Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Alureon.H plus Google redirect via gamblingpuma.com...etc


  • Please log in to reply
25 replies to this topic

#1 scott here

scott here

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 09:42 AM

I'm hoping for some help here. Windows 7 64 bit
Problem started 2 nights ago, some programs started closing themselves. Next eve noticed google being redirected via gamblingpuma.com to various random websites. After reboot Security essentials started picking up various trojans, mostly alureon.h. and other alureon variants. seems to clean them.....pc runs fine besides the google redirect. Ran NPE it cleaned it also.....still comes back after reboot.....tried tdsskiller, no help. I've done all I can do without some help. This sucker is a bugger.

other trojans / etc. were detected on different reboots, but most often its this Alureon.h

I did notice that anything i could find online thru searches for gamblingpuma.com also were posted in the last 2 days, wondering if this is something new (see links below)

http://www.bleepingcomputer.com/forums/topic442680.html

http://answers.yahoo.com/question/index?qid=20120214162839AAjWsWB

http://answers.microsoft.com/en-us/windows/forum/windows_other-security/gamblingpumacom-browser-hijacker/54b55469-9d30-4a63-92a9-3a7994974eea

thanx for listening and any help you can provide

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 11:14 AM

Hello,I moved this to the Am I Infected forum.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 09:46 PM

minitoolbox:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Scott (administrator) on 15-02-2012 at 21:43:03
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Atheros AR5009 802.11a/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Scott-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-03-7F-8E-16-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5009 802.11a/g/n WiFi Adapter
Physical Address. . . . . . . . . : 00-03-7F-8E-16-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-57-DF-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c47e:76cf:425c:f63e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, February 15, 2012 6:33:59 PM
Lease Expires . . . . . . . . . . : Thursday, February 16, 2012 6:33:59 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890910
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-A0-2E-B2-00-26-9E-57-DD-D1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F7212564-7208-4EE8-9940-09F3208E7C0A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9BAB99C4-8953-4E74-8AF8-84517A3E90E9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3062:184e:b88d:6045(Preferred)
Link-local IPv6 Address . . . . . : fe80::3062:184e:b88d:6045%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F93EDB5A-0437-4FB0-AE65-C0D7F6B17378}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 72.14.204.113
72.14.204.102
72.14.204.138
72.14.204.100
72.14.204.101


Pinging google.com [72.14.204.101] with 32 bytes of data:
Reply from 72.14.204.101: bytes=32 time=337ms TTL=55
Reply from 72.14.204.101: bytes=32 time=287ms TTL=55

Ping statistics for 72.14.204.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 287ms, Maximum = 337ms, Average = 312ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
98.139.127.62


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=490ms TTL=56
Reply from 98.139.127.62: bytes=32 time=526ms TTL=56

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 490ms, Maximum = 526ms, Average = 508ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...06 03 7f 8e 16 29 ......Microsoft Virtual WiFi Miniport Adapter
12...00 03 7f 8e 16 29 ......Atheros AR5009 802.11a/g/n WiFi Adapter
11...00 26 9e 57 df a5 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.4 296
169.254.255.255 255.255.255.255 On-link 192.168.1.4 276
192.168.1.0 255.255.255.0 On-link 192.168.1.4 276
192.168.1.4 255.255.255.255 On-link 192.168.1.4 276
192.168.1.255 255.255.255.255 On-link 192.168.1.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3062:184e:b88d:6045/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3062:184e:b88d:6045/128
On-link
11 276 fe80::c47e:76cf:425c:f63e/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193024] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/15/2012 09:37:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (02/15/2012 09:37:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (02/15/2012 06:42:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:42:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/15/2012 06:41:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (02/15/2012 08:08:06 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:59 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:52 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:45 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:38 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:31 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:24 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:17 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:11 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/15/2012 08:07:04 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (02/15/2012 09:37:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Desktop\esetsmartinstaller_enu.exe

Error: (02/15/2012 09:37:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2012 06:42:42 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:42:42 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:36 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:35 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:35 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/15/2012 06:41:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

