Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD Issue.


  • Please log in to reply
12 replies to this topic

#1 Kuma-san

Kuma-san

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 20 February 2012 - 01:37 AM

Hello.

I'm running Windows 7 Professional 64-bit and performed a windows update. It failed to complete when restarting and I started to get the BSOD. It boots up and starts to load the programs but after about 30 seconds, I get a "IRQL_NOT_LESS_OR_EQUAL_TO" error message at memory location 0x0000000A.

I have attached the dump files, only two were generated recently.

Any help would be appreciated. Thank you, BleepingComputer!

James

Attached Files



BC AdBot (Login to Remove)

 


#2 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 20 February 2012 - 01:38 AM

Also to add, I have the google redirecting issue

Edited by Kuma-san, 20 February 2012 - 01:38 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 20 February 2012 - 05:58 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#4 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 20 February 2012 - 10:59 PM

18:32:39.0489 3020 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
18:32:39.0956 3020 ============================================================
18:32:39.0956 3020 Current date / time: 2012/02/20 18:32:39.0956
18:32:39.0956 3020 SystemInfo:
18:32:39.0956 3020
18:32:39.0956 3020 OS Version: 6.1.7601 ServicePack: 1.0
18:32:39.0956 3020 Product type: Workstation
18:32:39.0956 3020 ComputerName: JAMESDESKTOP-PC
18:32:39.0957 3020 UserName: JamesDesktop
18:32:39.0957 3020 Windows directory: C:\Windows
18:32:39.0957 3020 System windows directory: C:\Windows
18:32:39.0957 3020 Running under WOW64
18:32:39.0957 3020 Processor architecture: Intel x64
18:32:39.0957 3020 Number of processors: 2
18:32:39.0957 3020 Page size: 0x1000
18:32:39.0957 3020 Boot type: Safe boot with network
18:32:39.0957 3020 ============================================================
18:32:42.0262 3020 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:32:42.0262 3020 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:42.0265 3020 Drive \Device\Harddisk2\DR2 - Size: 0x776F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:32:42.0267 3020 \Device\Harddisk0\DR0:
18:32:42.0267 3020 MBR used
18:32:42.0267 3020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:32:42.0267 3020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:32:42.0267 3020 \Device\Harddisk1\DR1:
18:32:42.0267 3020 MBR used
18:32:42.0267 3020 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
18:32:42.0267 3020 \Device\Harddisk2\DR2:
18:32:42.0267 3020 MBR used
18:32:42.0267 3020 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BB521
18:32:42.0283 3020 Initialize success
18:32:42.0283 3020 ============================================================
18:32:49.0272 0652 ============================================================
18:32:49.0272 0652 Scan started
18:32:49.0272 0652 Mode: Manual; TDLFS;
18:32:49.0272 0652 ============================================================
18:32:52.0639 0652 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:32:52.0642 0652 1394ohci - ok
18:32:52.0693 0652 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:32:52.0697 0652 ACPI - ok
18:32:52.0738 0652 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:32:52.0739 0652 AcpiPmi - ok
18:32:52.0795 0652 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:32:52.0801 0652 adp94xx - ok
18:32:52.0843 0652 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:32:52.0848 0652 adpahci - ok
18:32:52.0866 0652 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:32:52.0869 0652 adpu320 - ok
18:32:52.0950 0652 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
18:32:52.0956 0652 AFD - ok
18:32:53.0004 0652 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:32:53.0006 0652 agp440 - ok
18:32:53.0056 0652 aksdf (95bc4330fa44240ca00c641a73c7e62d) C:\Windows\system32\drivers\aksdf.sys
18:32:53.0057 0652 aksdf - ok
18:32:53.0117 0652 aksfridge (e2e5cf34d6c56ace5e986969a3d9b0b5) C:\Windows\system32\DRIVERS\aksfridge.sys
18:32:53.0119 0652 aksfridge - ok
18:32:53.0172 0652 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
18:32:53.0174 0652 akshasp - ok
18:32:53.0210 0652 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
18:32:53.0211 0652 akshhl - ok
18:32:53.0268 0652 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
18:32:53.0269 0652 aksusb - ok
18:32:53.0295 0652 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:32:53.0296 0652 aliide - ok
18:32:53.0366 0652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:32:53.0367 0652 amdide - ok
18:32:53.0409 0652 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
18:32:53.0410 0652 amdiox64 - ok
18:32:53.0459 0652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:32:53.0460 0652 AmdK8 - ok
18:32:53.0717 0652 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
18:32:53.0900 0652 amdkmdag - ok
18:32:53.0924 0652 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
18:32:53.0929 0652 amdkmdap - ok
18:32:53.0944 0652 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:32:53.0945 0652 AmdPPM - ok
18:32:53.0985 0652 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:32:53.0987 0652 amdsata - ok
18:32:54.0026 0652 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:32:54.0029 0652 amdsbs - ok
18:32:54.0042 0652 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:32:54.0042 0652 amdxata - ok
18:32:54.0090 0652 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
18:32:54.0107 0652 androidusb - ok
18:32:54.0152 0652 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:32:54.0153 0652 AppID - ok
18:32:54.0221 0652 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:32:54.0222 0652 arc - ok
18:32:54.0242 0652 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:32:54.0243 0652 arcsas - ok
18:32:54.0284 0652 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:32:54.0284 0652 AsyncMac - ok
18:32:54.0333 0652 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:32:54.0333 0652 atapi - ok
18:32:54.0388 0652 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
18:32:54.0394 0652 AtiHDAudioService - ok
18:32:54.0668 0652 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
18:32:54.0731 0652 atikmdag - ok
18:32:54.0784 0652 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:32:54.0790 0652 b06bdrv - ok
18:32:54.0840 0652 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:32:54.0843 0652 b57nd60a - ok
18:32:54.0886 0652 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:32:54.0886 0652 Beep - ok
18:32:54.0942 0652 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:32:54.0943 0652 blbdrive - ok
18:32:54.0999 0652 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:32:55.0000 0652 bowser - ok
18:32:55.0018 0652 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:32:55.0019 0652 BrFiltLo - ok
18:32:55.0033 0652 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:32:55.0034 0652 BrFiltUp - ok
18:32:55.0087 0652 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:32:55.0089 0652 Bridge - ok
18:32:55.0122 0652 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:32:55.0123 0652 BridgeMP - ok
18:32:55.0163 0652 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:32:55.0167 0652 Brserid - ok
18:32:55.0182 0652 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:32:55.0183 0652 BrSerWdm - ok
18:32:55.0204 0652 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:32:55.0205 0652 BrUsbMdm - ok
18:32:55.0218 0652 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:32:55.0219 0652 BrUsbSer - ok
18:32:55.0274 0652 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
18:32:55.0274 0652 BTCFilterService - ok
18:32:55.0314 0652 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
18:32:55.0315 0652 BthEnum - ok
18:32:55.0335 0652 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:32:55.0336 0652 BTHMODEM - ok
18:32:55.0376 0652 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:32:55.0378 0652 BthPan - ok
18:32:55.0421 0652 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
18:32:55.0435 0652 BTHPORT - ok
18:32:55.0463 0652 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
18:32:55.0464 0652 BTHUSB - ok
18:32:55.0561 0652 CamDrL64 (6e1641724439e18ce55adee2d347aa19) C:\Windows\system32\DRIVERS\CamDrL64.sys
18:32:55.0578 0652 CamDrL64 - ok
18:32:55.0591 0652 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:32:55.0593 0652 cdfs - ok
18:32:55.0652 0652 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:32:55.0655 0652 cdrom - ok
18:32:55.0685 0652 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:32:55.0686 0652 circlass - ok
18:32:55.0713 0652 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:32:55.0717 0652 CLFS - ok
18:32:55.0776 0652 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:32:55.0777 0652 CmBatt - ok
18:32:55.0817 0652 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:32:55.0818 0652 cmdide - ok
18:32:55.0867 0652 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:32:55.0872 0652 CNG - ok
18:32:55.0892 0652 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:32:55.0893 0652 Compbatt - ok
18:32:55.0941 0652 CompFilter64 (403433d758c2d8908937265c1fb34f34) C:\Windows\system32\DRIVERS\lvbflt64.sys
18:32:55.0942 0652 CompFilter64 - ok
18:32:55.0986 0652 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:32:55.0987 0652 CompositeBus - ok
18:32:56.0052 0652 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
18:32:56.0052 0652 cpuz134 - ok
18:32:56.0067 0652 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:32:56.0068 0652 crcdisk - ok
18:32:56.0131 0652 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:32:56.0146 0652 CSC - ok
18:32:56.0234 0652 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
18:32:56.0236 0652 ctxusbm - ok
18:32:56.0280 0652 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:32:56.0281 0652 DfsC - ok
18:32:56.0318 0652 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:32:56.0318 0652 discache - ok
18:32:56.0367 0652 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:32:56.0368 0652 Disk - ok
18:32:56.0433 0652 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:32:56.0434 0652 drmkaud - ok
18:32:56.0515 0652 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:32:56.0532 0652 DXGKrnl - ok
18:32:56.0786 0652 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:32:56.0878 0652 ebdrv - ok
18:32:56.0931 0652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:32:56.0936 0652 elxstor - ok
18:32:57.0004 0652 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:32:57.0008 0652 ErrDev - ok
18:32:57.0074 0652 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:32:57.0080 0652 exfat - ok
18:32:57.0133 0652 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:32:57.0136 0652 fastfat - ok
18:32:57.0190 0652 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:32:57.0191 0652 fdc - ok
18:32:57.0308 0652 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:32:57.0365 0652 FileInfo - ok
18:32:57.0450 0652 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:32:57.0460 0652 Filetrace - ok
18:32:57.0523 0652 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:32:57.0524 0652 flpydisk - ok
18:32:57.0648 0652 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:32:57.0674 0652 FltMgr - ok
18:32:57.0890 0652 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:32:57.0894 0652 FsDepends - ok
18:32:57.0959 0652 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:32:57.0960 0652 Fs_Rec - ok
18:32:58.0177 0652 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:32:58.0180 0652 fvevol - ok
18:32:58.0227 0652 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:32:58.0228 0652 gagp30kx - ok
18:32:58.0274 0652 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:32:58.0275 0652 GEARAspiWDM - ok
18:32:58.0457 0652 hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
18:32:58.0462 0652 hardlock - ok
18:32:58.0505 0652 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:32:58.0507 0652 hcw85cir - ok
18:32:58.0607 0652 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:32:58.0611 0652 HdAudAddService - ok
18:32:58.0676 0652 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:32:58.0678 0652 HDAudBus - ok
18:32:58.0711 0652 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:32:58.0712 0652 HidBatt - ok
18:32:58.0779 0652 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:32:58.0787 0652 HidBth - ok
