Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty Viruses wont go away


  • Please log in to reply
31 replies to this topic

#1 iyaayashua

iyaayashua

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 21 February 2012 - 03:44 PM

I have a number of viruses and probably more that I dont even now about. At first I had a virus that would run a program to get me to buy a virus software. I downloaded spybot and everything ran great for about 2 months. Recently, within the past 1 month, I have had a virus on every boot up. First, I downloaded combo fix and followed the instructions on this website in a forum post and it worked ok for a few days. Today I logged onto my computer and had a new virus posted up. One of them is iSecurity and another is Windows Malicious Software Removal Tool (assuming a fake one). I downloaded Malware Bytes and ran it in safe mode and it detected 7 viruses and i deleted them all. I logged back into normal mode and Windows Malicious Software Removal Tool popped back up and instantly my computer went into blue screen and cut off. Can anyone help me with this. I am currently in safe mode with networking and it is running fine.

BC AdBot (Login to Remove)

 


#2 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 21 February 2012 - 03:51 PM

Also every time i log onto a page on the internet a little blip before the site loads says something about ninjaa...not sure if that helps

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 21 February 2012 - 04:58 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#4 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 21 February 2012 - 05:08 PM

I have a 64 bit OS so what do i do with the second step...I am running Windows 7 ultimate

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 21 February 2012 - 05:10 PM

Skip the second one :thumbup2:

#6 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 21 February 2012 - 05:16 PM

Cool...I'll post the logs after this malware bytes scan...I got it to log on with running the spamware so im doing a full scan then ill post the logs...Thank you very much for this

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 21 February 2012 - 06:04 PM

:thumbup2:

