windows\system32\drivers
17:13:04.896 AVAST engine scan C:\Users\Jeff
17:46:08.518 AVAST engine scan C:\ProgramData
18:17:22.643 Scan finished successfully
20:27:56.696 Disk 0 MBR has been saved successfully to "C:\Users\Jeff\Desktop\MBR.dat"
20:27:56.727 The log file has been saved successfully to "C:\Users\Jeff\Desktop\aswMBR.txt"


MiniToolBox by Farbar Version: 18-01-2012
Ran by Jeff (administrator) on 16-02-2012 at 20:29:46
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=;ftp=;https=;

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.share_proxy_settings", true
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jeff-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-26-2D-33-F2-71
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2cef:2cd3:10ef:d158%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, February 16, 2012 6:29:04 PM
Lease Expires . . . . . . . . . . : Friday, February 17, 2012 6:29:03 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234888562
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-9E-8F-D9-00-26-2D-33-F2-71
DNS Servers . . . . . . . . . . . : 97.64.183.164
97.64.209.37
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{80D0E6BA-F8FC-4A5D-8D34-A836EE1FF021}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2844:fb18:52e3:2bd8(Preferred)
Link-local IPv6 Address . . . . . : fe80::2844:fb18:52e3:2bd8%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: google.com
Addresses: 74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.106
74.125.225.107
74.125.225.108
74.125.225.109
74.125.225.110
74.125.225.111
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99
74.125.225.100


Pinging google.com [74.125.225.109] with 32 bytes of data:
Reply from 74.125.225.109: bytes=32 time=422ms TTL=53
Reply from 74.125.225.109: bytes=32 time=20ms TTL=53

Ping statistics for 74.125.225.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 422ms, Average = 221ms
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=157ms TTL=49
Reply from 98.139.127.62: bytes=32 time=154ms TTL=49

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 154ms, Maximum = 157ms, Average = 155ms
Server: sprdc-dns-dts10.mcomdc.com
Address: 97.64.183.164

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 5ms, Average = 3ms
===========================================================================
Interface List
10...00 26 2d 33 f2 71 ......Intel® 82567V-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 276
192.168.1.103 255.255.255.255 On-link 192.168.1.103 276
192.168.1.255 255.255.255.255 On-link 192.168.1.103 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:2844:fb18:52e3:2bd8/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2844:fb18:52e3:2bd8/128
On-link
10 276 fe80::2cef:2cd3:10ef:d158/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/16/2012 07:49:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2012 00:35:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2012 00:35:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2012 00:35:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2012 06:32:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2012 09:30:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: mcupdmgr.exe, version: 11.0.630.0, time stamp: 0x4e85af0d
Faulting module name: mcupdmgr.exe, version: 11.0.630.0, time stamp: 0x4e85af0d
Exception code: 0xc0000005
Fault offset: 0x000000000003fda5
Faulting process id: 0x11e4
Faulting application start time: 0xmcupdmgr.exe0
Faulting application path: mcupdmgr.exe1
Faulting module path: mcupdmgr.exe2
Report Id: mcupdmgr.exe3

Error: (02/14/2012 09:23:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: mcupdmgr.exe, version: 11.0.630.0, time stamp: 0x4e85af0d
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9
Exception code: 0xc0000005
Fault offset: 0x0000000000053332
Faulting process id: 0x2dc
Faulting application start time: 0xmcupdmgr.exe0
Faulting application path: mcupdmgr.exe1
Faulting module path: mcupdmgr.exe2
Report Id: mcupdmgr.exe3

Error: (02/14/2012 09:16:42 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (02/14/2012 09:14:19 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (02/14/2012 09:12:41 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3


System errors:
=============
Error: (02/15/2012 08:01:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (02/15/2012 08:01:44 PM) (Source: Service Control Manager) (User: )
Description: The Creative Centrale Media Server service terminated with the following error:
%%1008