18:32:58.0829 0652 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:32:58.0831 0652 HidIr - ok
18:32:58.0968 0652 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:32:58.0969 0652 HidUsb - ok
18:32:59.0037 0652 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:32:59.0038 0652 HpSAMD - ok
18:32:59.0153 0652 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:32:59.0164 0652 HTTP - ok
18:32:59.0213 0652 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:32:59.0214 0652 hwpolicy - ok
18:32:59.0276 0652 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:32:59.0278 0652 i8042prt - ok
18:32:59.0427 0652 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:32:59.0454 0652 iaStorV - ok
18:32:59.0508 0652 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:32:59.0509 0652 iirsp - ok
18:32:59.0714 0652 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:32:59.0715 0652 intelide - ok
18:32:59.0750 0652 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:32:59.0751 0652 intelppm - ok
18:32:59.0846 0652 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:32:59.0848 0652 IpFilterDriver - ok
18:32:59.0960 0652 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:32:59.0961 0652 IPMIDRV - ok
18:33:00.0001 0652 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:33:00.0003 0652 IPNAT - ok
18:33:00.0068 0652 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:33:00.0068 0652 IRENUM - ok
18:33:00.0098 0652 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:33:00.0099 0652 isapnp - ok
18:33:00.0141 0652 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:33:00.0155 0652 iScsiPrt - ok
18:33:00.0232 0652 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:33:00.0232 0652 kbdclass - ok
18:33:00.0307 0652 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:33:00.0308 0652 kbdhid - ok
18:33:00.0359 0652 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:33:00.0361 0652 KSecDD - ok
18:33:00.0378 0652 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:33:00.0380 0652 KSecPkg - ok
18:33:00.0407 0652 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:33:00.0408 0652 ksthunk - ok
18:33:00.0553 0652 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:33:00.0554 0652 lltdio - ok
18:33:00.0706 0652 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:00.0708 0652 LSI_FC - ok
18:33:00.0767 0652 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:00.0771 0652 LSI_SAS - ok
18:33:00.0790 0652 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:00.0792 0652 LSI_SAS2 - ok
18:33:00.0808 0652 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:00.0827 0652 LSI_SCSI - ok
18:33:00.0871 0652 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:33:00.0872 0652 luafv - ok
18:33:00.0939 0652 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys
18:33:00.0943 0652 LVRS64 - ok
18:33:01.0119 0652 LVUSBS64 (9761370ffb533cf6e4a7176f4baa3ba9) C:\Windows\system32\DRIVERS\LVUSBS64.sys
18:33:01.0120 0652 LVUSBS64 - ok
18:33:01.0524 0652 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys
18:33:01.0584 0652 LVUVC64 - ok
18:33:01.0713 0652 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
18:33:01.0714 0652 MBAMProtector - ok
18:33:01.0759 0652 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:33:01.0760 0652 megasas - ok
18:33:01.0812 0652 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:01.0817 0652 MegaSR - ok
18:33:01.0860 0652 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:33:01.0861 0652 Modem - ok
18:33:01.0918 0652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:33:01.0919 0652 monitor - ok
18:33:01.0990 0652 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
18:33:02.0003 0652 motandroidusb - ok
18:33:02.0087 0652 motccgp (c94a2ea3fdfa5d650884926b710b7db1) C:\Windows\system32\DRIVERS\motccgp.sys
18:33:02.0088 0652 motccgp - ok
18:33:02.0119 0652 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
18:33:02.0121 0652 motccgpfl - ok
18:33:02.0178 0652 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys
18:33:02.0179 0652 motmodem - ok
18:33:02.0191 0652 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
18:33:02.0191 0652 MotoSwitchService - ok
18:33:02.0218 0652 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
18:33:02.0219 0652 Motousbnet - ok
18:33:02.0265 0652 motusbdevice (4244e427cda5f6485e74461b5b48a7b6) C:\Windows\system32\DRIVERS\motusbdevice.sys
18:33:02.0266 0652 motusbdevice - ok
18:33:02.0324 0652 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:33:02.0325 0652 mouclass - ok
18:33:02.0341 0652 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:33:02.0342 0652 mouhid - ok
18:33:02.0441 0652 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:33:02.0443 0652 mountmgr - ok
18:33:02.0575 0652 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
18:33:02.0607 0652 MpFilter - ok
18:33:03.0451 0652 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:33:03.0455 0652 mpio - ok
18:33:03.0790 0652 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
18:33:03.0822 0652 MpNWMon - ok
18:33:04.0324 0652 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:33:04.0329 0652 mpsdrv - ok
18:33:04.0536 0652 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:33:04.0592 0652 MRxDAV - ok
18:33:04.0744 0652 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:04.0749 0652 mrxsmb - ok
18:33:04.0850 0652 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:04.0853 0652 mrxsmb10 - ok
18:33:04.0943 0652 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:04.0948 0652 mrxsmb20 - ok
18:33:05.0082 0652 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:33:05.0087 0652 msahci - ok
18:33:05.0144 0652 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:33:05.0147 0652 msdsm - ok
18:33:05.0239 0652 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:33:05.0241 0652 Msfs - ok
18:33:05.0347 0652 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:33:05.0348 0652 mshidkmdf - ok
18:33:05.0458 0652 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:33:05.0460 0652 msisadrv - ok
18:33:05.0562 0652 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:33:05.0566 0652 MSKSSRV - ok
18:33:05.0671 0652 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:05.0672 0652 MSPCLOCK - ok
18:33:05.0689 0652 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:33:05.0690 0652 MSPQM - ok
18:33:05.0743 0652 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:33:05.0747 0652 MsRPC - ok
18:33:05.0791 0652 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:33:05.0792 0652 mssmbios - ok
18:33:05.0811 0652 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:33:05.0812 0652 MSTEE - ok
18:33:05.0829 0652 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:05.0830 0652 MTConfig - ok
18:33:05.0991 0652 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
18:33:05.0992 0652 MTsensor - ok
18:33:06.0184 0652 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:33:06.0185 0652 Mup - ok
18:33:06.0289 0652 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:33:06.0312 0652 NativeWifiP - ok
18:33:06.0507 0652 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:33:06.0581 0652 NDIS - ok
18:33:06.0971 0652 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:07.0066 0652 NdisCap - ok
18:33:07.0133 0652 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:07.0134 0652 NdisTapi - ok
18:33:07.0179 0652 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:07.0180 0652 Ndisuio - ok
18:33:07.0264 0652 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:07.0267 0652 NdisWan - ok
18:33:07.0462 0652 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:33:07.0464 0652 NDProxy - ok
18:33:07.0574 0652 Neo_packet (7e7410989adb54f6a60be9919ad2c71d) C:\Windows\system32\DRIVERS\Neo_0114.sys
18:33:07.0575 0652 Neo_packet - ok
18:33:07.0616 0652 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:33:07.0630 0652 NetBIOS - ok
18:33:07.0700 0652 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:33:07.0727 0652 NetBT - ok
18:33:07.0924 0652 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:07.0925 0652 nfrd960 - ok
18:33:08.0335 0652 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:33:08.0353 0652 NisDrv - ok
18:33:08.0442 0652 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:33:08.0466 0652 Npfs - ok
18:33:08.0505 0652 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:33:08.0505 0652 nsiproxy - ok
18:33:09.0048 0652 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:33:09.0077 0652 Ntfs - ok
18:33:09.0278 0652 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:33:09.0288 0652 Null - ok
18:33:09.0524 0652 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
18:33:09.0531 0652 NVENETFD - ok
18:33:09.0740 0652 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
18:33:09.0754 0652 NVHDA - ok
18:33:09.0985 0652 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys
18:33:09.0987 0652 NVNET - ok
18:33:10.0264 0652 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:33:10.0266 0652 nvraid - ok
18:33:10.0363 0652 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
18:33:10.0364 0652 nvsmu - ok
18:33:10.0438 0652 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:33:10.0512 0652 nvstor - ok
18:33:10.0701 0652 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:33:10.0704 0652 nv_agp - ok
18:33:10.0875 0652 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:33:10.0915 0652 ohci1394 - ok
18:33:11.0104 0652 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:33:11.0105 0652 Parport - ok
18:33:11.0259 0652 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:33:11.0261 0652 partmgr - ok
18:33:11.0432 0652 pbfilter (5418d3d8a2135c533f232e3c2b83f153) C:\Program Files\PeerBlock\pbfilter.sys
18:33:11.0432 0652 pbfilter - ok
18:33:11.0497 0652 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:33:11.0500 0652 pci - ok
18:33:11.0549 0652 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:33:11.0550 0652 pciide - ok
18:33:11.0598 0652 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:11.0604 0652 pcmcia - ok
18:33:11.0619 0652 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:33:11.0621 0652 pcw - ok
18:33:11.0668 0652 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:33:11.0684 0652 PEAUTH - ok
18:33:12.0027 0652 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:33:12.0029 0652 PptpMiniport - ok
18:33:12.0093 0652 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:33:12.0097 0652 Processor - ok
18:33:12.0197 0652 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:33:12.0207 0652 Psched - ok
18:33:12.0319 0652 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:33:12.0377 0652 ql2300 - ok
18:33:12.0428 0652 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:12.0429 0652 ql40xx - ok
18:33:12.0574 0652 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:33:12.0587 0652 QWAVEdrv - ok
18:33:12.0680 0652 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:33:12.0682 0652 RasAcd - ok
18:33:12.0748 0652 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:12.0749 0652 RasAgileVpn - ok
18:33:12.0797 0652 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:12.0799 0652 Rasl2tp - ok
18:33:13.0469 0652 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:13.0493 0652 RasPppoe - ok
18:33:13.0582 0652 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:33:13.0587 0652 RasSstp - ok
18:33:13.0764 0652 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:33:13.0771 0652 rdbss - ok
18:33:13.0834 0652 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:13.0836 0652 rdpbus - ok
18:33:13.0853 0652 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:13.0853 0652 RDPCDD - ok
18:33:13.0903 0652 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:33:13.0906 0652 RDPDR - ok
18:33:13.0934 0652 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:33:13.0935 0652 RDPENCDD - ok
18:33:14.0371 0652 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:33:14.0372 0652 RDPREFMP - ok
18:33:14.0439 0652 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:33:14.0452 0652 RDPWD - ok
18:33:14.0539 0652 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:33:14.0541 0652 rdyboost - ok
18:33:14.0788 0652 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:33:14.0790 0652 RFCOMM - ok
18:33:14.0932 0652 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:33:14.0934 0652 RimUsb - ok
18:33:15.0152 0652 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:33:15.0160 0652 RimVSerPort - ok
18:33:15.0300 0652 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:33:15.0305 0652 ROOTMODEM - ok