#8 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2012 - 04:38 PM

TDSS Killer

15:36:24.0554 6068 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
15:36:24.0914 6068 ============================================================
15:36:24.0914 6068 Current date / time: 2012/02/22 15:36:24.0914
15:36:24.0914 6068 SystemInfo:
15:36:24.0914 6068
15:36:24.0914 6068 OS Version: 6.1.7601 ServicePack: 1.0
15:36:24.0914 6068 Product type: Workstation
15:36:24.0914 6068 ComputerName: JOHNNYROCKET-PC
15:36:24.0914 6068 UserName: Johnny Rocket
15:36:24.0914 6068 Windows directory: C:\Windows
15:36:24.0914 6068 System windows directory: C:\Windows
15:36:24.0914 6068 Running under WOW64
15:36:24.0914 6068 Processor architecture: Intel x64
15:36:24.0914 6068 Number of processors: 2
15:36:24.0914 6068 Page size: 0x1000
15:36:24.0914 6068 Boot type: Normal boot
15:36:24.0914 6068 ============================================================
15:36:27.0034 6068 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:36:27.0054 6068 \Device\Harddisk0\DR0:
15:36:27.0054 6068 MBR used
15:36:27.0054 6068 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
15:36:27.0154 6068 Initialize success
15:36:27.0154 6068 ============================================================
15:36:40.0087 6252 ============================================================
15:36:40.0087 6252 Scan started
15:36:40.0087 6252 Mode: Manual; TDLFS;
15:36:40.0087 6252 ============================================================
15:36:42.0397 6252 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:36:42.0407 6252 1394ohci - ok
15:36:42.0467 6252 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:36:42.0467 6252 ACPI - ok
15:36:42.0527 6252 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:36:42.0527 6252 AcpiPmi - ok
15:36:42.0587 6252 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:36:42.0597 6252 adp94xx - ok
15:36:42.0657 6252 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:36:42.0667 6252 adpahci - ok
15:36:42.0867 6252 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:36:42.0897 6252 adpu320 - ok
15:36:43.0097 6252 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\Windows\system32\DRIVERS\ae1000w7.sys
15:36:43.0107 6252 AE1000 - ok
15:36:43.0567 6252 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:36:43.0577 6252 AFD - ok
15:36:43.0627 6252 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:36:43.0637 6252 agp440 - ok
15:36:43.0677 6252 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:36:43.0677 6252 aliide - ok
15:36:43.0747 6252 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:36:43.0747 6252 amdide - ok
15:36:43.0767 6252 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:36:43.0767 6252 AmdK8 - ok
15:36:43.0787 6252 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:36:43.0787 6252 AmdPPM - ok
15:36:43.0847 6252 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:36:43.0847 6252 amdsata - ok
15:36:43.0987 6252 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:36:43.0997 6252 amdsbs - ok
15:36:44.0017 6252 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:36:44.0027 6252 amdxata - ok
15:36:44.0077 6252 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:36:44.0087 6252 AppID - ok
15:36:44.0147 6252 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:36:44.0157 6252 arc - ok
15:36:44.0187 6252 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:36:44.0187 6252 arcsas - ok
15:36:44.0307 6252 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:44.0307 6252 AsyncMac - ok
15:36:44.0317 6252 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:36:44.0327 6252 atapi - ok
15:36:44.0487 6252 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\DRIVERS\atikmdag.sys
15:36:44.0537 6252 atikmdag - ok
15:36:44.0798 6252 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:36:44.0798 6252 b06bdrv - ok
15:36:44.0908 6252 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:36:44.0918 6252 b57nd60a - ok
15:36:44.0968 6252 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:36:44.0968 6252 Beep - ok
15:36:45.0348 6252 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
15:36:45.0358 6252 BHDrvx64 - ok
15:36:45.0578 6252 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:45.0588 6252 blbdrive - ok
15:36:45.0668 6252 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:36:45.0678 6252 bowser - ok
15:36:45.0758 6252 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:36:45.0758 6252 BrFiltLo - ok
15:36:45.0778 6252 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:36:45.0778 6252 BrFiltUp - ok
15:36:45.0808 6252 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:36:45.0818 6252 BridgeMP - ok
15:36:45.0848 6252 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:36:45.0848 6252 Brserid - ok
15:36:46.0008 6252 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:46.0008 6252 BrSerWdm - ok
15:36:46.0028 6252 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:46.0028 6252 BrUsbMdm - ok
15:36:46.0048 6252 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:46.0048 6252 BrUsbSer - ok
15:36:46.0068 6252 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:36:46.0078 6252 BTHMODEM - ok
15:36:46.0208 6252 catchme - ok
15:36:46.0418 6252 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:36:46.0428 6252 cdfs - ok
15:36:46.0508 6252 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:36:46.0508 6252 cdrom - ok
15:36:46.0578 6252 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:36:46.0578 6252 circlass - ok
15:36:46.0668 6252 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:36:46.0678 6252 CLFS - ok
15:36:46.0758 6252 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:36:46.0768 6252 CmBatt - ok
15:36:46.0838 6252 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:36:46.0838 6252 cmdide - ok
15:36:47.0068 6252 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:36:47.0078 6252 CNG - ok
15:36:47.0128 6252 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:36:47.0128 6252 Compbatt - ok
15:36:47.0178 6252 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:36:47.0178 6252 CompositeBus - ok
15:36:47.0208 6252 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:36:47.0208 6252 crcdisk - ok
15:36:47.0318 6252 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:36:47.0328 6252 CSC - ok
15:36:47.0568 6252 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:36:47.0578 6252 DfsC - ok
15:36:47.0638 6252 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:36:47.0638 6252 discache - ok
15:36:47.0658 6252 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:36:47.0658 6252 Disk - ok
15:36:47.0758 6252 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
15:36:47.0758 6252 dmvsc - ok
15:36:47.0828 6252 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:36:47.0828 6252 drmkaud - ok
15:36:47.0888 6252 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:36:47.0898 6252 DXGKrnl - ok
15:36:48.0038 6252 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:36:48.0068 6252 ebdrv - ok
15:36:48.0198 6252 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:36:48.0198 6252 eeCtrl - ok
15:36:48.0378 6252 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:36:48.0388 6252 elxstor - ok
15:36:48.0438 6252 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:36:48.0438 6252 EraserUtilRebootDrv - ok
15:36:48.0518 6252 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:36:48.0518 6252 ErrDev - ok
15:36:48.0598 6252 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:36:48.0608 6252 exfat - ok
15:36:48.0698 6252 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:36:48.0698 6252 fastfat - ok
15:36:48.0818 6252 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:36:48.0828 6252 fdc - ok