µTorrent (Version: 2.0.3)
ACDSee Classic
Acrobat X Suite (Version: 1.0)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Captivate Quiz Results Analyzer (Version: 1.0)
Adobe Captivate Reviewer (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Media Player (Version: 1.8)
Adobe Presenter 7 (Version: 7.0)
Adobe Presenter 7 (Version: 7.0.6)
Adobe Reader 9.3.2 MUI (Version: 9.3.2)
AMD USB Filter Driver (Version: 1.0.10.84)
Atheros Driver Installation Program (Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.732.0)
AutoCAD 2006 - English (Version: 16.2.54.10)
Autodesk DWF Viewer (Version: 5.1)
AutoHook 2006 (Version: 1.00.0000)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 1.0.106)
BUFFALO INC. DISK FORMATTER
BUFFALO NAS Navigator2
BUFFALO Secure Lock Ware
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Common (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840)
ccc-core-static (Version: 2009.0702.1239.20840)
ccc-utility64 (Version: 2009.0702.1239.20840)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840)
CCC Help Czech (Version: 2009.0702.1238.20840)
CCC Help Danish (Version: 2009.0702.1238.20840)
CCC Help Dutch (Version: 2009.0702.1238.20840)
CCC Help English (Version: 2009.0702.1238.20840)
CCC Help Finnish (Version: 2009.0702.1238.20840)
CCC Help French (Version: 2009.0702.1238.20840)
CCC Help German (Version: 2009.0702.1238.20840)
CCC Help Greek (Version: 2009.0702.1238.20840)
CCC Help Hungarian (Version: 2009.0702.1238.20840)
CCC Help Italian (Version: 2009.0702.1238.20840)
CCC Help Japanese (Version: 2009.0702.1238.20840)
CCC Help Korean (Version: 2009.0702.1238.20840)
CCC Help Norwegian (Version: 2009.0702.1238.20840)
CCC Help Polish (Version: 2009.0702.1238.20840)
CCC Help Portuguese (Version: 2009.0702.1238.20840)
CCC Help Russian (Version: 2009.0702.1238.20840)
CCC Help Spanish (Version: 2009.0702.1238.20840)
CCC Help Swedish (Version: 2009.0702.1238.20840)
CCC Help Thai (Version: 2009.0702.1238.20840)
CCC Help Turkish (Version: 2009.0702.1238.20840)
CCFile 3.31
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Cool Timer 3.7
Corel Paint Shop Pro Photo X2 (Version: 12.50.0001)
Corel VideoStudio 12 (Version: 12.0.0.0000)
CutePDF Writer 2.8
CyberLink DVD Suite (Version: 6.0.3101)
CyberLink Power2Go (Version: 6.0.3108a)
D3DX10 (Version: 15.4.2368.0902)
EASEUS Partition Master 6.5.2 Home Edition
EASEUS Partition Recovery 5.0.1
ENE CIR Receiver Driver (Version: 2.7.4.0)
Homepage Protection (Version: )
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.9652.3188)
HP Button Manager (Version: 1.6.0.0)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SlingPlayer (Version: 2.1.1.60)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP Quick Launch Buttons (Version: 6.50.3.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 4.3.1.2)
HP Update (Version: 5.001.000.014)
HP USB Disk Storage Format Tool
HP User Guides 0153 (Version: 1.01.0000)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.6)
IDT Audio (Version: 1.0.6225.0)
InfraRecorder 0.50 (x64 edition) (Version: 0.50.00.00)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
JMicron Flash Media Controller Driver (Version: 1.0.32.1)
Jukebox Arcade (Version: 1.3.00.7)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.1913)
LightScribe System Software (Version: 1.18.6.1)
LimeWire PRO 4.18.7 (Version: 4.18.7)
LSI HDA Modem (Version: 2.1.94)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Media Jukebox 14 (Version: 14)
Medieval CUE Splitter (Version: 1.2.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
mIRC (Version: 7.1)
Mozilla Firefox 10.0 (x86 en-US) (Version: 10.0)
Mp3tag v2.47b (Version: v2.47b)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NewsBin Pro (Version: 5.55)
Newsbin Pro (Version: 6.20)
NxS XFade control v0.7
OpenOffice.org 3.2 (Version: 3.2.9502)
PaltalkScene (Version: 10.0)
PDF Settings CS5 (Version: 10.0)
PhotoNow! (Version: 1.1.5615)
Power File Gold v.1
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.1.3.100)
Real Alternative 2.0.2 (Version: 2.0.2)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Synaptics Pointing Device Driver (Version: 13.2.4.12)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VideoStudio (Version: 12.0.0.0000)
Winamp (Version: 5.581 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Mobile Device Updater Component (Version: 04.07.1404.01)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Zune (Version: 04.07.1404.01)
Zune Language Pack (DEU) (Version: 04.07.1404.01)
Zune Language Pack (ESP) (Version: 04.07.1404.01)
Zune Language Pack (FRA) (Version: 04.07.1404.01)
Zune Language Pack (ITA) (Version: 04.07.1404.01)
Zune Language Pack (NLD) (Version: 04.07.1404.01)
Zune Language Pack (PTB) (Version: 04.07.1404.01)
Zune Language Pack (PTG) (Version: 04.07.1404.01)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 4092.2 MB
Available physical RAM: 2075.55 MB
Total Pagefile: 8182.54 MB
Available Pagefile: 5743.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.08 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:282.46 GB) (Free:140.87 GB) NTFS
2 Drive d: (HP_PAVILION) (Fixed) (Total:298.09 GB) (Free:95.01 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:15.33 GB) (Free:2.43 GB) NTFS
5 Drive u: (Media) (Network) (Total:923.76 GB) (Free:496.99 GB) NTFS
6 Drive v: (Music_Video) (Network) (Total:917.07 GB) (Free:246.78 GB) NTFS
7 Drive w: (Media) (Network) (Total:923.76 GB) (Free:496.99 GB) NTFS
8 Drive y: (Movies) (Network) (Total:917.07 GB) (Free:246.78 GB) NTFS
9 Drive z: (Media) (Network) (Total:923.76 GB) (Free:496.99 GB) NTFS