18:33:15.0424 0652 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:33:15.0432 0652 rspndr - ok
18:33:15.0488 0652 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:33:15.0489 0652 s3cap - ok
18:33:15.0670 0652 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:33:15.0671 0652 sbp2port - ok
18:33:15.0749 0652 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
18:33:15.0750 0652 SCDEmu - ok
18:33:15.0823 0652 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:33:15.0824 0652 scfilter - ok
18:33:15.0886 0652 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:33:15.0894 0652 secdrv - ok
18:33:15.0947 0652 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:33:15.0948 0652 Serenum - ok
18:33:15.0960 0652 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:33:15.0962 0652 Serial - ok
18:33:15.0983 0652 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:33:15.0986 0652 sermouse - ok
18:33:16.0045 0652 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:33:16.0046 0652 sffdisk - ok
18:33:16.0118 0652 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:33:16.0121 0652 sffp_mmc - ok
18:33:16.0161 0652 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:33:16.0176 0652 sffp_sd - ok
18:33:16.0196 0652 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:16.0197 0652 sfloppy - ok
18:33:16.0274 0652 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:16.0311 0652 SiSRaid2 - ok
18:33:16.0558 0652 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:16.0597 0652 SiSRaid4 - ok
18:33:16.0747 0652 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:33:16.0755 0652 Smb - ok
18:33:16.0896 0652 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:33:16.0897 0652 spldr - ok
18:33:17.0077 0652 sptd (4c33f139236fd9bd14a920f60c1cb072) C:\Windows\system32\Drivers\sptd.sys
18:33:17.0077 0652 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 4c33f139236fd9bd14a920f60c1cb072
18:33:17.0080 0652 sptd ( LockedFile.Multi.Generic ) - warning
18:33:17.0080 0652 sptd - detected LockedFile.Multi.Generic (1)
18:33:17.0204 0652 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:33:17.0210 0652 srv - ok
18:33:17.0352 0652 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:33:17.0369 0652 srv2 - ok
18:33:17.0399 0652 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:33:17.0403 0652 srvnet - ok
18:33:17.0470 0652 ssadbus (866f8212ef7e75bac8bca03331e30cb4) C:\Windows\system32\DRIVERS\ssadbus.sys
18:33:17.0473 0652 ssadbus - ok
18:33:17.0513 0652 ssadmdfl (73e2ba39e7eb024dc686412e2e924a74) C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:33:17.0514 0652 ssadmdfl - ok
18:33:17.0555 0652 ssadmdm (74b032d6c1e36ae2f790752fde8ce055) C:\Windows\system32\DRIVERS\ssadmdm.sys
18:33:17.0558 0652 ssadmdm - ok
18:33:17.0624 0652 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
18:33:17.0626 0652 sscdbus - ok
18:33:17.0667 0652 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:33:17.0672 0652 sscdmdfl - ok
18:33:17.0711 0652 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
18:33:17.0714 0652 sscdmdm - ok
18:33:17.0849 0652 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:33:17.0850 0652 stexstor - ok
18:33:17.0988 0652 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:33:17.0989 0652 storflt - ok
18:33:18.0031 0652 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:33:18.0032 0652 storvsc - ok
18:33:18.0065 0652 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:33:18.0066 0652 swenum - ok
18:33:18.0255 0652 tapoas (927d0cdb3f96efc1e98fb1a2c9fb67ad) C:\Windows\system32\DRIVERS\tapoas.sys
18:33:18.0261 0652 tapoas - ok
18:33:18.0466 0652 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:33:18.0509 0652 Tcpip - ok
18:33:18.0697 0652 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:33:18.0717 0652 TCPIP6 - ok
18:33:18.0818 0652 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:33:18.0819 0652 tcpipreg - ok
18:33:18.0873 0652 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:33:18.0874 0652 TDPIPE - ok
18:33:18.0905 0652 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:33:18.0906 0652 TDTCP - ok
18:33:18.0950 0652 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:33:18.0952 0652 tdx - ok
18:33:18.0964 0652 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:33:18.0965 0652 TermDD - ok
18:33:19.0063 0652 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:19.0068 0652 tssecsrv - ok
18:33:19.0155 0652 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:33:19.0168 0652 TsUsbFlt - ok
18:33:19.0248 0652 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:33:19.0250 0652 tunnel - ok
18:33:19.0272 0652 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:33:19.0273 0652 uagp35 - ok
18:33:19.0368 0652 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:33:19.0375 0652 udfs - ok
18:33:19.0433 0652 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:33:19.0434 0652 uliagpkx - ok
18:33:19.0488 0652 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:33:19.0489 0652 umbus - ok
18:33:19.0527 0652 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:33:19.0528 0652 UmPass - ok
18:33:19.0616 0652 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
18:33:19.0617 0652 USBAAPL64 - ok
18:33:19.0661 0652 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:33:19.0663 0652 usbaudio - ok
18:33:19.0713 0652 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:33:19.0715 0652 usbccgp - ok
18:33:19.0766 0652 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:33:19.0768 0652 usbcir - ok
18:33:19.0814 0652 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:33:19.0815 0652 usbehci - ok
18:33:19.0843 0652 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:33:19.0855 0652 usbhub - ok
18:33:19.0869 0652 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:33:19.0870 0652 usbohci - ok
18:33:19.0915 0652 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:33:19.0916 0652 usbprint - ok
18:33:19.0961 0652 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:19.0962 0652 USBSTOR - ok
18:33:19.0988 0652 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:33:19.0989 0652 usbuhci - ok
18:33:20.0044 0652 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:33:20.0047 0652 usbvideo - ok
18:33:20.0112 0652 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:33:20.0113 0652 vdrvroot - ok
18:33:20.0182 0652 vflt (70eb327d68d7cec357b734b0be5b4a21) C:\Windows\system32\DRIVERS\vfilter.sys
18:33:20.0183 0652 vflt - ok
18:33:20.0205 0652 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:20.0206 0652 vga - ok
18:33:20.0226 0652 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:33:20.0227 0652 VgaSave - ok
18:33:20.0247 0652 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:33:20.0250 0652 vhdmp - ok
18:33:20.0277 0652 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:33:20.0278 0652 viaide - ok
18:33:20.0319 0652 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:33:20.0321 0652 vmbus - ok
18:33:20.0370 0652 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:33:20.0375 0652 VMBusHID - ok
18:33:20.0453 0652 vnet (71bf90872b6a7b34a26f4794dda7aec3) C:\Windows\system32\DRIVERS\virtualnet.sys
18:33:20.0468 0652 vnet - ok
18:33:20.0692 0652 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:33:20.0693 0652 volmgr - ok
18:33:20.0743 0652 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:33:20.0748 0652 volmgrx - ok
18:33:20.0763 0652 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:33:20.0767 0652 volsnap - ok
18:33:20.0831 0652 vpcbus (f004aeb456cd886dfdb123b6297d89c9) C:\Windows\system32\DRIVERS\vpchbus.sys
18:33:20.0835 0652 vpcbus - ok
18:33:20.0882 0652 vpcnfltr (a7fae0a70e7a6d7a9469a2bf0a1cac5f) C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:33:20.0883 0652 vpcnfltr - ok
18:33:20.0934 0652 vpcusb (4cdf15ceaf71f068bd26b9841d4e3e2b) C:\Windows\system32\DRIVERS\vpcusb.sys
18:33:20.0935 0652 vpcusb - ok
18:33:20.0983 0652 vpcuxd (4574851fd70edd8476111f880dd66480) C:\Windows\system32\DRIVERS\vpcuxd.sys
18:33:20.0985 0652 vpcuxd - ok
18:33:21.0044 0652 vpcvmm (e7ea9e3fbf1b0f517584e03638511e86) C:\Windows\system32\drivers\vpcvmm.sys
18:33:21.0051 0652 vpcvmm - ok
18:33:21.0097 0652 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:33:21.0100 0652 vsmraid - ok
18:33:21.0201 0652 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:33:21.0205 0652 vwifibus - ok
18:33:21.0243 0652 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:33:21.0244 0652 WacomPen - ok
18:33:21.0304 0652 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:33:21.0306 0652 WANARP - ok
18:33:21.0329 0652 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:33:21.0330 0652 Wanarpv6 - ok
18:33:21.0375 0652 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:33:21.0376 0652 Wd - ok
18:33:21.0428 0652 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:33:21.0444 0652 Wdf01000 - ok
18:33:21.0503 0652 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:21.0504 0652 WfpLwf - ok
18:33:21.0526 0652 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:33:21.0527 0652 WIMMount - ok
18:33:21.0615 0652 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:33:21.0616 0652 WinUsb - ok
18:33:21.0636 0652 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:33:21.0636 0652 WmiAcpi - ok
18:33:21.0671 0652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:33:21.0672 0652 ws2ifsl - ok
18:33:21.0729 0652 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:33:21.0731 0652 WudfPf - ok
18:33:21.0783 0652 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:21.0787 0652 WUDFRd - ok
18:33:21.0863 0652 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
18:33:21.0892 0652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:33:21.0892 0652 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:33:21.0926 0652 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:33:21.0926 0652 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:33:21.0930 0652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
18:33:22.0016 0652 \Device\Harddisk1\DR1 - ok
18:33:22.0026 0652 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk2\DR2
18:33:22.0162 0652 \Device\Harddisk2\DR2 - ok
18:33:22.0197 0652 Boot (0x1200) (622744caa8b967dc300028b8ac3d13bc) \Device\Harddisk0\DR0\Partition0
18:33:22.0205 0652 \Device\Harddisk0\DR0\Partition0 - ok
18:33:22.0223 0652 Boot (0x1200) (ce1152ccf4f44b772d37caf63be84ce5) \Device\Harddisk0\DR0\Partition1
18:33:22.0226 0652 \Device\Harddisk0\DR0\Partition1 - ok
18:33:22.0233 0652 Boot (0x1200) (1456b3a2ae84a1d7282077a8a232310d) \Device\Harddisk1\DR1\Partition0
18:33:22.0235 0652 \Device\Harddisk1\DR1\Partition0 - ok
18:33:22.0240 0652 Boot (0x1200) (bc5040795b4f22139648b3eb7c06a126) \Device\Harddisk2\DR2\Partition0
18:33:22.0241 0652 \Device\Harddisk2\DR2\Partition0 - ok
18:33:22.0243 0652 ============================================================
18:33:22.0243 0652 Scan finished
18:33:22.0243 0652 ============================================================
18:33:22.0268 2484 Detected object count: 3
18:33:22.0268 2484 Actual detected object count: 3
18:33:58.0995 2484 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:33:58.0995 2484 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:33:59.0018 2484 \Device\Harddisk0\DR0\# - copied to quarantine
18:33:59.0018 2484 \Device\Harddisk0\DR0 - copied to quarantine
18:33:59.0044 2484 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:33:59.0046 2484 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
18:33:59.0049 2484 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
18:33:59.0052 2484 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
18:33:59.0062 2484 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
18:33:59.0068 2484 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
18:33:59.0069 2484 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
18:33:59.0070 2484 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
18:33:59.0072 2484 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
18:33:59.0073 2484 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
18:33:59.0076 2484 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
18:33:59.0077 2484 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
18:33:59.0119 2484 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
18:33:59.0120 2484 \Device\Harddisk0\DR0 - ok
18:34:09.0166 2484 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
18:34:09.0166 2484 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:34:09.0166 2484 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip





aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 18:54:03
-----------------------------
18:54:03.424 OS Version: Windows x64 6.1.7601 Service Pack 1
18:54:03.424 Number of processors: 2 586 0x6B02
18:54:03.424 ComputerName: JAMESDESKTOP-PC UserName: JamesDesktop
18:54:07.559 Initialze error C000010E - driver not loaded
18:54:07.582 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
18:54:12.917 AVAST engine defs: 12022002
18:54:19.772 Service scanning
18:54:56.230 Modules scanning
18:54:56.235 Disk 0 trace - called modules:
18:54:56.240
18:54:58.972 AVAST engine scan C:\Windows
18:55:02.978 AVAST engine scan C:\Windows\system32
18:59:23.129 AVAST engine scan C:\Windows\system32\drivers
18:59:53.834 AVAST engine scan C:\Users\JamesDesktop
19:45:18.739 File: C:\Users\JamesDesktop\flash_Drive_backup\System\Apps\236C571E-47D6-4a73-AD5A-97F1E555E375\Exec\openoffice\program\uno.exe **INFECTED** Win32:Malware-gen
19:47:29.064 AVAST engine scan C:\ProgramData
19:49:35.732 Scan finished successfully
19:58:42.255 The log file has been saved successfully to "C:\Users\JamesDesktop\Desktop\aswMBR.txt"