Error: (02/15/2012 08:01:30 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/15/2012 08:01:28 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/15/2012 08:00:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.0.0)
1001 Minigolf Challenge (Version: 1.00.07.04.30)
2002 Games (Version: 1.00.07.02.13)
2007 Microsoft Office Suite Service Pack 2 (SP2)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 Plugin (Version: 10.3.181.14)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Advertising Center (Version: 0.0.0.2)
Amazon MP3 Downloader 1.0.10
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Azteca (Version: 1.0.0.0)
Beetle Bug (Version: 1.0.0.0)
Bengal (Version: 1.0.0.0)
Best Game Hits 1-4 (Version: 2.00.10.08.27)
Best Game Hits 5 (Version: 2.00.10.08.27)
Best Games Hits 3 (Version: 1.00.09.07.10)
Bloxxit (Version: 1.0.0.0)
Cartoon Network All-Stars (Version: 1.01)
Chicken Attack (Version: 1.0.0.0)
Chicken’s Revenge (Version: 1.0.0.0)
CleanUp!
Color Eggs (Version: 1.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Creative Centrale (Version: 1.17.01)
Creative Software Update (Version: 1.03.01)
Crystal Caverns of Amon-Ra (Version: 1.00.09.03.08)
CyberLink PowerDVD 9 (Version: 9.0.2610.50)
Diamond Drop (CD version) (Version: 1.0.0.0)
DigitImg (Version: 2.00.0000)
Diner Dash 2
Discovery A Seek And Find Adventure
DivX Setup (Version: 2.1.2.2)
Drop Em Deluxe
eBay Worldwide (Version: 2.1.0901)
Elven Mists 2 (Version: 1.0.0.0)
ESET Online Scanner v3
Evil Invasion
Farm Craft 2 (Version: 1.0)
Game Collection 500,000 (Version: 2.00.10.08.26)
GameHouse Games Collection: Academy of Magic
GameHouse Games Collection: Adventure Inlay
GameHouse Games Collection: Adventure Inlay - Safari Edition
GameHouse Games Collection: Air Strike 3D
GameHouse Games Collection: Alien Sky
GameHouse Games Collection: Aloha Solitaire
GameHouse Games Collection: Aloha TriPeaks
GameHouse Games Collection: Ancient Tri-Jong
GameHouse Games Collection: Ancient Tripeaks
GameHouse Games Collection: Astrobatics
GameHouse Games Collection: Atlantis
GameHouse Games Collection: Atomaders
GameHouse Games Collection: Bejeweled 2
GameHouse Games Collection: Bewitched
GameHouse Games Collection: Big Kahuna Reef
GameHouse Games Collection: Boggle Supreme
GameHouse Games Collection: Bounce Out Blitz
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Chainz
GameHouse Games Collection: Chainz 2 - Relinked
GameHouse Games Collection: Charm Solitaire
GameHouse Games Collection: Charm Tale
GameHouse Games Collection: Chicktionary
GameHouse Games Collection: Chuzzle Deluxe
GameHouse Games Collection: Collapse! Crunch
GameHouse Games Collection: Combo Chaos!
GameHouse Games Collection: Crystal Path
GameHouse Games Collection: Cubis Gold 2
GameHouse Games Collection: Digby's Donuts
GameHouse Games Collection: Diner Dash
GameHouse Games Collection: Feeding Frenzy
GameHouse Games Collection: Fiber Twig
GameHouse Games Collection: Five Card Deluxe
GameHouse Games Collection: Flip Words
GameHouse Games Collection: Flying Leo
GameHouse Games Collection: Fortune Tiles Gold
GameHouse Games Collection: Fresco Wizard
GameHouse Games Collection: GameHouse Sudoku
GameHouse Games Collection: Gearz
GameHouse Games Collection: Granny in Paradise
GameHouse Games Collection: Gutterball
GameHouse Games Collection: Gutterball 2
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Hello!
GameHouse Games Collection: Holiday Express
GameHouse Games Collection: Iggle Pop!
GameHouse Games Collection: Incadia
GameHouse Games Collection: Incredible Ink
GameHouse Games Collection: Insaniquarium Deluxe
GameHouse Games Collection: Inspector Parker
GameHouse Games Collection: Invadazoid
GameHouse Games Collection: Jewel Quest
GameHouse Games Collection: Lemonade Tycoon
GameHouse Games Collection: Luxor
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Magic Ball 2