========================= Users: ========================================

User accounts for \\SCOTT-PC

Administrator Guest Scott


**** End of log ****

#4 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 09:52 PM

21:47:23.0301 2372 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
21:47:24.0511 2372 ============================================================
21:47:24.0511 2372 Current date / time: 2012/02/15 21:47:24.0511
21:47:24.0511 2372 SystemInfo:
21:47:24.0511 2372
21:47:24.0511 2372 OS Version: 6.1.7600 ServicePack: 0.0
21:47:24.0511 2372 Product type: Workstation
21:47:24.0511 2372 ComputerName: SCOTT-PC
21:47:24.0512 2372 UserName: Scott
21:47:24.0512 2372 Windows directory: C:\Windows
21:47:24.0512 2372 System windows directory: C:\Windows
21:47:24.0512 2372 Running under WOW64
21:47:24.0512 2372 Processor architecture: Intel x64
21:47:24.0512 2372 Number of processors: 2
21:47:24.0512 2372 Page size: 0x1000
21:47:24.0512 2372 Boot type: Normal boot
21:47:24.0512 2372 ============================================================
21:47:25.0630 2372 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:47:25.0641 2372 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:47:25.0647 2372 \Device\Harddisk0\DR0:
21:47:25.0647 2372 MBR used
21:47:25.0647 2372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63000
21:47:25.0647 2372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x63800, BlocksNum 0x234EC800
21:47:25.0647 2372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23550000, BlocksNum 0x1EAA000
21:47:25.0648 2372 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xE, StartLBA 0x253FA000, BlocksNum 0x342B0
21:47:25.0648 2372 \Device\Harddisk1\DR1:
21:47:25.0648 2372 MBR used
21:47:25.0648 2372 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
21:47:25.0738 2372 Initialize success
21:47:25.0738 2372 ============================================================
21:47:53.0998 4780 ============================================================
21:47:53.0999 4780 Scan started
21:47:53.0999 4780 Mode: Manual; TDLFS;
21:47:53.0999 4780 ============================================================
21:47:55.0501 4780 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
21:47:55.0509 4780 1394ohci - ok
21:47:55.0577 4780 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:47:55.0580 4780 Accelerometer - ok
21:47:55.0636 4780 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
21:47:55.0645 4780 ACPI - ok
21:47:55.0669 4780 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
21:47:55.0671 4780 AcpiPmi - ok
21:47:55.0734 4780 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:47:55.0746 4780 adp94xx - ok
21:47:55.0799 4780 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:47:55.0804 4780 adpahci - ok
21:47:55.0849 4780 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:47:55.0866 4780 adpu320 - ok
21:47:55.0943 4780 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
21:47:55.0960 4780 AFD - ok
21:47:56.0041 4780 AgereSoftModem (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
21:47:56.0088 4780 AgereSoftModem - ok
21:47:56.0111 4780 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
21:47:56.0114 4780 agp440 - ok
21:47:56.0169 4780 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
21:47:56.0170 4780 aliide - ok
21:47:56.0216 4780 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
21:47:56.0218 4780 amdide - ok
21:47:56.0235 4780 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:47:56.0237 4780 AmdK8 - ok
21:47:56.0254 4780 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:47:56.0257 4780 AmdPPM - ok
21:47:56.0310 4780 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:47:56.0313 4780 amdsata - ok
21:47:56.0330 4780 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:47:56.0333 4780 amdsbs - ok
21:47:56.0375 4780 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:47:56.0376 4780 amdxata - ok
21:47:56.0391 4780 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:47:56.0393 4780 AppID - ok
21:47:56.0420 4780 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:47:56.0423 4780 arc - ok
21:47:56.0477 4780 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:47:56.0481 4780 arcsas - ok
21:47:56.0499 4780 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:47:56.0502 4780 AsyncMac - ok
21:47:56.0523 4780 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
21:47:56.0524 4780 atapi - ok
21:47:56.0598 4780 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
21:47:56.0634 4780 athr - ok
21:47:56.0685 4780 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
21:47:56.0687 4780 AtiHdmiService - ok
21:47:56.0886 4780 atikmdag (c5758bf1dfd762a5b17041ff061b7750) C:\Windows\system32\DRIVERS\atikmdag.sys
21:47:57.0017 4780 atikmdag - ok
21:47:57.0034 4780 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:47:57.0035 4780 AtiPcie - ok
21:47:57.0091 4780 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:47:57.0097 4780 b06bdrv - ok
21:47:57.0113 4780 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:47:57.0118 4780 b57nd60a - ok
21:47:57.0175 4780 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:47:57.0176 4780 Beep - ok
21:47:57.0218 4780 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:47:57.0220 4780 blbdrive - ok
21:47:57.0295 4780 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:47:57.0297 4780 bowser - ok
21:47:57.0315 4780 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:47:57.0317 4780 BrFiltLo - ok
21:47:57.0328 4780 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:47:57.0329 4780 BrFiltUp - ok
21:47:57.0352 4780 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:47:57.0356 4780 Brserid - ok
21:47:57.0372 4780 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:47:57.0374 4780 BrSerWdm - ok
21:47:57.0389 4780 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:47:57.0390 4780 BrUsbMdm - ok
21:47:57.0402 4780 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:47:57.0403 4780 BrUsbSer - ok
21:47:57.0423 4780 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:47:57.0425 4780 BTHMODEM - ok
21:47:57.0446 4780 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:47:57.0447 4780 cdfs - ok
21:47:57.0469 4780 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
21:47:57.0472 4780 cdrom - ok
21:47:57.0490 4780 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:47:57.0492 4780 circlass - ok
21:47:57.0526 4780 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:47:57.0531 4780 CLFS - ok
21:47:57.0578 4780 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:47:57.0579 4780 CmBatt - ok
21:47:57.0616 4780 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
21:47:57.0617 4780 cmdide - ok
21:47:57.0673 4780 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
21:47:57.0687 4780 CNG - ok
21:47:57.0722 4780 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:47:57.0723 4780 Compbatt - ok
21:47:57.0735 4780 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:47:57.0737 4780 CompositeBus - ok
21:47:57.0754 4780 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:47:57.0756 4780 crcdisk - ok
21:47:57.0819 4780 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:47:57.0823 4780 DfsC - ok
21:47:57.0876 4780 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:47:57.0879 4780 discache - ok
21:47:57.0901 4780 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:47:57.0904 4780 Disk - ok
21:47:57.0940 4780 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
21:47:57.0943 4780 dot4 - ok
21:47:57.0974 4780 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:47:57.0975 4780 Dot4Print - ok
21:47:57.0990 4780 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
21:47:57.0991 4780 Dot4Scan - ok
21:47:58.0029 4780 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
21:47:58.0031 4780 dot4usb - ok