#5 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 21 February 2012 - 12:30 AM

Oops. Let me rescan with aswMBR. I'll get a new log after I get back in from work in a few hours.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 21 February 2012 - 12:43 AM

After you get back from work

Restart the PC ,Run TDSSkiller once again

Make sure to DELETE -TDSSfile system-do not skip it

Now run aswmbr again and post the log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Select all the infections-REMOVE IT

Post the clean log


Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 21 February 2012 - 07:18 AM

02:15:34.0619 2044 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
02:15:35.0056 2044 ============================================================
02:15:35.0056 2044 Current date / time: 2012/02/21 02:15:35.0056
02:15:35.0056 2044 SystemInfo:
02:15:35.0056 2044
02:15:35.0056 2044 OS Version: 6.1.7601 ServicePack: 1.0
02:15:35.0056 2044 Product type: Workstation
02:15:35.0056 2044 ComputerName: JAMESDESKTOP-PC
02:15:35.0056 2044 UserName: JamesDesktop
02:15:35.0056 2044 Windows directory: C:\Windows
02:15:35.0056 2044 System windows directory: C:\Windows
02:15:35.0056 2044 Running under WOW64
02:15:35.0056 2044 Processor architecture: Intel x64
02:15:35.0056 2044 Number of processors: 2
02:15:35.0056 2044 Page size: 0x1000
02:15:35.0056 2044 Boot type: Safe boot with network
02:15:35.0056 2044 ============================================================
02:15:39.0518 2044 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
02:15:39.0564 2044 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:15:39.0596 2044 Drive \Device\Harddisk2\DR2 - Size: 0x776F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
02:15:39.0596 2044 \Device\Harddisk0\DR0:
02:15:39.0596 2044 MBR used
02:15:39.0596 2044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:15:39.0596 2044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
02:15:39.0596 2044 \Device\Harddisk1\DR1:
02:15:39.0596 2044 MBR used
02:15:39.0596 2044 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
02:15:39.0596 2044 \Device\Harddisk2\DR2:
02:15:39.0596 2044 MBR used
02:15:39.0596 2044 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BB521
02:15:39.0752 2044 Initialize success
02:15:39.0752 2044 ============================================================
02:15:44.0135 1808 ============================================================
02:15:44.0135 1808 Scan started
02:15:44.0135 1808 Mode: Manual; TDLFS;
02:15:44.0135 1808 ============================================================
02:15:48.0612 1808 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:15:48.0612 1808 1394ohci - ok
02:15:48.0722 1808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:15:48.0722 1808 ACPI - ok
02:15:48.0831 1808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:15:48.0831 1808 AcpiPmi - ok
02:15:48.0940 1808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:15:48.0940 1808 adp94xx - ok
02:15:49.0080 1808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:15:49.0080 1808 adpahci - ok
02:15:49.0205 1808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:15:49.0205 1808 adpu320 - ok
02:15:49.0392 1808 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
02:15:49.0392 1808 AFD - ok
02:15:49.0486 1808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:15:49.0486 1808 agp440 - ok
02:15:49.0564 1808 aksdf (95bc4330fa44240ca00c641a73c7e62d) C:\Windows\system32\drivers\aksdf.sys
02:15:49.0564 1808 aksdf - ok
02:15:49.0689 1808 aksfridge (e2e5cf34d6c56ace5e986969a3d9b0b5) C:\Windows\system32\DRIVERS\aksfridge.sys
02:15:49.0689 1808 aksfridge - ok
02:15:49.0782 1808 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
02:15:49.0782 1808 akshasp - ok
02:15:49.0860 1808 akshhl (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
02:15:49.0860 1808 akshhl - ok
02:15:49.0938 1808 aksusb (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
02:15:49.0938 1808 aksusb - ok
02:15:50.0016 1808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:15:50.0016 1808 aliide - ok
02:15:50.0250 1808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:15:50.0250 1808 amdide - ok
02:15:50.0313 1808 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
02:15:50.0313 1808 amdiox64 - ok
02:15:50.0453 1808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:15:50.0453 1808 AmdK8 - ok
02:15:51.0202 1808 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
02:15:51.0264 1808 amdkmdag - ok
02:15:51.0498 1808 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
02:15:51.0498 1808 amdkmdap - ok
02:15:51.0608 1808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:15:51.0608 1808 AmdPPM - ok
02:15:51.0686 1808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:15:51.0686 1808 amdsata - ok
02:15:51.0779 1808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:15:51.0795 1808 amdsbs - ok
02:15:51.0842 1808 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:15:51.0842 1808 amdxata - ok
02:15:51.0951 1808 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
02:15:51.0966 1808 androidusb - ok
02:15:52.0060 1808 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:15:52.0060 1808 AppID - ok
02:15:52.0247 1808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:15:52.0247 1808 arc - ok
02:15:52.0278 1808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:15:52.0278 1808 arcsas - ok
02:15:52.0356 1808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:15:52.0356 1808 AsyncMac - ok
02:15:52.0419 1808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:15:52.0419 1808 atapi - ok
02:15:52.0528 1808 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
02:15:52.0528 1808 AtiHDAudioService - ok
02:15:53.0199 1808 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
02:15:53.0246 1808 atikmdag - ok
02:15:53.0542 1808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:15:53.0542 1808 b06bdrv - ok
02:15:53.0682 1808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:15:53.0682 1808 b57nd60a - ok
02:15:53.0823 1808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:15:53.0823 1808 Beep - ok
02:15:53.0963 1808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:15:53.0963 1808 blbdrive - ok
02:15:54.0213 1808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:15:54.0213 1808 bowser - ok
02:15:54.0322 1808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:15:54.0322 1808 BrFiltLo - ok
02:15:54.0353 1808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:15:54.0353 1808 BrFiltUp - ok
02:15:54.0556 1808 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
02:15:54.0572 1808 Bridge - ok
02:15:54.0650 1808 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
02:15:54.0650 1808 BridgeMP - ok
02:15:54.0930 1808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:15:54.0930 1808 Brserid - ok
02:15:55.0055 1808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:15:55.0055 1808 BrSerWdm - ok
02:15:55.0242 1808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:15:55.0242 1808 BrUsbMdm - ok
02:15:55.0383 1808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:15:55.0383 1808 BrUsbSer - ok
02:15:55.0539 1808 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
02:15:55.0539 1808 BTCFilterService - ok
02:15:55.0742 1808 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
02:15:55.0742 1808 BthEnum - ok
02:15:55.0991 1808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:15:55.0991 1808 BTHMODEM - ok
02:15:56.0163 1808 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
02:15:56.0163 1808 BthPan - ok
02:15:56.0428 1808 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
02:15:56.0428 1808 BTHPORT - ok
02:15:56.0756 1808 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
02:15:56.0756 1808 BTHUSB - ok
02:15:57.0052 1808 CamDrL64 (6e1641724439e18ce55adee2d347aa19) C:\Windows\system32\DRIVERS\CamDrL64.sys
02:15:57.0052 1808 CamDrL64 - ok
02:15:57.0255 1808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:15:57.0255 1808 cdfs - ok
02:15:57.0504 1808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
02:15:57.0520 1808 cdrom - ok
02:15:57.0723 1808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:15:57.0723 1808 circlass - ok
02:15:57.0910 1808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:15:57.0910 1808 CLFS - ok
02:15:58.0160 1808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:15:58.0160 1808 CmBatt - ok
02:15:58.0331 1808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:15:58.0331 1808 cmdide - ok
02:15:58.0862 1808 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
02:15:58.0877 1808 CNG - ok
02:15:59.0002 1808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:15:59.0002 1808 Compbatt - ok
02:15:59.0298 1808 CompFilter64 (403433d758c2d8908937265c1fb34f34) C:\Windows\system32\DRIVERS\lvbflt64.sys
02:15:59.0298 1808 CompFilter64 - ok
02:15:59.0486 1808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:15:59.0486 1808 CompositeBus - ok
02:15:59.0813 1808 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
02:15:59.0813 1808 cpuz134 - ok
02:15:59.0954 1808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:15:59.0954 1808 crcdisk - ok
02:16:00.0297 1808 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
02:16:00.0297 1808 CSC - ok
02:16:00.0718 1808 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
02:16:00.0718 1808 ctxusbm - ok
02:16:01.0046 1808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:16:01.0046 1808 DfsC - ok
02:16:01.0280 1808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:16:01.0280 1808 discache - ok
02:16:01.0670 1808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:16:01.0670 1808 Disk - ok
02:16:01.0982 1808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:16:01.0982 1808 drmkaud - ok
02:16:02.0372 1808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:16:02.0387 1808 DXGKrnl - ok
02:16:03.0089 1808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:16:03.0105 1808 ebdrv - ok
02:16:03.0464 1808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:16:03.0464 1808 elxstor - ok
02:16:03.0666 1808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:16:03.0666 1808 ErrDev - ok
02:16:03.0869 1808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:16:03.0869 1808 exfat - ok
02:16:04.0025 1808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:16:04.0025 1808 fastfat - ok
02:16:04.0259 1808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:16:04.0259 1808 fdc - ok
02:16:04.0400 1808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:16:04.0400 1808 FileInfo - ok
02:16:04.0618 1808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:16:04.0618 1808 Filetrace - ok
02:16:04.0774 1808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:16:04.0774 1808 flpydisk - ok
02:16:05.0024 1808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:16:05.0024 1808 FltMgr - ok
02:16:05.0304 1808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:16:05.0304 1808 FsDepends - ok
02:16:05.0554 1808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
02:16:05.0554 1808 Fs_Rec - ok
02:16:05.0710 1808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:16:05.0710 1808 fvevol - ok
02:16:05.0913 1808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:16:05.0913 1808 gagp30kx - ok
02:16:06.0053 1808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:16:06.0053 1808 GEARAspiWDM - ok
02:16:06.0365 1808 hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
02:16:06.0365 1808 hardlock - ok
02:16:06.0506 1808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:16:06.0506 1808 hcw85cir - ok
02:16:06.0724 1808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:16:06.0724 1808 HdAudAddService - ok
02:16:06.0880 1808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:16:06.0880 1808 HDAudBus - ok
02:16:07.0067 1808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:16:07.0067 1808 HidBatt - ok
02:16:07.0270 1808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:16:07.0270 1808 HidBth - ok
02:16:07.0473 1808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:16:07.0473 1808 HidIr - ok
02:16:07.0785 1808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
02:16:07.0785 1808 HidUsb - ok
02:16:08.0097 1808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:16:08.0097 1808 HpSAMD - ok
02:16:08.0518 1808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:16:08.0534 1808 HTTP - ok
02:16:08.0892 1808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:16:08.0892 1808 hwpolicy - ok
02:16:09.0501 1808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:16:09.0501 1808 i8042prt - ok
02:16:10.0328 1808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:16:10.0328 1808 iaStorV - ok
02:16:10.0624 1808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:16:10.0624 1808 iirsp - ok
02:16:11.0030 1808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:16:11.0030 1808 intelide - ok
02:16:11.0342 1808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:16:11.0342 1808 intelppm - ok
02:16:12.0044 1808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:16:12.0044 1808 IpFilterDriver - ok
02:16:12.0434 1808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:16:12.0434 1808 IPMIDRV - ok
02:16:12.0839 1808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:16:12.0839 1808 IPNAT - ok
02:16:13.0292 1808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:16:13.0292 1808 IRENUM - ok
02:16:13.0666 1808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:16:13.0666 1808 isapnp - ok
02:16:14.0150 1808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:16:14.0150 1808 iScsiPrt - ok
02:16:14.0540 1808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
02:16:14.0540 1808 kbdclass - ok
02:16:14.0992 1808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
02:16:14.0992 1808 kbdhid - ok
02:16:15.0226 1808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
02:16:15.0226 1808 KSecDD - ok
02:16:15.0616 1808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
02:16:15.0616 1808 KSecPkg - ok
02:16:15.0990 1808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:16:15.0990 1808 ksthunk - ok
02:16:16.0412 1808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:16:16.0412 1808 lltdio - ok
02:16:16.0864 1808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:16:16.0864 1808 LSI_FC - ok
02:16:17.0270 1808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:16:17.0270 1808 LSI_SAS - ok
02:16:17.0691 1808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:16:17.0691 1808 LSI_SAS2 - ok
02:16:18.0206 1808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:16:18.0206 1808 LSI_SCSI - ok
02:16:18.0674 1808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:16:18.0674 1808 luafv - ok
02:16:19.0032 1808 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys
02:16:19.0048 1808 LVRS64 - ok
02:16:19.0469 1808 LVUSBS64 (9761370ffb533cf6e4a7176f4baa3ba9) C:\Windows\system32\DRIVERS\LVUSBS64.sys
02:16:19.0469 1808 LVUSBS64 - ok
02:16:20.0670 1808 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys
02:16:20.0702 1808 LVUVC64 - ok
02:16:20.0936 1808 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
02:16:20.0936 1808 MBAMProtector - ok
02:16:21.0310 1808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:16:21.0326 1808 megasas - ok
02:16:21.0684 1808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:16:21.0684 1808 MegaSR - ok
02:16:21.0996 1808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:16:21.0996 1808 Modem - ok
02:16:22.0527 1808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:16:22.0527 1808 monitor - ok
02:16:22.0792 1808 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
02:16:22.0792 1808 motandroidusb - ok
02:16:23.0151 1808 motccgp (c94a2ea3fdfa5d650884926b710b7db1) C:\Windows\system32\DRIVERS\motccgp.sys
02:16:23.0151 1808 motccgp - ok
02:16:23.0447 1808 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
02:16:23.0447 1808 motccgpfl - ok
02:16:23.0884 1808 motmodem (060f0ef84f430802df3788f3dcfd009c) C:\Windows\system32\DRIVERS\motmodem.sys
02:16:23.0884 1808 motmodem - ok
02:16:24.0243 1808 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
02:16:24.0243 1808 MotoSwitchService - ok
02:16:24.0555 1808 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
02:16:24.0555 1808 Motousbnet - ok
02:16:24.0695 1808 motusbdevice (4244e427cda5f6485e74461b5b48a7b6) C:\Windows\system32\DRIVERS\motusbdevice.sys
02:16:24.0695 1808 motusbdevice - ok
02:16:25.0116 1808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
02:16:25.0116 1808 mouclass - ok
02:16:25.0288 1808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:16:25.0288 1808 mouhid - ok
02:16:25.0694 1808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:16:25.0694 1808 mountmgr - ok
02:16:26.0068 1808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
02:16:26.0068 1808 MpFilter - ok
02:16:26.0598 1808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:16:26.0598 1808 mpio - ok
02:16:26.0817 1808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
02:16:26.0817 1808 MpNWMon - ok
02:16:26.0988 1808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:16:26.0988 1808 mpsdrv - ok
02:16:27.0207 1808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:16:27.0207 1808 MRxDAV - ok
02:16:27.0425 1808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:16:27.0441 1808 mrxsmb - ok
02:16:27.0893 1808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:16:27.0893 1808 mrxsmb10 - ok
02:16:28.0143 1808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:16:28.0143 1808 mrxsmb20 - ok