15:36:48.0868 6252 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:36:48.0868 6252 FileInfo - ok
15:36:49.0008 6252 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:36:49.0008 6252 Filetrace - ok
15:36:49.0048 6252 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:36:49.0048 6252 flpydisk - ok
15:36:49.0088 6252 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:36:49.0088 6252 FltMgr - ok
15:36:49.0118 6252 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:36:49.0128 6252 FsDepends - ok
15:36:49.0138 6252 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:36:49.0138 6252 Fs_Rec - ok
15:36:49.0258 6252 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:36:49.0258 6252 fvevol - ok
15:36:49.0288 6252 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:36:49.0298 6252 gagp30kx - ok
15:36:49.0418 6252 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:36:49.0418 6252 GEARAspiWDM - ok
15:36:49.0448 6252 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:36:49.0448 6252 hcw85cir - ok
15:36:49.0508 6252 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:36:49.0518 6252 HdAudAddService - ok
15:36:49.0528 6252 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:36:49.0538 6252 HDAudBus - ok
15:36:49.0548 6252 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:36:49.0548 6252 HidBatt - ok
15:36:49.0668 6252 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:36:49.0678 6252 HidBth - ok
15:36:49.0748 6252 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:36:49.0768 6252 HidIr - ok
15:36:49.0838 6252 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:36:49.0838 6252 HidUsb - ok
15:36:49.0878 6252 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:36:49.0888 6252 HpSAMD - ok
15:36:49.0918 6252 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:36:49.0928 6252 HTTP - ok
15:36:49.0938 6252 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:36:49.0938 6252 hwpolicy - ok
15:36:50.0038 6252 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:36:50.0048 6252 i8042prt - ok
15:36:50.0128 6252 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:36:50.0138 6252 iaStorV - ok
15:36:50.0578 6252 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120218.003\IDSvia64.sys
15:36:50.0608 6252 IDSVia64 - ok
15:36:50.0828 6252 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:36:50.0828 6252 iirsp - ok
15:36:50.0878 6252 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:36:50.0878 6252 intelide - ok
15:36:50.0928 6252 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:36:50.0938 6252 intelppm - ok
15:36:50.0978 6252 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:50.0988 6252 IpFilterDriver - ok
15:36:51.0058 6252 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:36:51.0058 6252 IPMIDRV - ok
15:36:51.0108 6252 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:36:51.0118 6252 IPNAT - ok
15:36:51.0348 6252 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:36:51.0348 6252 IRENUM - ok
15:36:51.0378 6252 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:36:51.0388 6252 isapnp - ok
15:36:51.0418 6252 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:36:51.0418 6252 iScsiPrt - ok
15:36:51.0538 6252 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:51.0538 6252 kbdclass - ok
15:36:51.0558 6252 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:51.0558 6252 kbdhid - ok
15:36:51.0618 6252 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:36:51.0618 6252 KSecDD - ok
15:36:51.0628 6252 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:36:51.0638 6252 KSecPkg - ok
15:36:51.0898 6252 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:36:51.0898 6252 ksthunk - ok
15:36:51.0948 6252 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
15:36:51.0948 6252 LGBusEnum - ok
15:36:52.0028 6252 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
15:36:52.0028 6252 LGVirHid - ok
15:36:52.0058 6252 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:36:52.0058 6252 lltdio - ok
15:36:52.0098 6252 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:36:52.0108 6252 LSI_FC - ok
15:36:52.0138 6252 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:36:52.0138 6252 LSI_SAS - ok
15:36:52.0308 6252 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:36:52.0328 6252 LSI_SAS2 - ok
15:36:52.0368 6252 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:36:52.0368 6252 LSI_SCSI - ok
15:36:52.0428 6252 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:36:52.0428 6252 luafv - ok
15:36:52.0508 6252 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
15:36:52.0508 6252 MBAMProtector - ok
15:36:52.0578 6252 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:36:52.0578 6252 megasas - ok
15:36:52.0788 6252 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:36:52.0798 6252 MegaSR - ok
15:36:52.0828 6252 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:36:52.0838 6252 Modem - ok
15:36:52.0928 6252 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:36:52.0928 6252 monitor - ok
15:36:52.0948 6252 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:36:52.0948 6252 mouclass - ok
15:36:52.0958 6252 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:36:52.0968 6252 mouhid - ok
15:36:52.0978 6252 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:36:52.0978 6252 mountmgr - ok
15:36:53.0008 6252 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:36:53.0008 6252 mpio - ok
15:36:53.0038 6252 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:36:53.0038 6252 mpsdrv - ok
15:36:53.0188 6252 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:36:53.0198 6252 MRxDAV - ok
15:36:53.0288 6252 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:53.0288 6252 mrxsmb - ok
15:36:53.0348 6252 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:53.0348 6252 mrxsmb10 - ok
15:36:53.0358 6252 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:53.0368 6252 mrxsmb20 - ok
15:36:53.0398 6252 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:36:53.0398 6252 msahci - ok
15:36:53.0428 6252 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:36:53.0428 6252 msdsm - ok
15:36:53.0658 6252 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:36:53.0658 6252 Msfs - ok
15:36:53.0748 6252 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:36:53.0748 6252 mshidkmdf - ok
15:36:53.0758 6252 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:36:53.0758 6252 msisadrv - ok
15:36:53.0798 6252 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:36:53.0798 6252 MSKSSRV - ok
15:36:53.0828 6252 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:53.0828 6252 MSPCLOCK - ok
15:36:53.0848 6252 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:36:53.0848 6252 MSPQM - ok
15:36:53.0868 6252 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:36:53.0878 6252 MsRPC - ok
15:36:53.0898 6252 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:36:53.0898 6252 mssmbios - ok
15:36:53.0968 6252 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:36:53.0968 6252 MSTEE - ok
15:36:53.0998 6252 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:36:53.0998 6252 MTConfig - ok
15:36:54.0108 6252 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
15:36:54.0108 6252 MTsensor - ok
15:36:54.0158 6252 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:36:54.0168 6252 Mup - ok
15:36:54.0198 6252 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:36:54.0208 6252 NativeWifiP - ok
15:36:54.0468 6252 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120222.001\ENG64.SYS
15:36:54.0468 6252 NAVENG - ok
15:36:54.0548 6252 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120222.001\EX64.SYS
15:36:54.0568 6252 NAVEX15 - ok
15:36:54.0769 6252 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:36:54.0779 6252 NDIS - ok