21:47:58.0042 4780 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:47:58.0044 4780 drmkaud - ok
21:47:58.0099 4780 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:47:58.0124 4780 DXGKrnl - ok
21:47:58.0224 4780 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:47:58.0303 4780 ebdrv - ok
21:47:58.0342 4780 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:47:58.0354 4780 elxstor - ok
21:47:58.0379 4780 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
21:47:58.0381 4780 enecir - ok
21:47:58.0422 4780 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
21:47:58.0424 4780 epmntdrv - ok
21:47:58.0446 4780 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
21:47:58.0447 4780 ErrDev - ok
21:47:58.0464 4780 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
21:47:58.0474 4780 EuGdiDrv - ok
21:47:58.0521 4780 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:47:58.0524 4780 exfat - ok
21:47:58.0565 4780 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:47:58.0568 4780 fastfat - ok
21:47:58.0593 4780 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:47:58.0594 4780 fdc - ok
21:47:58.0638 4780 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:47:58.0639 4780 FileInfo - ok
21:47:58.0653 4780 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:47:58.0655 4780 Filetrace - ok
21:47:58.0703 4780 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:47:58.0704 4780 flpydisk - ok
21:47:58.0728 4780 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:47:58.0732 4780 FltMgr - ok
21:47:58.0751 4780 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:47:58.0753 4780 FsDepends - ok
21:47:58.0771 4780 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:47:58.0773 4780 Fs_Rec - ok
21:47:58.0800 4780 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:47:58.0804 4780 fvevol - ok
21:47:58.0824 4780 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:47:58.0826 4780 gagp30kx - ok
21:47:58.0866 4780 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:47:58.0868 4780 hcw85cir - ok
21:47:58.0890 4780 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:47:58.0895 4780 HdAudAddService - ok
21:47:58.0916 4780 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:47:58.0918 4780 HDAudBus - ok
21:47:58.0931 4780 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:47:58.0933 4780 HidBatt - ok
21:47:58.0949 4780 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:47:58.0951 4780 HidBth - ok
21:47:58.0968 4780 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:47:58.0969 4780 HidIr - ok
21:47:58.0991 4780 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
21:47:58.0992 4780 HidUsb - ok
21:47:59.0052 4780 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:47:59.0053 4780 hpdskflt - ok
21:47:59.0082 4780 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:47:59.0083 4780 HpqKbFiltr - ok
21:47:59.0099 4780 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
21:47:59.0101 4780 HpSAMD - ok
21:47:59.0160 4780 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:47:59.0186 4780 HTTP - ok
21:47:59.0203 4780 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:47:59.0205 4780 hwpolicy - ok
21:47:59.0245 4780 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:47:59.0248 4780 i8042prt - ok
21:47:59.0313 4780 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:47:59.0320 4780 iaStorV - ok
21:47:59.0512 4780 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:47:59.0655 4780 igfx - ok
21:47:59.0672 4780 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:47:59.0674 4780 iirsp - ok
21:47:59.0695 4780 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
21:47:59.0696 4780 intelide - ok
21:47:59.0716 4780 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:47:59.0718 4780 intelppm - ok
21:47:59.0738 4780 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:47:59.0740 4780 IpFilterDriver - ok
21:47:59.0759 4780 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:47:59.0761 4780 IPMIDRV - ok
21:47:59.0778 4780 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:47:59.0780 4780 IPNAT - ok
21:47:59.0792 4780 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:47:59.0793 4780 IRENUM - ok
21:47:59.0806 4780 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
21:47:59.0807 4780 isapnp - ok
21:47:59.0825 4780 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
21:47:59.0829 4780 iScsiPrt - ok
21:47:59.0866 4780 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
21:47:59.0867 4780 ivusb - ok
21:47:59.0922 4780 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
21:47:59.0927 4780 JMCR - ok
21:47:59.0942 4780 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:47:59.0944 4780 kbdclass - ok
21:47:59.0984 4780 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
21:47:59.0986 4780 kbdhid - ok
21:48:00.0025 4780 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
21:48:00.0027 4780 KSecDD - ok
21:48:00.0048 4780 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
21:48:00.0051 4780 KSecPkg - ok
21:48:00.0070 4780 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:48:00.0072 4780 ksthunk - ok
21:48:00.0130 4780 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:48:00.0131 4780 lltdio - ok
21:48:00.0182 4780 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:48:00.0186 4780 LSI_FC - ok
21:48:00.0209 4780 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:48:00.0212 4780 LSI_SAS - ok
21:48:00.0247 4780 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:48:00.0250 4780 LSI_SAS2 - ok
21:48:00.0269 4780 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:48:00.0272 4780 LSI_SCSI - ok
21:48:00.0296 4780 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:48:00.0298 4780 luafv - ok
21:48:00.0337 4780 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:48:00.0338 4780 megasas - ok
21:48:00.0360 4780 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:48:00.0364 4780 MegaSR - ok
21:48:00.0380 4780 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:48:00.0381 4780 Modem - ok
21:48:00.0391 4780 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:48:00.0393 4780 monitor - ok
21:48:00.0410 4780 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:48:00.0411 4780 mouclass - ok
21:48:00.0424 4780 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:48:00.0425 4780 mouhid - ok
21:48:00.0439 4780 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:48:00.0441 4780 mountmgr - ok
21:48:00.0482 4780 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
21:48:00.0485 4780 MpFilter - ok
21:48:00.0503 4780 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
21:48:00.0506 4780 mpio - ok
21:48:00.0543 4780 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:48:00.0544 4780 MpNWMon - ok
21:48:00.0562 4780 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:48:00.0564 4780 mpsdrv - ok
21:48:00.0588 4780 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:48:00.0590 4780 MRxDAV - ok
21:48:00.0641 4780 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:48:00.0646 4780 mrxsmb - ok
21:48:00.0695 4780 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:48:00.0703 4780 mrxsmb10 - ok
21:48:00.0745 4780 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:48:00.0748 4780 mrxsmb20 - ok
21:48:00.0764 4780 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
21:48:00.0765 4780 msahci - ok
21:48:00.0786 4780 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
21:48:00.0788 4780 msdsm - ok
21:48:00.0809 4780 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:48:00.0811 4780 Msfs - ok
21:48:00.0827 4780 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:48:00.0833 4780 mshidkmdf - ok
21:48:00.0849 4780 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
21:48:00.0850 4780 msisadrv - ok
21:48:00.0864 4780 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:48:00.0865 4780 MSKSSRV - ok