GameHouse Games Collection: Magic Ball 2 - New Worlds
GameHouse Games Collection: Magic Inlay
GameHouse Games Collection: Magic Vines
GameHouse Games Collection: Mah Jong Adventures
GameHouse Games Collection: Mah Jong Medley
GameHouse Games Collection: Mah Jong Quest
GameHouse Games Collection: Mahjong Garden To Go
GameHouse Games Collection: Mahjong Towers Eternity
GameHouse Games Collection: Maui Wowee
GameHouse Games Collection: Phlinx To Go
GameHouse Games Collection: Pin High Country Club Golf
GameHouse Games Collection: Pizza Frenzy
GameHouse Games Collection: Platypus
GameHouse Games Collection: Poker Superstars
GameHouse Games Collection: Puzzle Express
GameHouse Games Collection: Puzzle Inlay
GameHouse Games Collection: Puzzle Solitaire
GameHouse Games Collection: QBz
GameHouse Games Collection: Reader's Digest Super Word Power
GameHouse Games Collection: Ricochet
GameHouse Games Collection: Ricochet Lost Worlds
GameHouse Games Collection: Ricochet Lost Worlds - Recharged
GameHouse Games Collection: Roller Rush
GameHouse Games Collection: Saints & Sinners Bingo
GameHouse Games Collection: SCRABBLE
GameHouse Games Collection: Shape Shifter
GameHouse Games Collection: Slingo Deluxe
GameHouse Games Collection: Spelvin
GameHouse Games Collection: Splash
GameHouse Games Collection: Spring Sprang Sprung
GameHouse Games Collection: Super 5-Line Slots
GameHouse Games Collection: Super Blackjack!
GameHouse Games Collection: Super Bounce Out!
GameHouse Games Collection: Super Candy Cruncher
GameHouse Games Collection: Super Collapse!
GameHouse Games Collection: Super Collapse! II
GameHouse Games Collection: Super Collapse! II Platinum
GameHouse Games Collection: Super Fruit Frolic
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
GameHouse Games Collection: Super Gem Drop
GameHouse Games Collection: Super Glinx!
GameHouse Games Collection: Super Letter Linker
GameHouse Games Collection: Super Mah Jong Solitaire
GameHouse Games Collection: Super Nisqually
GameHouse Games Collection: Super PileUp!
GameHouse Games Collection: Super Pool
GameHouse Games Collection: Super Pop & Drop!
GameHouse Games Collection: Super Rumble Cube
GameHouse Games Collection: Super SpongeBob Collapse!
GameHouse Games Collection: Super TextTwist
GameHouse Games Collection: Super WHATword
GameHouse Games Collection: Super Wild Wild Words
GameHouse Games Collection: Tap a Jam
GameHouse Games Collection: Ten Pin Championship Bowling Pro
GameHouse Games Collection: Tennis Titans
GameHouse Games Collection: Tradewinds 2
GameHouse Games Collection: Trivia Machine
GameHouse Games Collection: Tropical Swaps
GameHouse Games Collection: Tumblebugs
GameHouse Games Collection: Turtle Bay
GameHouse Games Collection: Twistingo
GameHouse Games Collection: Ultimate Dominoes
GameHouse Games Collection: Varmintz Deluxe
GameHouse Games Collection: Walls of Jericho, The
GameHouse Games Collection: Wheel of Fortune
GameHouse Games Collection: Word Jolt
GameHouse Games Collection: Word Slinger
GameHouse Games Collection: WordJong To Go
GameHouse Games Collection: Zuma Deluxe
Gateway Games (Version: 1.0.0.80)
Gateway InfoCentre (Version: 3.02.3000)
Gateway Photo Frame 4.2.3.10 (Version: 4.2.3.10)
Gateway Recovery Management (Version: 4.05.3007)
Gateway Registration (Version: 1.02.3006)
Gateway ScreenSaver (Version: 1.1.0812)
Gateway Updater (Version: 1.02.3001)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.99)
H&R Block Deluxe + Efile + State 2010 (Version: 10.04.6402)
H&R Block Iowa 2010 (Version: 1.10.2701)
High-Definition Video Playback (Version: 11.1.10500.2.65)
Hotkey Utility (Version: 2.05.3001)
Hoyle Puzzle and Board Games 2011 (remove only)
HP Memories Disc (Version: 1.0.4.805)
HP Photo Creations (Version: 1.0.0.4281)
HP Software Update (Version: 1.0.18.20030627)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 3 (Version: 1.6.0.30)