15:36:54.0809 6252 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:54.0819 6252 NdisCap - ok
15:36:54.0849 6252 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:54.0849 6252 NdisTapi - ok
15:36:54.0909 6252 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:54.0909 6252 Ndisuio - ok
15:36:54.0939 6252 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:54.0949 6252 NdisWan - ok
15:36:55.0019 6252 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:36:55.0029 6252 NDProxy - ok
15:36:55.0039 6252 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:36:55.0039 6252 NetBIOS - ok
15:36:55.0189 6252 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:36:55.0189 6252 NetBT - ok
15:36:55.0239 6252 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:36:55.0239 6252 nfrd960 - ok
15:36:55.0269 6252 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:36:55.0269 6252 Npfs - ok
15:36:55.0289 6252 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:36:55.0289 6252 nsiproxy - ok
15:36:55.0429 6252 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:36:55.0449 6252 Ntfs - ok
15:36:55.0539 6252 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:36:55.0539 6252 Null - ok
15:36:55.0589 6252 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:36:55.0589 6252 nvraid - ok
15:36:55.0619 6252 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:36:55.0619 6252 nvstor - ok
15:36:55.0659 6252 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:36:55.0659 6252 nv_agp - ok
15:36:55.0749 6252 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:36:55.0749 6252 ohci1394 - ok
15:36:55.0819 6252 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:36:55.0829 6252 Parport - ok
15:36:55.0839 6252 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:36:55.0839 6252 partmgr - ok
15:36:55.0949 6252 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:36:55.0949 6252 pci - ok
15:36:55.0969 6252 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:36:55.0969 6252 pciide - ok
15:36:55.0989 6252 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:36:55.0999 6252 pcmcia - ok
15:36:56.0009 6252 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:36:56.0009 6252 pcw - ok
15:36:56.0089 6252 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:36:56.0099 6252 PEAUTH - ok
15:36:56.0169 6252 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:36:56.0169 6252 PptpMiniport - ok
15:36:56.0189 6252 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:36:56.0199 6252 Processor - ok
15:36:56.0269 6252 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:36:56.0269 6252 Psched - ok
15:36:56.0349 6252 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:36:56.0369 6252 ql2300 - ok
15:36:56.0499 6252 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:36:56.0499 6252 ql40xx - ok
15:36:56.0529 6252 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:36:56.0529 6252 QWAVEdrv - ok
15:36:56.0549 6252 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:36:56.0559 6252 RasAcd - ok
15:36:56.0669 6252 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:56.0679 6252 RasAgileVpn - ok
15:36:56.0699 6252 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:56.0709 6252 Rasl2tp - ok
15:36:56.0739 6252 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:56.0739 6252 RasPppoe - ok
15:36:56.0769 6252 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:36:56.0769 6252 RasSstp - ok
15:36:56.0929 6252 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:36:56.0929 6252 rdbss - ok
15:36:56.0949 6252 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:36:56.0949 6252 rdpbus - ok
15:36:57.0029 6252 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:57.0029 6252 RDPCDD - ok
15:36:57.0099 6252 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:36:57.0099 6252 RDPDR - ok
15:36:57.0149 6252 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:36:57.0149 6252 RDPENCDD - ok
15:36:57.0159 6252 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:36:57.0169 6252 RDPREFMP - ok
15:36:57.0229 6252 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
15:36:57.0239 6252 RdpVideoMiniport - ok
15:36:57.0369 6252 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:36:57.0379 6252 RDPWD - ok
15:36:57.0499 6252 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:36:57.0499 6252 rdyboost - ok
15:36:57.0599 6252 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:36:57.0599 6252 rspndr - ok
15:36:57.0659 6252 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:36:57.0659 6252 RTL8167 - ok
15:36:57.0769 6252 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:36:57.0769 6252 s3cap - ok
15:36:57.0809 6252 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:36:57.0809 6252 sbp2port - ok
15:36:57.0929 6252 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:36:57.0929 6252 scfilter - ok
15:36:57.0949 6252 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:36:57.0949 6252 secdrv - ok
15:36:58.0039 6252 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:36:58.0039 6252 Serenum - ok
15:36:58.0059 6252 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:36:58.0069 6252 Serial - ok
15:36:58.0099 6252 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:36:58.0099 6252 sermouse - ok
15:36:58.0139 6252 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:36:58.0139 6252 sffdisk - ok
15:36:58.0149 6252 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:36:58.0149 6252 sffp_mmc - ok
15:36:58.0179 6252 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:36:58.0179 6252 sffp_sd - ok
15:36:58.0259 6252 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:36:58.0259 6252 sfloppy - ok
15:36:58.0379 6252 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:36:58.0389 6252 SiSRaid2 - ok
15:36:58.0439 6252 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:36:58.0439 6252 SiSRaid4 - ok
15:36:58.0479 6252 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:36:58.0479 6252 Smb - ok
15:36:58.0529 6252 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:36:58.0529 6252 spldr - ok
15:36:58.0679 6252 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
15:36:58.0689 6252 SRTSP - ok
15:36:58.0789 6252 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
15:36:58.0789 6252 SRTSPX - ok
15:36:58.0959 6252 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:36:58.0969 6252 srv - ok
15:36:59.0019 6252 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:36:59.0029 6252 srv2 - ok
15:36:59.0139 6252 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:36:59.0169 6252 srvnet - ok
15:36:59.0299 6252 SSMO3v2Filter (d1e083d50f354a1840c9df1c62437bc9) C:\Windows\system32\drivers\MO3v2Driver.sys
15:36:59.0299 6252 SSMO3v2Filter - ok
15:36:59.0479 6252 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:36:59.0479 6252 stexstor - ok
15:36:59.0599 6252 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:36:59.0609 6252 storflt - ok
15:36:59.0729 6252 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:36:59.0729 6252 storvsc - ok
15:36:59.0809 6252 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:36:59.0809 6252 swenum - ok
15:37:00.0009 6252 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
15:37:00.0019 6252 SymDS - ok
15:37:00.0129 6252 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
15:37:00.0139 6252 SymEFA - ok
15:37:00.0269 6252 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:37:00.0269 6252 SymEvent - ok
15:37:00.0299 6252 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
15:37:00.0299 6252 SymIRON - ok
15:37:00.0459 6252 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
15:37:00.0469 6252 SymNetS - ok
15:37:00.0609 6252 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
15:37:00.0609 6252 Synth3dVsc - ok