21:48:00.0899 4780 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:48:00.0900 4780 MSPCLOCK - ok
21:48:00.0909 4780 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:48:00.0911 4780 MSPQM - ok
21:48:00.0929 4780 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:48:00.0934 4780 MsRPC - ok
21:48:00.0949 4780 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:48:00.0950 4780 mssmbios - ok
21:48:00.0959 4780 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:48:00.0961 4780 MSTEE - ok
21:48:00.0978 4780 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:48:00.0980 4780 MTConfig - ok
21:48:00.0994 4780 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:48:00.0996 4780 Mup - ok
21:48:01.0041 4780 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:48:01.0045 4780 NativeWifiP - ok
21:48:01.0077 4780 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
21:48:01.0103 4780 NDIS - ok
21:48:01.0122 4780 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:48:01.0123 4780 NdisCap - ok
21:48:01.0137 4780 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:48:01.0139 4780 NdisTapi - ok
21:48:01.0153 4780 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:48:01.0154 4780 Ndisuio - ok
21:48:01.0176 4780 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:48:01.0179 4780 NdisWan - ok
21:48:01.0197 4780 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:48:01.0199 4780 NDProxy - ok
21:48:01.0219 4780 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:48:01.0221 4780 NetBIOS - ok
21:48:01.0233 4780 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:48:01.0236 4780 NetBT - ok
21:48:01.0385 4780 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
21:48:01.0513 4780 netw5v64 - ok
21:48:01.0541 4780 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:48:01.0542 4780 nfrd960 - ok
21:48:01.0582 4780 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:48:01.0585 4780 NisDrv - ok
21:48:01.0632 4780 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:48:01.0634 4780 Npfs - ok
21:48:01.0659 4780 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:48:01.0661 4780 nsiproxy - ok
21:48:01.0753 4780 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:48:01.0806 4780 Ntfs - ok
21:48:01.0829 4780 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:48:01.0830 4780 Null - ok
21:48:01.0870 4780 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:48:01.0873 4780 nvraid - ok
21:48:01.0916 4780 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:48:01.0919 4780 nvstor - ok
21:48:01.0944 4780 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
21:48:01.0946 4780 nv_agp - ok
21:48:01.0966 4780 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
21:48:01.0968 4780 ohci1394 - ok
21:48:01.0986 4780 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:48:01.0989 4780 Parport - ok
21:48:02.0008 4780 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
21:48:02.0010 4780 partmgr - ok
21:48:02.0062 4780 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
21:48:02.0065 4780 pci - ok
21:48:02.0084 4780 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
21:48:02.0086 4780 pciide - ok
21:48:02.0104 4780 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:48:02.0109 4780 pcmcia - ok
21:48:02.0153 4780 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:48:02.0216 4780 pcw - ok
21:48:02.0252 4780 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:48:02.0260 4780 PEAUTH - ok
21:48:02.0367 4780 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:48:02.0371 4780 PptpMiniport - ok
21:48:02.0391 4780 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:48:02.0394 4780 Processor - ok
21:48:02.0444 4780 prwntdrv (577c79b8f5c6a6925f6ef0ae1b0d4051) C:\Windows\system32\prwntdrv.sys
21:48:02.0458 4780 prwntdrv - ok
21:48:02.0476 4780 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:48:02.0479 4780 Psched - ok
21:48:02.0532 4780 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:48:02.0559 4780 ql2300 - ok
21:48:02.0582 4780 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:48:02.0585 4780 ql40xx - ok
21:48:02.0607 4780 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:48:02.0609 4780 QWAVEdrv - ok
21:48:02.0623 4780 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:48:02.0625 4780 RasAcd - ok
21:48:02.0647 4780 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:48:02.0649 4780 RasAgileVpn - ok
21:48:02.0674 4780 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:48:02.0676 4780 Rasl2tp - ok
21:48:02.0697 4780 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:48:02.0699 4780 RasPppoe - ok
21:48:02.0717 4780 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:48:02.0720 4780 RasSstp - ok
21:48:02.0769 4780 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:48:02.0774 4780 rdbss - ok
21:48:02.0793 4780 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:48:02.0795 4780 rdpbus - ok
21:48:02.0839 4780 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:48:02.0841 4780 RDPCDD - ok
21:48:02.0861 4780 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:48:02.0863 4780 RDPENCDD - ok
21:48:02.0883 4780 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:48:02.0884 4780 RDPREFMP - ok
21:48:02.0900 4780 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
21:48:02.0903 4780 RDPWD - ok
21:48:02.0926 4780 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
21:48:02.0929 4780 rdyboost - ok
21:48:02.0972 4780 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:48:02.0974 4780 rspndr - ok
21:48:03.0022 4780 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:48:03.0025 4780 RTL8167 - ok
21:48:03.0043 4780 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
21:48:03.0045 4780 sbp2port - ok
21:48:03.0065 4780 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:48:03.0066 4780 scfilter - ok
21:48:03.0110 4780 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys
21:48:03.0124 4780 sdbus - ok
21:48:03.0152 4780 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:48:03.0154 4780 secdrv - ok
21:48:03.0195 4780 SecureLockWare_EncryptFilterDriver - ok
21:48:03.0206 4780 SecureLockWare_EncryptFilterDriver2 - ok
21:48:03.0240 4780 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:48:03.0241 4780 Serenum - ok
21:48:03.0262 4780 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:48:03.0264 4780 Serial - ok
21:48:03.0284 4780 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:48:03.0286 4780 sermouse - ok
21:48:03.0330 4780 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:48:03.0341 4780 sffdisk - ok
21:48:03.0362 4780 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:48:03.0382 4780 sffp_mmc - ok
21:48:03.0422 4780 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
21:48:03.0432 4780 sffp_sd - ok
21:48:03.0453 4780 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:48:03.0454 4780 sfloppy - ok
21:48:03.0501 4780 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:48:03.0503 4780 SiSRaid2 - ok
21:48:03.0546 4780 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:48:03.0548 4780 SiSRaid4 - ok
21:48:03.0570 4780 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:48:03.0572 4780 Smb - ok
21:48:03.0595 4780 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:48:03.0596 4780 spldr - ok
21:48:03.0659 4780 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:48:03.0665 4780 srv - ok
21:48:03.0682 4780 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:48:03.0688 4780 srv2 - ok
21:48:03.0708 4780 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:48:03.0711 4780 SrvHsfHDA - ok
21:48:03.0759 4780 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:48:03.0794 4780 SrvHsfV92 - ok
21:48:03.0827 4780 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:48:03.0842 4780 SrvHsfWinac - ok
21:48:03.0865 4780 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:48:03.0867 4780 srvnet - ok