Junk Mail filter update (Version: 14.0.8089.726)
Linksys EasyLink Advisor
Linksys EasyLink Advisor (Version: 3.11.9139.94)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee Total Protection (Version: 11.0.654)
MediaMonkey 4.0 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires Gold
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Namco Museum 50th Anniversary (Version: 1.00.0000)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 9 Essentials
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero ControlCenter (Version: 9.0.0.1)
Nero Core Components 11 (Version: 11.0.15600.1.17)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Kwik Media (Version: 1.10.24000.138.100)
Nero Kwik Media (Version: 11.0.16401)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
Nero Update (Version: 11.0.11500.28.0)
nero.prerequisites.msi (Version: 11.0.20008)
NeroExpress (Version: 9.4.33.100)
neroxml (Version: 1.0.0)
Norton Online Backup (Version: 1.2.0.36)
Octoshape add-in for Adobe Flash Player
Peggle Deluxe
Pet Vet 2
Philips Songbird (Version: 3.2.1667 (1667))
Photosmart 140,240,7200,7600,7700,7900 Series (Version: 2.0)
Picasa 3 (Version: 3.8)
Platinum Hide IP (Version: 2.1.1.6)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PSShortcuts (Version: 1.00.0000)
PSUsage (Version: 1.20.0000)
Pure Networks Platform (Version: 11.1.9051.0)
Puzzle and Board XP Championship (Version: 1.00.07.06.01)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.71.80.42)
Ralink RT2860 Wireless LAN Card (Version: 1.0.7.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Sansa Updater (Version: 1.301)
Save The Dinos 1.0 (Version: 1.0)
SpongeBob SquarePants Employee of the Month
SpongeBob SquarePants Obstacle Odyssey (remove only)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.1.64.g5c5914e3)
Tag&Rename 3.5.7 (Version: 3.5.7)
The Battle for Middle-earth ™
The Weather Channel Toolbar
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Virtual Vegas Slots Bonus (Version: 1.00.07.10.10)
VirtualCloneDrive
VIVA MEDIA GAME CENTER (Version: 1.2010.6.23)
VLC media player 1.1.2 (Version: 1.1.2)
WebEx Support Manager for Internet Explorer (Version: 6.5.47)
Welcome Center (Version: 1.00.3013)
Winamp (Version: 5.581 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
WinRAR archiver
WordPerfect Office 11 (Version: 11.0)
Xilisoft MKV Converter 6 (Version: 6.0.12.0914)
Xilisoft Video Converter Ultimate (Version: 7.0.0.1121)
Zimbra Desktop 1.0.4
Zoo Vet (remove only)
Zoo Vet 2 - Endangered Animals 1.00

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 6109.18 MB
Available physical RAM: 3882.14 MB
Total Pagefile: 12216.55 MB
Available Pagefile: 9702.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.3 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:917.74 GB) (Free:115 GB) NTFS

========================= Users: ========================================

User accounts for \\JEFF-PC

Administrator Guest Jeff


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 16 February 2012 - 10:43 PM

06:43:59.0748 4900 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Run TDSSkiller once again and make sure to select DELETE for TDSSfile system,do not skip it

C:\Recycle.Bin (Trojan.Spyeyes) -> No action taken.

Make sure to run malwarebytes once and click on SHOW results

check mark the C:\Recycle.Bin (Trojan.Spyeyes) and click on REMOVE INFECTIONS

Click on QUARANTINE tab and click on DELETE ALL

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 Vanatter

Vanatter
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:01:37 AM

Posted 18 February 2012 - 05:25 PM

Thanks for your help. Hopefully this takes care of it. No links were clicked on to the best of my knowledge. Thanks again.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 18 February 2012 - 06:46 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users