15:37:00.0859 6252 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:37:00.0879 6252 Tcpip - ok
15:37:00.0989 6252 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:37:00.0999 6252 TCPIP6 - ok
15:37:01.0089 6252 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:37:01.0089 6252 tcpipreg - ok
15:37:01.0219 6252 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:37:01.0219 6252 TDPIPE - ok
15:37:01.0309 6252 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:37:01.0309 6252 TDTCP - ok
15:37:01.0339 6252 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:37:01.0339 6252 tdx - ok
15:37:01.0359 6252 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:37:01.0359 6252 TermDD - ok
15:37:01.0419 6252 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
15:37:01.0449 6252 terminpt - ok
15:37:01.0529 6252 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:37:01.0529 6252 tssecsrv - ok
15:37:01.0559 6252 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:37:01.0569 6252 TsUsbFlt - ok
15:37:01.0659 6252 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:37:01.0659 6252 TsUsbGD - ok
15:37:01.0750 6252 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
15:37:01.0750 6252 tsusbhub - ok
15:37:01.0760 6252 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:37:01.0770 6252 tunnel - ok
15:37:01.0770 6252 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:37:01.0780 6252 uagp35 - ok
15:37:01.0800 6252 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:37:01.0800 6252 udfs - ok
15:37:01.0840 6252 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:37:01.0850 6252 uliagpkx - ok
15:37:01.0930 6252 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:37:01.0930 6252 umbus - ok
15:37:01.0990 6252 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:37:01.0990 6252 UmPass - ok
15:37:02.0070 6252 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:37:02.0070 6252 USBAAPL64 - ok
15:37:02.0140 6252 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:37:02.0150 6252 usbaudio - ok
15:37:02.0210 6252 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:37:02.0210 6252 usbccgp - ok
15:37:02.0240 6252 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:37:02.0240 6252 usbcir - ok
15:37:02.0320 6252 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:37:02.0320 6252 usbehci - ok
15:37:02.0450 6252 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:37:02.0460 6252 usbhub - ok
15:37:02.0490 6252 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:37:02.0500 6252 usbohci - ok
15:37:02.0540 6252 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:37:02.0540 6252 usbprint - ok
15:37:02.0590 6252 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:37:02.0590 6252 USBSTOR - ok
15:37:02.0650 6252 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:37:02.0650 6252 usbuhci - ok
15:37:02.0670 6252 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:37:02.0680 6252 vdrvroot - ok
15:37:02.0690 6252 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:37:02.0690 6252 vga - ok
15:37:02.0760 6252 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:37:02.0760 6252 VgaSave - ok
15:37:02.0780 6252 VGPU - ok
15:37:02.0810 6252 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:37:02.0810 6252 vhdmp - ok
15:37:02.0900 6252 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:37:02.0900 6252 viaide - ok
15:37:03.0030 6252 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:37:03.0030 6252 vmbus - ok
15:37:03.0050 6252 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:37:03.0060 6252 VMBusHID - ok
15:37:03.0120 6252 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:37:03.0120 6252 volmgr - ok
15:37:03.0150 6252 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:37:03.0150 6252 volmgrx - ok
15:37:03.0170 6252 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:37:03.0180 6252 volsnap - ok
15:37:03.0210 6252 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:37:03.0210 6252 vsmraid - ok
15:37:03.0270 6252 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:37:03.0300 6252 vwifibus - ok
15:37:03.0400 6252 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:37:03.0400 6252 vwififlt - ok
15:37:03.0430 6252 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:37:03.0430 6252 WacomPen - ok
15:37:03.0490 6252 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:37:03.0490 6252 WANARP - ok
15:37:03.0490 6252 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:37:03.0500 6252 Wanarpv6 - ok
15:37:03.0540 6252 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:37:03.0540 6252 Wd - ok
15:37:03.0610 6252 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
15:37:03.0610 6252 WDC_SAM - ok
15:37:03.0630 6252 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:37:03.0640 6252 Wdf01000 - ok
15:37:03.0880 6252 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:37:03.0890 6252 WfpLwf - ok
15:37:03.0910 6252 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:37:03.0910 6252 WIMMount - ok
15:37:04.0020 6252 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:37:04.0020 6252 WinUsb - ok
15:37:04.0060 6252 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:37:04.0060 6252 WmiAcpi - ok
15:37:04.0100 6252 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:37:04.0100 6252 ws2ifsl - ok
15:37:04.0120 6252 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:37:04.0130 6252 WudfPf - ok
15:37:04.0140 6252 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:37:04.0150 6252 WUDFRd - ok
15:37:04.0190 6252 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
15:37:04.0220 6252 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
15:37:04.0220 6252 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
15:37:04.0240 6252 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:37:04.0240 6252 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:37:04.0250 6252 Boot (0x1200) (de50083bb0a0fd907cf99375837ab4fa) \Device\Harddisk0\DR0\Partition0
15:37:04.0250 6252 \Device\Harddisk0\DR0\Partition0 - ok
15:37:04.0250 6252 ============================================================
15:37:04.0250 6252 Scan finished
15:37:04.0250 6252 ============================================================
15:37:04.0270 2020 Detected object count: 2
15:37:04.0270 2020 Actual detected object count: 2
15:37:25.0461 2020 \Device\Harddisk0\DR0\# - copied to quarantine
15:37:25.0461 2020 \Device\Harddisk0\DR0 - copied to quarantine
15:37:25.0491 2020 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
15:37:25.0521 2020 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
15:37:25.0531 2020 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
15:37:25.0531 2020 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
15:37:25.0531 2020 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
15:37:25.0541 2020 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
15:37:25.0541 2020 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
15:37:25.0541 2020 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
15:37:25.0541 2020 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
15:37:25.0551 2020 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
15:37:25.0551 2020 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
15:37:25.0551 2020 \Device\Harddisk0\DR0\TDLFS\spr.dll - copied to quarantine
15:37:25.0561 2020 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
15:37:25.0591 2020 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
15:37:25.0601 2020 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
15:37:25.0601 2020 \Device\Harddisk0\DR0 - ok
15:37:25.0671 2020 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
15:37:25.0671 2020 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:37:25.0671 2020 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 22 February 2012 - 04:50 PM