21:48:03.0931 4780 ssecbus (78a4d20187b5c241c70aa8e9573b3a6c) C:\Windows\system32\DRIVERS\ssecbus.sys
21:48:03.0936 4780 ssecbus - ok
21:48:03.0997 4780 ssecmdfl (6f65ffe86d515014e29fff44dbbfa49a) C:\Windows\system32\DRIVERS\ssecmdfl.sys
21:48:04.0000 4780 ssecmdfl - ok
21:48:04.0049 4780 ssecmdm (f4db6272044f0023c5ba1e17dcc4bd5a) C:\Windows\system32\DRIVERS\ssecmdm.sys
21:48:04.0055 4780 ssecmdm - ok
21:48:04.0101 4780 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:48:04.0104 4780 stexstor - ok
21:48:04.0144 4780 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
21:48:04.0158 4780 STHDA - ok
21:48:04.0203 4780 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:48:04.0205 4780 swenum - ok
21:48:04.0246 4780 SynTP (929c9fa0b18ad2ebc8340591c4bf00ff) C:\Windows\system32\DRIVERS\SynTP.sys
21:48:04.0250 4780 SynTP - ok
21:48:04.0354 4780 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
21:48:04.0418 4780 Tcpip - ok
21:48:04.0470 4780 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
21:48:04.0485 4780 TCPIP6 - ok
21:48:04.0528 4780 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:48:04.0531 4780 tcpipreg - ok
21:48:04.0556 4780 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:48:04.0558 4780 TDPIPE - ok
21:48:04.0577 4780 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:48:04.0579 4780 TDTCP - ok
21:48:04.0603 4780 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:48:04.0606 4780 tdx - ok
21:48:04.0622 4780 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
21:48:04.0625 4780 TermDD - ok
21:48:04.0669 4780 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
21:48:04.0686 4780 TFsExDisk - ok
21:48:04.0724 4780 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:48:04.0726 4780 tssecsrv - ok
21:48:04.0748 4780 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:48:04.0750 4780 tunnel - ok
21:48:04.0766 4780 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:48:04.0768 4780 uagp35 - ok
21:48:04.0792 4780 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
21:48:04.0797 4780 udfs - ok
21:48:04.0823 4780 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
21:48:04.0825 4780 uliagpkx - ok
21:48:04.0864 4780 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
21:48:04.0875 4780 umbus - ok
21:48:04.0893 4780 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:48:04.0894 4780 UmPass - ok
21:48:04.0943 4780 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
21:48:04.0947 4780 usbccgp - ok
21:48:04.0975 4780 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
21:48:04.0980 4780 usbcir - ok
21:48:05.0027 4780 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
21:48:05.0030 4780 usbehci - ok
21:48:05.0081 4780 usbfilter (44d9c773febff10593b50ddfc2d6bc27) C:\Windows\system32\DRIVERS\usbfilter.sys
21:48:05.0084 4780 usbfilter - ok
21:48:05.0131 4780 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
21:48:05.0137 4780 usbhub - ok
21:48:05.0175 4780 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
21:48:05.0177 4780 usbohci - ok
21:48:05.0192 4780 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:48:05.0194 4780 usbprint - ok
21:48:05.0238 4780 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:48:05.0240 4780 USBSTOR - ok
21:48:05.0282 4780 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
21:48:05.0286 4780 usbuhci - ok
21:48:05.0327 4780 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
21:48:05.0331 4780 usbvideo - ok
21:48:05.0369 4780 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
21:48:05.0371 4780 vdrvroot - ok
21:48:05.0393 4780 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:48:05.0395 4780 vga - ok
21:48:05.0411 4780 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:48:05.0412 4780 VgaSave - ok
21:48:05.0431 4780 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
21:48:05.0435 4780 vhdmp - ok
21:48:05.0452 4780 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
21:48:05.0453 4780 viaide - ok
21:48:05.0473 4780 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
21:48:05.0475 4780 volmgr - ok
21:48:05.0541 4780 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:48:05.0558 4780 volmgrx - ok
21:48:05.0587 4780 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
21:48:05.0604 4780 volsnap - ok
21:48:05.0629 4780 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:48:05.0635 4780 vsmraid - ok
21:48:05.0659 4780 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:48:05.0661 4780 vwifibus - ok
21:48:05.0677 4780 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:48:05.0679 4780 vwififlt - ok
21:48:05.0714 4780 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:48:05.0716 4780 vwifimp - ok
21:48:05.0741 4780 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:48:05.0742 4780 WacomPen - ok
21:48:05.0761 4780 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:48:05.0763 4780 WANARP - ok
21:48:05.0767 4780 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:48:05.0769 4780 Wanarpv6 - ok
21:48:05.0819 4780 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:48:05.0820 4780 Wd - ok
21:48:05.0877 4780 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
21:48:05.0880 4780 WDC_SAM - ok
21:48:05.0915 4780 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:48:05.0933 4780 Wdf01000 - ok
21:48:05.0972 4780 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:48:05.0973 4780 WfpLwf - ok
21:48:05.0989 4780 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:48:05.0991 4780 WIMMount - ok
21:48:06.0044 4780 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
21:48:06.0046 4780 WinUSB - ok
21:48:06.0088 4780 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:48:06.0090 4780 WmiAcpi - ok
21:48:06.0142 4780 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:48:06.0144 4780 ws2ifsl - ok
21:48:06.0191 4780 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:48:06.0193 4780 WudfPf - ok
21:48:06.0218 4780 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:48:06.0222 4780 WUDFRd - ok
21:48:06.0262 4780 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
21:48:06.0267 4780 yukonw7 - ok
21:48:06.0369 4780 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:48:06.0374 4780 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:48:06.0403 4780 MBR (0x1B8) (79f691cf4d552c674b9b689de709323e) \Device\Harddisk0\DR0
21:48:06.0496 4780 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:48:06.0496 4780 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:48:06.0537 4780 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
21:48:06.0640 4780 \Device\Harddisk1\DR1 - ok
21:48:06.0672 4780 Boot (0x1200) (c34e8af795f8ac70a80302e6eb582ca2) \Device\Harddisk0\DR0\Partition0
21:48:06.0674 4780 \Device\Harddisk0\DR0\Partition0 - ok
21:48:06.0680 4780 Boot (0x1200) (e32b494a06225f9fdf006ae5b52d8c6d) \Device\Harddisk0\DR0\Partition1
21:48:06.0681 4780 \Device\Harddisk0\DR0\Partition1 - ok
21:48:06.0710 4780 Boot (0x1200) (eec58bb75a35c5f0d7185260e2be749c) \Device\Harddisk0\DR0\Partition2
21:48:06.0711 4780 \Device\Harddisk0\DR0\Partition2 - ok
21:48:06.0730 4780 Boot (0x1200) (ccca4e608f6b824faa8693e15caa6732) \Device\Harddisk0\DR0\Partition3
21:48:06.0731 4780 \Device\Harddisk0\DR0\Partition3 - ok
21:48:06.0735 4780 Boot (0x1200) (66abf59e876cea1e02af36a0c19e3ec7) \Device\Harddisk1\DR1\Partition0
21:48:06.0737 4780 \Device\Harddisk1\DR1\Partition0 - ok
21:48:06.0739 4780 ============================================================
21:48:06.0739 4780 Scan finished
21:48:06.0739 4780 ============================================================
21:48:06.0753 3368 Detected object count: 1
21:48:06.0753 3368 Actual detected object count: 1
21:49:34.0256 3368 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:49:34.0256 3368 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 10:06 PM