02:16:28.0330 1808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:16:28.0330 1808 msahci - ok
02:16:28.0580 1808 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:16:28.0580 1808 msdsm - ok
02:16:28.0845 1808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:16:28.0845 1808 Msfs - ok
02:16:29.0313 1808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:16:29.0313 1808 mshidkmdf - ok
02:16:29.0687 1808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:16:29.0687 1808 msisadrv - ok
02:16:30.0093 1808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:16:30.0093 1808 MSKSSRV - ok
02:16:30.0498 1808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:16:30.0498 1808 MSPCLOCK - ok
02:16:30.0857 1808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:16:30.0857 1808 MSPQM - ok
02:16:31.0232 1808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:16:31.0232 1808 MsRPC - ok
02:16:31.0559 1808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:16:31.0559 1808 mssmbios - ok
02:16:31.0746 1808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:16:31.0746 1808 MSTEE - ok
02:16:32.0090 1808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:16:32.0090 1808 MTConfig - ok
02:16:32.0277 1808 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
02:16:32.0277 1808 MTsensor - ok
02:16:32.0542 1808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:16:32.0542 1808 Mup - ok
02:16:32.0885 1808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:16:32.0885 1808 NativeWifiP - ok
02:16:33.0369 1808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:16:33.0369 1808 NDIS - ok
02:16:33.0852 1808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:16:33.0852 1808 NdisCap - ok
02:16:34.0118 1808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:16:34.0118 1808 NdisTapi - ok
02:16:34.0461 1808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:16:34.0461 1808 Ndisuio - ok
02:16:34.0866 1808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:16:34.0866 1808 NdisWan - ok
02:16:35.0038 1808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:16:35.0038 1808 NDProxy - ok
02:16:35.0506 1808 Neo_packet (7e7410989adb54f6a60be9919ad2c71d) C:\Windows\system32\DRIVERS\Neo_0114.sys
02:16:35.0506 1808 Neo_packet - ok
02:16:35.0771 1808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:16:35.0771 1808 NetBIOS - ok
02:16:36.0005 1808 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:16:36.0005 1808 NetBT - ok
02:16:36.0348 1808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:16:36.0348 1808 nfrd960 - ok
02:16:36.0754 1808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:16:36.0770 1808 NisDrv - ok
02:16:37.0175 1808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:16:37.0175 1808 Npfs - ok
02:16:37.0581 1808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:16:37.0581 1808 nsiproxy - ok
02:16:38.0189 1808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:16:38.0189 1808 Ntfs - ok
02:16:38.0720 1808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:16:38.0720 1808 Null - ok
02:16:39.0297 1808 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
02:16:39.0297 1808 NVENETFD - ok
02:16:39.0843 1808 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
02:16:39.0858 1808 NVHDA - ok
02:16:40.0280 1808 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys
02:16:40.0280 1808 NVNET - ok
02:16:40.0779 1808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:16:40.0779 1808 nvraid - ok
02:16:41.0184 1808 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
02:16:41.0184 1808 nvsmu - ok
02:16:41.0590 1808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:16:41.0606 1808 nvstor - ok
02:16:41.0996 1808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:16:41.0996 1808 nv_agp - ok
02:16:42.0401 1808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:16:42.0417 1808 ohci1394 - ok
02:16:42.0916 1808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:16:42.0916 1808 Parport - ok
02:16:43.0150 1808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
02:16:43.0166 1808 partmgr - ok
02:16:43.0415 1808 pbfilter (5418d3d8a2135c533f232e3c2b83f153) C:\Program Files\PeerBlock\pbfilter.sys
02:16:43.0415 1808 pbfilter - ok
02:16:43.0758 1808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:16:43.0758 1808 pci - ok
02:16:44.0008 1808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:16:44.0008 1808 pciide - ok
02:16:44.0320 1808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:16:44.0320 1808 pcmcia - ok
02:16:44.0788 1808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:16:44.0788 1808 pcw - ok
02:16:45.0287 1808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:16:45.0303 1808 PEAUTH - ok
02:16:45.0880 1808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:16:45.0880 1808 PptpMiniport - ok
02:16:46.0332 1808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:16:46.0332 1808 Processor - ok
02:16:47.0175 1808 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:16:47.0175 1808 Psched - ok
02:16:47.0565 1808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:16:47.0565 1808 ql2300 - ok
02:16:47.0861 1808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:16:47.0861 1808 ql40xx - ok
02:16:48.0080 1808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:16:48.0080 1808 QWAVEdrv - ok
02:16:48.0360 1808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:16:48.0360 1808 RasAcd - ok
02:16:48.0704 1808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:16:48.0704 1808 RasAgileVpn - ok
02:16:48.0860 1808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:16:48.0860 1808 Rasl2tp - ok
02:16:49.0109 1808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:16:49.0109 1808 RasPppoe - ok
02:16:49.0374 1808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:16:49.0374 1808 RasSstp - ok
02:16:49.0640 1808 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:16:49.0640 1808 rdbss - ok
02:16:49.0874 1808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:16:49.0874 1808 rdpbus - ok
02:16:50.0092 1808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:16:50.0092 1808 RDPCDD - ok
02:16:50.0295 1808 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
02:16:50.0295 1808 RDPDR - ok
02:16:50.0560 1808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:16:50.0560 1808 RDPENCDD - ok
02:16:50.0888 1808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:16:50.0888 1808 RDPREFMP - ok
02:16:51.0044 1808 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
02:16:51.0044 1808 RDPWD - ok
02:16:51.0278 1808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:16:51.0278 1808 rdyboost - ok
02:16:51.0543 1808 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
02:16:51.0543 1808 RFCOMM - ok
02:16:51.0746 1808 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
02:16:51.0746 1808 RimUsb - ok
02:16:51.0902 1808 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
02:16:51.0902 1808 RimVSerPort - ok
02:16:52.0136 1808 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
02:16:52.0136 1808 ROOTMODEM - ok
02:16:52.0448 1808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:16:52.0448 1808 rspndr - ok
02:16:52.0588 1808 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
02:16:52.0588 1808 s3cap - ok
02:16:52.0728 1808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:16:52.0728 1808 sbp2port - ok
02:16:53.0087 1808 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
02:16:53.0087 1808 SCDEmu - ok
02:16:53.0321 1808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:16:53.0321 1808 scfilter - ok
02:16:53.0524 1808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:16:53.0524 1808 secdrv - ok
02:16:53.0727 1808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:16:53.0727 1808 Serenum - ok
02:16:53.0930 1808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:16:53.0930 1808 Serial - ok
02:16:54.0179 1808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:16:54.0179 1808 sermouse - ok
02:16:54.0398 1808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:16:54.0398 1808 sffdisk - ok
02:16:54.0585 1808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:16:54.0585 1808 sffp_mmc - ok
02:16:54.0819 1808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:16:54.0819 1808 sffp_sd - ok
02:16:55.0146 1808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:16:55.0146 1808 sfloppy - ok
02:16:55.0349 1808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:16:55.0349 1808 SiSRaid2 - ok
02:16:55.0505 1808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:16:55.0505 1808 SiSRaid4 - ok
02:16:55.0677 1808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:16:55.0692 1808 Smb - ok
02:16:55.0880 1808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:16:55.0880 1808 spldr - ok
02:16:55.0973 1808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:16:55.0973 1808 srv - ok
02:16:56.0067 1808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:16:56.0067 1808 srv2 - ok
02:16:56.0145 1808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:16:56.0145 1808 srvnet - ok
02:16:56.0254 1808 ssadbus (866f8212ef7e75bac8bca03331e30cb4) C:\Windows\system32\DRIVERS\ssadbus.sys
02:16:56.0254 1808 ssadbus - ok
02:16:56.0363 1808 ssadmdfl (73e2ba39e7eb024dc686412e2e924a74) C:\Windows\system32\DRIVERS\ssadmdfl.sys
02:16:56.0363 1808 ssadmdfl - ok
02:16:56.0472 1808 ssadmdm (74b032d6c1e36ae2f790752fde8ce055) C:\Windows\system32\DRIVERS\ssadmdm.sys
02:16:56.0472 1808 ssadmdm - ok
02:16:56.0582 1808 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
02:16:56.0582 1808 sscdbus - ok
02:16:56.0675 1808 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
02:16:56.0675 1808 sscdmdfl - ok
02:16:56.0769 1808 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
02:16:56.0769 1808 sscdmdm - ok
02:16:56.0878 1808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:16:56.0878 1808 stexstor - ok
02:16:56.0987 1808 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
02:16:56.0987 1808 storflt - ok
02:16:57.0050 1808 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
02:16:57.0065 1808 storvsc - ok
02:16:57.0143 1808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:16:57.0143 1808 swenum - ok
02:16:57.0252 1808 tapoas (927d0cdb3f96efc1e98fb1a2c9fb67ad) C:\Windows\system32\DRIVERS\tapoas.sys
02:16:57.0252 1808 tapoas - ok
02:16:57.0362 1808 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
02:16:57.0377 1808 Tcpip - ok
02:16:57.0502 1808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
02:16:57.0518 1808 TCPIP6 - ok
02:16:57.0564 1808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:16:57.0564 1808 tcpipreg - ok
02:16:57.0596 1808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:16:57.0596 1808 TDPIPE - ok
02:16:57.0611 1808 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
02:16:57.0611 1808 TDTCP - ok
02:16:57.0658 1808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:16:57.0658 1808 tdx - ok
02:16:57.0705 1808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:16:57.0705 1808 TermDD - ok
02:16:57.0752 1808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:16:57.0752 1808 tssecsrv - ok
02:16:57.0814 1808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:16:57.0814 1808 TsUsbFlt - ok
02:16:57.0876 1808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:16:57.0876 1808 tunnel - ok
02:16:57.0892 1808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:16:57.0892 1808 uagp35 - ok
02:16:57.0939 1808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:16:57.0939 1808 udfs - ok
02:16:57.0986 1808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:16:57.0986 1808 uliagpkx - ok
02:16:58.0032 1808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
02:16:58.0032 1808 umbus - ok
02:16:58.0079 1808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:16:58.0079 1808 UmPass - ok
02:16:58.0157 1808 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
02:16:58.0157 1808 USBAAPL64 - ok
02:16:58.0188 1808 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
02:16:58.0188 1808 usbaudio - ok
02:16:58.0235 1808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:16:58.0235 1808 usbccgp - ok
02:16:58.0282 1808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:16:58.0282 1808 usbcir - ok
02:16:58.0329 1808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:16:58.0329 1808 usbehci - ok
02:16:58.0344 1808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:16:58.0344 1808 usbhub - ok
02:16:58.0360 1808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
02:16:58.0360 1808 usbohci - ok
02:16:58.0438 1808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:16:58.0438 1808 usbprint - ok
02:16:58.0485 1808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:16:58.0485 1808 USBSTOR - ok
02:16:58.0500 1808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:16:58.0500 1808 usbuhci - ok
02:16:58.0547 1808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
02:16:58.0563 1808 usbvideo - ok
02:16:58.0610 1808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:16:58.0610 1808 vdrvroot - ok
02:16:58.0656 1808 vflt (70eb327d68d7cec357b734b0be5b4a21) C:\Windows\system32\DRIVERS\vfilter.sys
02:16:58.0656 1808 vflt - ok
02:16:58.0688 1808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:16:58.0688 1808 vga - ok
02:16:58.0703 1808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:16:58.0703 1808 VgaSave - ok
02:16:58.0734 1808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:16:58.0734 1808 vhdmp - ok
02:16:58.0781 1808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:16:58.0781 1808 viaide - ok
02:16:58.0812 1808 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
02:16:58.0812 1808 vmbus - ok
02:16:58.0844 1808 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
02:16:58.0844 1808 VMBusHID - ok
02:16:58.0890 1808 vnet (71bf90872b6a7b34a26f4794dda7aec3) C:\Windows\system32\DRIVERS\virtualnet.sys
02:16:58.0890 1808 vnet - ok
02:16:58.0937 1808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:16:58.0937 1808 volmgr - ok
02:16:58.0984 1808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:16:58.0984 1808 volmgrx - ok
02:16:59.0015 1808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:16:59.0031 1808 volsnap - ok
02:16:59.0078 1808 vpcbus (f004aeb456cd886dfdb123b6297d89c9) C:\Windows\system32\DRIVERS\vpchbus.sys
02:16:59.0078 1808 vpcbus - ok
02:16:59.0124 1808 vpcnfltr (a7fae0a70e7a6d7a9469a2bf0a1cac5f) C:\Windows\system32\DRIVERS\vpcnfltr.sys
02:16:59.0124 1808 vpcnfltr - ok
02:16:59.0171 1808 vpcusb (4cdf15ceaf71f068bd26b9841d4e3e2b) C:\Windows\system32\DRIVERS\vpcusb.sys
02:16:59.0171 1808 vpcusb - ok
02:16:59.0202 1808 vpcuxd (4574851fd70edd8476111f880dd66480) C:\Windows\system32\DRIVERS\vpcuxd.sys
02:16:59.0202 1808 vpcuxd - ok
02:16:59.0265 1808 vpcvmm (e7ea9e3fbf1b0f517584e03638511e86) C:\Windows\system32\drivers\vpcvmm.sys
02:16:59.0265 1808 vpcvmm - ok
02:16:59.0312 1808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:16:59.0312 1808 vsmraid - ok
02:16:59.0343 1808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
02:16:59.0343 1808 vwifibus - ok
02:16:59.0358 1808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:16:59.0358 1808 WacomPen - ok
02:16:59.0405 1808 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:16:59.0405 1808 WANARP - ok
02:16:59.0436 1808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:16:59.0436 1808 Wanarpv6 - ok
02:16:59.0468 1808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:16:59.0468 1808 Wd - ok
02:16:59.0499 1808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:16:59.0499 1808 Wdf01000 - ok
02:16:59.0530 1808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:16:59.0530 1808 WfpLwf - ok
02:16:59.0546 1808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:16:59.0546 1808 WIMMount - ok
02:16:59.0639 1808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:16:59.0639 1808 WinUsb - ok
02:16:59.0702 1808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:16:59.0702 1808 WmiAcpi - ok
02:16:59.0748 1808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:16:59.0748 1808 ws2ifsl - ok
02:16:59.0811 1808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:16:59.0811 1808 WudfPf - ok
02:16:59.0858 1808 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:16:59.0858 1808 WUDFRd - ok
02:16:59.0936 1808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:17:00.0029 1808 \Device\Harddisk0\DR0 - ok
02:17:00.0029 1808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
02:17:00.0060 1808 \Device\Harddisk1\DR1 - ok
02:17:00.0060 1808 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk2\DR2
02:17:00.0138 1808 \Device\Harddisk2\DR2 - ok
02:17:00.0138 1808 Boot (0x1200) (622744caa8b967dc300028b8ac3d13bc) \Device\Harddisk0\DR0\Partition0
02:17:00.0138 1808 \Device\Harddisk0\DR0\Partition0 - ok
02:17:00.0185 1808 Boot (0x1200) (ce1152ccf4f44b772d37caf63be84ce5) \Device\Harddisk0\DR0\Partition1
02:17:00.0185 1808 \Device\Harddisk0\DR0\Partition1 - ok
02:17:00.0201 1808 Boot (0x1200) (1456b3a2ae84a1d7282077a8a232310d) \Device\Harddisk1\DR1\Partition0
02:17:00.0201 1808 \Device\Harddisk1\DR1\Partition0 - ok
02:17:00.0201 1808 Boot (0x1200) (bc5040795b4f22139648b3eb7c06a126) \Device\Harddisk2\DR2\Partition0
02:17:00.0201 1808 \Device\Harddisk2\DR2\Partition0 - ok
02:17:00.0201 1808 ============================================================
02:17:00.0201 1808 Scan finished
02:17:00.0201 1808 ============================================================
02:17:00.0216 1788 Detected object count: 0
02:17:00.0216 1788 Actual detected object count: 0




aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-21 02:13:59
-----------------------------
02:13:59.225 OS Version: Windows x64 6.1.7601 Service Pack 1
02:13:59.225 Number of processors: 2 586 0x6B02
02:13:59.241 ComputerName: JAMESDESKTOP-PC UserName: JamesDesktop
02:14:16.307 Initialize success
02:16:46.442 AVAST engine defs: 12022100
02:17:26.799 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
02:17:26.799 Disk 0 Vendor: WDC_WD5000AAKS-22A7B0 01.03B01 Size: 476940MB BusType: 3
02:17:26.814 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-5
02:17:26.814 Disk 1 Vendor: ST2000DL003-9VT166 CC32 Size: 1907729MB BusType: 3
02:17:26.830 Disk 0 MBR read successfully
02:17:26.830 Disk 0 MBR scan
02:17:26.846 Disk 0 Windows 7 default MBR code
02:17:26.846 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
02:17:26.861 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
02:17:26.877 Service scanning
02:17:50.339 Modules scanning
02:17:50.339 Disk 0 trace - called modules:
02:17:50.355 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
02:17:50.870 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006bdf060]
02:17:50.870 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa8006aa9580]
02:17:50.870 5 ACPI.sys[fffff8800103a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8006aae060]
02:17:52.196 AVAST engine scan C:\Windows
02:17:55.097 AVAST engine scan C:\Windows\system32
02:20:44.326 AVAST engine scan C:\Windows\system32\drivers
02:21:00.644 AVAST engine scan C:\Users\JamesDesktop
02:41:55.903 File: C:\Users\JamesDesktop\flash_Drive_backup\System\Apps\236C571E-47D6-4a73-AD5A-97F1E555E375\Exec\openoffice\program\uno.exe **INFECTED** Win32:Malware-gen
02:43:38.122 AVAST engine scan C:\ProgramData
02:45:05.925 Scan finished successfully
02:45:17.015 Disk 0 MBR has been saved successfully to "C:\Users\JamesDesktop\Desktop\MBR.dat"
02:45:17.021 The log file has been saved successfully to "C:\Users\JamesDesktop\Desktop\aswMBR.txt"




Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.18.03

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
JamesDesktop :: JAMESDESKTOP-PC [administrator]

Protection: Disabled

2/21/2012 2:45:45 AM
mbam-log-2012-02-21 (02-45-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 551903
Time elapsed: 55 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|fFldlHRWjE.exe (Rogue.FakeHDD) -> Data: C:\ProgramData\fFldlHRWjE.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Internet Security (Backdoor.IRCBot) -> Data: C:\ProgramData\isecurity.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\ProgramData\fFldlHRWjE.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.302132754507397667f76.exe (Exploit.Drop.4) -> Quarantined and deleted successfully.
C:\ProgramData\isecurity.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.

(end)

#8 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 21 February 2012 - 10:33 AM

C:\Users\JamesDesktop\AppData\Local\Temp\ICReinstall\cnet_md5_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\JamesDesktop\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Users\JamesDesktop\Documents\ImageConverter_Setup\ImageConverter_Setup3.14.exe Win32/Adware.RK application cleaned by deleting - quarantined
C:\Windows\Temp\BED1.tmp a variant of Win32/Kryptik.XCV trojan cleaned by deleting - quarantined

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 21 February 2012 - 11:29 AM

Please run MBAM once more and make sure it comes out clean

Click on QUARANTINE tab and DELETE ALL the infections

Press Windows+R key and type

notepad and click ok

Copy the script
@echo off
del /f /s /q "C:\Users\JamesDesktop\flash_Drive_backup\System\Apps\236C571E-47D6-4a73-AD5A-97F1E555E375\Exec\openoffice\program\uno.exe"
del %0

Save it as

Filename:Remove.bat
save as type:all types


Run the BAT file

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#10 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 21 February 2012 - 02:55 PM

MBAM came out clean.

Farbar Service Scanner Version: 14-02-2012
Ran by JamesDesktop (administrator) on 21-02-2012 at 11:50:42
Running from "C:\Users\JamesDesktop\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 18-01-2012
Ran by JamesDesktop (administrator) on 21-02-2012 at 11:52:56
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.147.16 www.google.com
94.63.147.17 www.bing.com


========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)
VPN Client Adapter - packet = packet - VPN Client (Hardware not present)
MAC Bridge Miniport = Network Bridge (Hardware not present)
TAP-Win32 Adapter OAS = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled dhcpmediasense=disabled
set interface interface="Local Area Connection* 9" forwarding=disabled advertise=disabled mtu=1380 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="packet - VPN Client" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection* 9" address=130.166.243.15 mask=255.255.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JamesDesktop-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter OAS
Physical Address. . . . . . . . . : 00-FF-34-80-FA-2F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-22-15-13-45-28
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c987:2c9f:3ad1:fd85%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.119(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, February 21, 2012 4:20:28 AM
Lease Expires . . . . . . . . . . : Wednesday, February 22, 2012 4:20:28 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889749
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-50-B1-D6-00-22-15-13-45-28
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6AD71002-3BF7-48DB-8727-2A51F3B3C600}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3480FA2F-7389-4695-B45A-C66E3D1C8352}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: unknown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.224.232
74.125.224.233
74.125.224.234
74.125.224.235
74.125.224.236
74.125.224.237
74.125.224.238
74.125.224.239
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231


Pinging google.com [74.125.224.231] with 32 bytes of data:
Reply from 74.125.224.231: bytes=32 time=22ms TTL=54
Reply from 74.125.224.231: bytes=32 time=13ms TTL=54

Ping statistics for 74.125.224.231:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 22ms, Average = 17ms
Server: unknown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=221ms TTL=47
Reply from 98.139.183.24: bytes=32 time=158ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 158ms, Maximum = 221ms, Average = 189ms
Server: unknown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...00 ff 34 80 fa 2f ......TAP-Win32 Adapter OAS
10...00 22 15 13 45 28 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.119 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.119 276
192.168.1.119 255.255.255.255 On-link 192.168.1.119 276
192.168.1.255 255.255.255.255 On-link 192.168.1.119 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.119 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.119 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::c987:2c9f:3ad1:fd85/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208] (NVIDIA)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/21/2012 04:27:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/21/2012 04:23:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/21/2012 03:45:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/21/2012 03:44:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/21/2012 03:44:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/21/2012 02:48:33 AM) (Source: PerfNet) (User: )
Description:

Error: (02/21/2012 02:42:34 AM) (Source: PerfNet) (User: )
Description:

Error: (02/21/2012 02:40:30 AM) (Source: PerfNet) (User: )
Description:

Error: (02/20/2012 06:39:22 PM) (Source: PerfNet) (User: )
Description:

Error: (02/20/2012 06:33:22 PM) (Source: PerfNet) (User: )
Description:


System errors:
=============
Error: (02/21/2012 11:51:19 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:51:19 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:51:19 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:51:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:51:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:51:01 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:48:53 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:48:53 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:48:53 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/21/2012 11:46:05 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
4Videosoft MKV Video Converter
7-Zip 4.65 (x64 edition) (Version: 4.65.00.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 9.4.5 (Version: 9.4.5)
AIM 7
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2011.1205.2215.39827)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
AMD VISION Engine Control Center (Version: 2011.1205.2215.39827)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
ASIO4ALL
AviSynth 2.5
Batch PSD to JPG (Version: 1.51)
Battlelog Web Plugins (Version: 0.80.0)
Best Free Image Converter 3.14
BIG-IP Edge Client Components (All Users) (Version: 70.2010.0611.2124)
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37)
BlackBerry Device Software Updater (Version: 5.0.1.65)
BlackBerry Device Software v5.0.0 for the BlackBerry 9550 smartphone (Version: 5.0.0.517 (Platform 4.2.0.250))
BlackBerry® Media Sync (Version: 2.0.27)
Bonjour (Version: 2.0.5.0)
Brother HL-2140 (Version: 1.00)
Cadence License Manager (Version: 10.8)
CameraHelperMsi (Version: 13.30.1395.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Collab
Conduit Engine (Version: 6.2.7.3)
Cool Edit Pro 2.0
CPUID CPU-Z 1.56
Crystal XI (Version: 1.0.0.0)
DivX Plus Web Player (Version: 2.0.0)
Download Updater (AOL LLC)
Dropbox (Version: 1.3.14)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.0)
Facebook Plug-In
ffdshow v1.1.3452 [2010-05-24] (Version: 1.1.3452.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
FL Studio 8
Google Chrome (Version: 16.0.912.77)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk (remove only)
Google Talk Plugin (Version: 2.6.1.5251)
Google Update Helper (Version: 1.3.21.99)
Haali Media Splitter
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
IL Download Manager
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
K-Lite Codec Pack 5.1.0 (Standard) (Version: 5.1.0)
Left 4 Dead 2 Demo
LightScribe System Software (Version: 1.18.8.1)
LightScribe Template Labeler (Version: 1.18.5.1)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.30.1346.0)
LWS Gallery (Version: 13.30.1379.0)
LWS Help_main (Version: 13.30.1396.0)
LWS Launcher (Version: 13.30.1379.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.30.1395.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.30.1379.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.30.1346.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MATLAB R2009a (Version: 7.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobile Mouse Server (Version: 2.5.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 10.0 (x86 en-US) (Version: 10.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.4)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7313)
Octoshape add-in for Adobe Flash Player
ooVoo (Version: 3.0.7008)
OpenVPN Client (Version: 1.5.6)
OPSWAT AntiVirus and Firewall Integration Libraries
Origin (Version: 8.2.6.475)
Oxelon Media Converter 1.1
Paint.NET v3.5.10 (Version: 3.60.0)
PCSX2 - Playstation 2 Emulator
PeerBlock 1.0+ (r484) (Version: 1.0.0.484)
Pidgin (Version: 2.7.2)
PoiZone
Portal
PowerISO (Version: 4.6)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.69.80.9)
Rainmeter
Raptr
Release OrCAD 16.0 (Version: 16.0)
RSDLite (Version: 5.5)
SAMSUNG PC Share Manager (Version: 4.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
SeaTools for Windows (Version: 1.2.0.5)
Shrew Soft VPN Client
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SopCast 3.4.0 (Version: 3.4.0)
Spotify (Version: 0.5.2)
StarCraft II (Version: 1.0.0.16117)
Steam (Version: 1.0.0.0)
Toxic Biohazard
Trillian
TurboTax 2010
TurboTax 2010 wcaiper (Version: 010.000.1393)
TurboTax 2010 wgaiper (Version: 010.000.1266)
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 wcaiper (Version: 011.000.1357)
TurboTax 2011 wgaiper (Version: 011.000.1443)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wrapper (Version: 011.000.0120)
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Veetle TV 0.9.18 (Version: 0.9.18)
Viewpoint Media Player
VLC media player 1.0.3 (Version: 1.0.3)
WebEx
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Mode (Version: 1.2.7235.0)
WinSCP 4.2.8 (Version: 4.2.8)
Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 7678.49 MB
Available physical RAM: 5604.41 MB
Total Pagefile: 15355.18 MB
Available Pagefile: 13753.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.36 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.66 GB) (Free:91.91 GB) NTFS
4 Drive f: (Slave Drive) (Fixed) (Total:1863.01 GB) (Free:1610.03 GB) NTFS
5 Drive g: (KINGSTON) (Removable) (Total:1.87 GB) (Free:1.85 GB) FAT

========================= Users: ========================================

User accounts for \\JAMESDESKTOP-PC

Administrator Guest JamesDesktop


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 21 February 2012 - 04:55 PM

Your HOSTS file has been hijacked

DOwnload

http://go.microsoft.com/?linkid=9668866

Run the fixit

Download

Windows update FIX from here

http://support.microsoft.com/kb/971058

Run it


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Uninstall your java update from add or remove programs and download latest from here

http://www.java.com/en/


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 Kuma-san

Kuma-san
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 21 February 2012 - 09:18 PM

narenxp,

Once again, the BleepingComputer community has saved my computer. I really do appreciate the help. My computer is working perfectly now. THANK YOU!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:18 PM

Posted 21 February 2012 - 10:13 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users