Restart the PC

Run TDSSkiller once again,select-DELETE for TDSSfile system

Post the new log

Run aswmbr and post the log

#10 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2012 - 05:09 PM

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-22 15:43:10
-----------------------------
15:43:10.011 OS Version: Windows x64 6.1.7601 Service Pack 1
15:43:10.011 Number of processors: 2 586 0x6B02
15:43:10.021 ComputerName: JOHNNYROCKET-PC UserName: Johnny Rocket
15:43:10.951 Initialze error C000010E - driver not loaded
15:43:16.791 AVAST engine defs: 12022200
15:43:22.902 Service scanning
15:44:09.800 Modules scanning
15:44:09.800 Disk 0 trace - called modules:
15:44:09.800
15:44:10.821 AVAST engine scan C:\Windows
15:44:14.911 AVAST engine scan C:\Windows\system32
15:48:44.566 AVAST engine scan C:\Windows\system32\drivers
15:49:08.790 AVAST engine scan C:\Users\Johnny Rocket
16:02:56.429 AVAST engine scan C:\ProgramData
16:03:14.323 File: C:\ProgramData\Microsoft\Windows\DRM\6B3.tmp **INFECTED** Win32:Malware-gen
16:03:14.390 File: C:\ProgramData\Microsoft\Windows\DRM\6C4.tmp **INFECTED** Win32:Malware-gen
16:04:20.384 Scan finished successfully
16:05:16.073 The log file has been saved successfully to "C:\Users\Johnny Rocket\Documents\aswMBR.txt"


Sorry it took so long to respond. Malware Bytes ended up finishing and found 2 viruses which i fixed with a reboot. Everything seems to be fine except I am still having issues with Firefox redirecting me to weird websites that are completely random. They look like the sites that you end up at if you mistype google or something. TDSSKiller is also asking me to reboot but i am going to wait till you say to cause I dont wanna mess anything up. Thanks again.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 22 February 2012 - 05:17 PM

TDSSKiller is also asking me to reboot but i am going to wait till you say to cause I dont wanna mess anything up. Thanks again.

Restart the PC and run aswmbr again

Post the TDSSkiller and aswmbr logs again(new logs)

#12 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2012 - 05:50 PM

On my reboot I am still getting a message about Windows Malicious Removal Software. Also during my TDSS Scan Malwarebytes has detected a malicious process attempting to start and has blocked the execution attempt. C:\WINDOWS\SVCHOST.EXE TROJEN.AGENT Select option "disable protection""Ignore""Quarentine". I havent clicked an option yet.