OK, let's try a couple moreas it's not there.

As these can be exloitable malware entry points remove these..
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 31 (Version: 6.0.310)

Adobe Reader 9.3.2 MUI (Version: 9.3.2)then
Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional





Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

><><><><><><><><><
BOOTKIT REMOVER
Download Bootkit Remover to your Desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.


Lets also do a FULL MBAM scan.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1 <<<== Use this one first.

Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform FULL Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 10:15 PM

aswmbr found some things......i did not tell it to fix them.......should i?



aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-15 21:54:28
-----------------------------
21:54:28.132 OS Version: Windows x64 6.1.7600
21:54:28.133 Number of processors: 2 586 0x602
21:54:28.135 ComputerName: SCOTT-PC UserName: Scott
21:54:29.296 Initialize success
22:00:34.224 AVAST engine defs: 12021501
22:05:15.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:05:15.427 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:05:15.430 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
22:05:15.432 Disk 1 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:05:15.468 Disk 0 MBR read successfully
22:05:15.471 Disk 0 MBR scan
22:05:15.553 Disk 0 unknown MBR code
22:05:15.563 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 198 MB offset 2048
22:05:15.604 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289241 MB offset 407552
22:05:15.667 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15700 MB offset 592773120
22:05:15.713 Disk 0 Partition 4 00 0E FAT16 LBA MSWIN4.1 104 MB offset 624926720
22:05:15.725 Service scanning
22:05:16.568 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
22:05:17.240 Modules scanning
22:05:17.259 Disk 0 trace - called modules:
22:05:17.278 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:05:17.294 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004682710]
22:05:17.306 3 CLASSPNP.SYS[fffff8800105b43f] -> nt!IofCallDriver -> [0xfffffa8004681550]
22:05:17.315 5 hpdskflt.sys[fffff88001e57289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004601060]
22:05:18.531 AVAST engine scan C:\Windows
22:05:23.065 AVAST engine scan C:\Windows\system32
22:08:27.309 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
22:10:22.331 AVAST engine scan C:\Windows\system32\drivers
22:10:42.143 AVAST engine scan C:\Users\Scott
22:12:46.026 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
22:12:46.041 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 10:17 PM