16:24:44.0103 4420 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
16:24:44.0836 4420 ============================================================
16:24:44.0836 4420 Current date / time: 2012/02/22 16:24:44.0836
16:24:44.0836 4420 SystemInfo:
16:24:44.0836 4420
16:24:44.0836 4420 OS Version: 6.1.7601 ServicePack: 1.0
16:24:44.0836 4420 Product type: Workstation
16:24:44.0836 4420 ComputerName: JOHNNYROCKET-PC
16:24:44.0836 4420 UserName: Johnny Rocket
16:24:44.0836 4420 Windows directory: C:\Windows
16:24:44.0836 4420 System windows directory: C:\Windows
16:24:44.0836 4420 Running under WOW64
16:24:44.0836 4420 Processor architecture: Intel x64
16:24:44.0836 4420 Number of processors: 2
16:24:44.0836 4420 Page size: 0x1000
16:24:44.0836 4420 Boot type: Normal boot
16:24:44.0836 4420 ============================================================
16:24:47.0613 4420 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:24:47.0675 4420 \Device\Harddisk0\DR0:
16:24:47.0691 4420 MBR used
16:24:47.0691 4420 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
16:24:47.0769 4420 Initialize success
16:24:47.0769 4420 ============================================================
16:25:07.0815 1636 ============================================================
16:25:07.0815 1636 Scan started
16:25:07.0815 1636 Mode: Manual;
16:25:07.0815 1636 ============================================================
16:25:09.0687 1636 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:25:09.0702 1636 1394ohci - ok
16:25:09.0796 1636 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:25:09.0812 1636 ACPI - ok
16:25:10.0155 1636 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:25:10.0170 1636 AcpiPmi - ok
16:25:10.0217 1636 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:25:10.0217 1636 adp94xx - ok
16:25:10.0467 1636 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:25:10.0467 1636 adpahci - ok
16:25:10.0654 1636 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:25:10.0685 1636 adpu320 - ok
16:25:11.0091 1636 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\Windows\system32\DRIVERS\ae1000w7.sys
16:25:11.0091 1636 AE1000 - ok
16:25:11.0496 1636 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:25:11.0496 1636 AFD - ok
16:25:11.0668 1636 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:25:11.0684 1636 agp440 - ok
16:25:11.0840 1636 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:25:11.0840 1636 aliide - ok
16:25:11.0855 1636 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:25:11.0871 1636 amdide - ok
16:25:11.0886 1636 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:25:11.0886 1636 AmdK8 - ok
16:25:11.0918 1636 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:25:11.0933 1636 AmdPPM - ok
16:25:11.0980 1636 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:25:11.0980 1636 amdsata - ok
16:25:12.0058 1636 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:25:12.0120 1636 amdsbs - ok
16:25:12.0152 1636 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:25:12.0152 1636 amdxata - ok
16:25:12.0292 1636 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:25:12.0308 1636 AppID - ok
16:25:12.0526 1636 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:25:12.0588 1636 arc - ok
16:25:12.0838 1636 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:25:12.0838 1636 arcsas - ok
16:25:13.0025 1636 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:25:13.0072 1636 AsyncMac - ok
16:25:13.0337 1636 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:25:13.0337 1636 atapi - ok
16:25:14.0304 1636 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\DRIVERS\atikmdag.sys
16:25:14.0398 1636 atikmdag - ok
16:25:14.0726 1636 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:25:14.0726 1636 b06bdrv - ok
16:25:14.0788 1636 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:25:14.0788 1636 b57nd60a - ok
16:25:15.0334 1636 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:25:15.0350 1636 Beep - ok
16:25:15.0880 1636 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
16:25:15.0880 1636 BHDrvx64 - ok
16:25:16.0286 1636 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:25:16.0286 1636 blbdrive - ok
16:25:16.0457 1636 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:25:16.0457 1636 bowser - ok
16:25:16.0925 1636 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:25:16.0956 1636 BrFiltLo - ok
16:25:17.0144 1636 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:25:17.0159 1636 BrFiltUp - ok
16:25:17.0565 1636 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:25:17.0612 1636 BridgeMP - ok
16:25:18.0111 1636 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:25:18.0126 1636 Brserid - ok
16:25:18.0314 1636 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:25:18.0329 1636 BrSerWdm - ok
16:25:18.0438 1636 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:25:18.0438 1636 BrUsbMdm - ok
16:25:18.0563 1636 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:25:18.0563 1636 BrUsbSer - ok
16:25:18.0641 1636 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:25:18.0657 1636 BTHMODEM - ok
16:25:18.0953 1636 catchme - ok
16:25:19.0499 1636 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:25:19.0499 1636 cdfs - ok
16:25:19.0577 1636 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:25:19.0624 1636 cdrom - ok
16:25:19.0655 1636 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:25:19.0686 1636 circlass - ok
16:25:20.0092 1636 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:25:20.0108 1636 CLFS - ok
16:25:20.0451 1636 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:25:20.0466 1636 CmBatt - ok
16:25:20.0607 1636 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:25:20.0607 1636 cmdide - ok
16:25:20.0966 1636 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:25:20.0981 1636 CNG - ok
16:25:21.0044 1636 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:25:21.0075 1636 Compbatt - ok
16:25:21.0168 1636 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:25:21.0215 1636 CompositeBus - ok
16:25:21.0636 1636 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:25:21.0699 1636 crcdisk - ok
16:25:22.0151 1636 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:25:22.0214 1636 CSC - ok
16:25:22.0541 1636 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:25:22.0541 1636 DfsC - ok
16:25:22.0822 1636 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:25:22.0822 1636 discache - ok
16:25:22.0853 1636 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:25:22.0853 1636 Disk - ok
16:25:22.0916 1636 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
16:25:22.0931 1636 dmvsc - ok
16:25:23.0290 1636 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:25:23.0306 1636 drmkaud - ok
16:25:23.0555 1636 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:25:23.0555 1636 DXGKrnl - ok
16:25:23.0898 1636 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:25:23.0961 1636 ebdrv - ok
16:25:24.0257 1636 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:25:24.0257 1636 eeCtrl - ok
16:25:24.0819 1636 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:25:24.0850 1636 elxstor - ok
16:25:25.0121 1636 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:25:25.0121 1636 EraserUtilRebootDrv - ok
16:25:25.0421 1636 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:25:25.0451 1636 ErrDev - ok
16:25:25.0872 1636 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:25:25.0919 1636 exfat - ok
16:25:26.0450 1636 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:25:26.0450 1636 fastfat - ok
16:25:26.0949 1636 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:25:26.0964 1636 fdc - ok
16:25:26.0996 1636 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:25:26.0996 1636 FileInfo - ok
16:25:27.0011 1636 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:25:27.0011 1636 Filetrace - ok
16:25:27.0042 1636 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:25:27.0042 1636 flpydisk - ok
16:25:27.0292 1636 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:25:27.0354 1636 FltMgr - ok
16:25:27.0760 1636 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:25:27.0760 1636 FsDepends - ok
16:25:28.0150 1636 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:25:28.0150 1636 Fs_Rec - ok
16:25:28.0166 1636 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:25:28.0181 1636 fvevol - ok
16:25:28.0368 1636 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:25:28.0384 1636 gagp30kx - ok
16:25:28.0712 1636 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:25:28.0712 1636 GEARAspiWDM - ok
16:25:28.0992 1636 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:25:29.0024 1636 hcw85cir - ok