Yes ,fix it and rerun it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 10:18 PM

should i still run eset? if so....should i have it remove threats?

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 10:24 PM

Yes it looks for different malware and remove whatever it finds except for a Bamital infection. Removing that will kill the PC.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 10:31 PM

aswmbr seems to be hung up on scanning appdata\local\hewletpackard...etc

is it normal for it to hang there.....hard drive light is still active

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 10:41 PM

Give it like 20 mins. sometimes reading and rewriting take a while.

you may also have to reboot and reboot again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 10:45 PM

it shows the option to fixmbr......but it is still hung....light flashing

i havent fixed anything yet. Also is it very safe to run the fix? i;d hate to have this thing not boot up afterward

#13 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 15 February 2012 - 10:47 PM

it did move to another appdata folder....so its still running. i dont think i let it finish the 1st time i ran it and posted the log for u

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:02 PM

Posted 15 February 2012 - 10:55 PM

Let it run.. Don't panic ,we can get it back. I have to leave shortly so I will probably look back tomorrow.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 scott here

scott here
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 16 February 2012 - 07:05 PM

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-15 21:54:28
-----------------------------
21:54:28.132 OS Version: Windows x64 6.1.7600
21:54:28.133 Number of processors: 2 586 0x602
21:54:28.135 ComputerName: SCOTT-PC UserName: Scott
21:54:29.296 Initialize success
22:00:34.224 AVAST engine defs: 12021501
22:05:15.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:05:15.427 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:05:15.430 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
22:05:15.432 Disk 1 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:05:15.468 Disk 0 MBR read successfully
22:05:15.471 Disk 0 MBR scan
22:05:15.553 Disk 0 unknown MBR code
22:05:15.563 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 198 MB offset 2048
22:05:15.604 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289241 MB offset 407552
22:05:15.667 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15700 MB offset 592773120
22:05:15.713 Disk 0 Partition 4 00 0E FAT16 LBA MSWIN4.1 104 MB offset 624926720
22:05:15.725 Service scanning
22:05:16.568 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
22:05:17.240 Modules scanning
22:05:17.259 Disk 0 trace - called modules:
22:05:17.278 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:05:17.294 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004682710]
22:05:17.306 3 CLASSPNP.SYS[fffff8800105b43f] -> nt!IofCallDriver -> [0xfffffa8004681550]
22:05:17.315 5 hpdskflt.sys[fffff88001e57289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004601060]
22:05:18.531 AVAST engine scan C:\Windows
22:05:23.065 AVAST engine scan C:\Windows\system32
22:08:27.309 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
22:10:22.331 AVAST engine scan C:\Windows\system32\drivers
22:10:42.143 AVAST engine scan C:\Users\Scott
22:12:46.026 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
22:12:46.041 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-15 22:18:45
-----------------------------
22:18:45.853 OS Version: Windows x64 6.1.7600
22:18:45.853 Number of processors: 2 586 0x602
22:18:45.854 ComputerName: SCOTT-PC UserName: Scott
22:18:47.068 Initialize success
22:18:51.457 AVAST engine defs: 12021501
22:19:02.029 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:19:02.031 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:19:02.034 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
22:19:02.036 Disk 1 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
22:19:02.056 Disk 0 MBR read successfully
22:19:02.059 Disk 0 MBR scan
22:19:02.066 Disk 0 unknown MBR code
22:19:02.076 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 198 MB offset 2048
22:19:02.104 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289241 MB offset 407552
22:19:02.138 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15700 MB offset 592773120
22:19:02.159 Disk 0 Partition 4 00 0E FAT16 LBA MSWIN4.1 104 MB offset 624926720
22:19:02.173 Service scanning
22:19:03.124 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
22:19:03.740 Modules scanning
22:19:03.759 Disk 0 trace - called modules:
22:19:03.790 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:19:03.805 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004682710]
22:19:03.821 3 CLASSPNP.SYS[fffff8800105b43f] -> nt!IofCallDriver -> [0xfffffa8004681550]
22:19:03.834 5 hpdskflt.sys[fffff88001e57289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004601060]
22:19:05.232 AVAST engine scan C:\Windows
22:19:11.188 AVAST engine scan C:\Windows\system32
22:21:49.396 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
22:23:22.137 AVAST engine scan C:\Windows\system32\drivers
22:23:37.294 AVAST engine scan C:\Users\Scott
23:04:28.095 AVAST engine scan C:\ProgramData
23:17:06.132 Scan finished successfully
23:19:53.495 Verifying
23:20:03.541 Disk 0 Windows 601 MBR fixed successfully
23:20:42.026 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
23:20:42.120 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"

eset scan


C:\TDSSKiller_Quarantine\15.02.2012_00.19.56\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.02.2012_00.19.56\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.02.2012_00.19.56\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users