16:25:29.0398 1636 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:25:29.0398 1636 HdAudAddService - ok
16:25:29.0788 1636 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:25:29.0788 1636 HDAudBus - ok
16:25:29.0804 1636 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:25:29.0804 1636 HidBatt - ok
16:25:29.0835 1636 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:25:29.0850 1636 HidBth - ok
16:25:30.0240 1636 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:25:30.0240 1636 HidIr - ok
16:25:30.0303 1636 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:25:30.0303 1636 HidUsb - ok
16:25:30.0334 1636 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:25:30.0334 1636 HpSAMD - ok
16:25:30.0599 1636 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:25:30.0615 1636 HTTP - ok
16:25:30.0942 1636 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:25:30.0942 1636 hwpolicy - ok
16:25:31.0239 1636 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:25:31.0239 1636 i8042prt - ok
16:25:31.0551 1636 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:25:31.0629 1636 iaStorV - ok
16:25:32.0268 1636 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120218.003\IDSvia64.sys
16:25:32.0268 1636 IDSVia64 - ok
16:25:32.0549 1636 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:25:32.0596 1636 iirsp - ok
16:25:32.0627 1636 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:25:32.0627 1636 intelide - ok
16:25:32.0690 1636 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:25:32.0690 1636 intelppm - ok
16:25:32.0736 1636 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:25:32.0752 1636 IpFilterDriver - ok
16:25:33.0314 1636 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:25:33.0314 1636 IPMIDRV - ok
16:25:33.0548 1636 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:25:33.0548 1636 IPNAT - ok
16:25:33.0594 1636 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:25:33.0594 1636 IRENUM - ok
16:25:33.0641 1636 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:25:33.0672 1636 isapnp - ok
16:25:33.0860 1636 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:25:33.0891 1636 iScsiPrt - ok
16:25:34.0328 1636 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:25:34.0328 1636 kbdclass - ok
16:25:34.0468 1636 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:25:34.0499 1636 kbdhid - ok
16:25:34.0858 1636 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:25:34.0905 1636 KSecDD - ok
16:25:35.0186 1636 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:25:35.0186 1636 KSecPkg - ok
16:25:35.0264 1636 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:25:35.0279 1636 ksthunk - ok
16:25:35.0388 1636 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
16:25:35.0388 1636 LGBusEnum - ok
16:25:35.0482 1636 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
16:25:35.0482 1636 LGVirHid - ok
16:25:35.0591 1636 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:25:35.0622 1636 lltdio - ok
16:25:35.0700 1636 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:25:35.0732 1636 LSI_FC - ok
16:25:35.0763 1636 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:25:35.0763 1636 LSI_SAS - ok
16:25:35.0794 1636 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:25:35.0794 1636 LSI_SAS2 - ok
16:25:36.0137 1636 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:25:36.0137 1636 LSI_SCSI - ok
16:25:36.0168 1636 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:25:36.0200 1636 luafv - ok
16:25:36.0293 1636 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
16:25:36.0293 1636 MBAMProtector - ok
16:25:36.0418 1636 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:25:36.0465 1636 megasas - ok
16:25:36.0808 1636 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:25:36.0808 1636 MegaSR - ok
16:25:37.0276 1636 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:25:37.0292 1636 Modem - ok
16:25:37.0354 1636 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:25:37.0370 1636 monitor - ok
16:25:37.0416 1636 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:25:37.0416 1636 mouclass - ok
16:25:37.0635 1636 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:25:37.0650 1636 mouhid - ok
16:25:37.0666 1636 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:25:37.0666 1636 mountmgr - ok
16:25:37.0822 1636 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:25:37.0853 1636 mpio - ok
16:25:38.0181 1636 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:25:38.0228 1636 mpsdrv - ok
16:25:38.0306 1636 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:25:38.0306 1636 MRxDAV - ok
16:25:38.0446 1636 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:25:38.0446 1636 mrxsmb - ok
16:25:38.0508 1636 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:25:38.0524 1636 mrxsmb10 - ok
16:25:39.0039 1636 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:25:39.0054 1636 mrxsmb20 - ok
16:25:39.0101 1636 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:25:39.0101 1636 msahci - ok
16:25:39.0132 1636 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:25:39.0132 1636 msdsm - ok
16:25:39.0647 1636 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:25:39.0647 1636 Msfs - ok
16:25:39.0678 1636 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:25:39.0678 1636 mshidkmdf - ok
16:25:39.0694 1636 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:25:39.0694 1636 msisadrv - ok
16:25:40.0256 1636 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:25:40.0287 1636 MSKSSRV - ok
16:25:40.0302 1636 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:25:40.0318 1636 MSPCLOCK - ok
16:25:40.0334 1636 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:25:40.0334 1636 MSPQM - ok
16:25:40.0380 1636 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:25:40.0380 1636 MsRPC - ok
16:25:40.0412 1636 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:25:40.0412 1636 mssmbios - ok
16:25:40.0427 1636 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:25:40.0427 1636 MSTEE - ok
16:25:40.0458 1636 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:25:40.0474 1636 MTConfig - ok
16:25:40.0521 1636 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
16:25:40.0552 1636 MTsensor - ok
16:25:40.0646 1636 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:25:40.0646 1636 Mup - ok
16:25:41.0036 1636 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:25:41.0051 1636 NativeWifiP - ok
16:25:41.0426 1636 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120222.001\ENG64.SYS
16:25:41.0426 1636 NAVENG - ok
16:25:41.0862 1636 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120222.001\EX64.SYS
16:25:41.0878 1636 NAVEX15 - ok
16:25:42.0393 1636 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:25:42.0393 1636 NDIS - ok
16:25:42.0736 1636 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:25:42.0752 1636 NdisCap - ok
16:25:42.0892 1636 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:25:42.0892 1636 NdisTapi - ok
16:25:43.0110 1636 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:25:43.0110 1636 Ndisuio - ok
16:25:43.0313 1636 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:25:43.0313 1636 NdisWan - ok
16:25:43.0500 1636 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:25:43.0500 1636 NDProxy - ok
16:25:43.0532 1636 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:25:43.0547 1636 NetBIOS - ok
16:25:44.0000 1636 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:25:44.0031 1636 NetBT - ok
16:25:44.0343 1636 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:25:44.0358 1636 nfrd960 - ok
16:25:44.0390 1636 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:25:44.0405 1636 Npfs - ok
16:25:44.0468 1636 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:25:44.0483 1636 nsiproxy - ok
16:25:44.0967 1636 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:25:45.0045 1636 Ntfs - ok
16:25:45.0591 1636 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:25:45.0622 1636 Null - ok
16:25:45.0840 1636 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:25:45.0965 1636 nvraid - ok
16:25:46.0433 1636 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:25:46.0449 1636 nvstor - ok
16:25:46.0589 1636 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:25:46.0605 1636 nv_agp - ok
16:25:47.0088 1636 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:25:47.0088 1636 ohci1394 - ok
16:25:47.0369 1636 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:25:47.0385 1636 Parport - ok
16:25:47.0525 1636 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:25:47.0525 1636 partmgr - ok
16:25:48.0024 1636 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:25:48.0024 1636 pci - ok
16:25:48.0212 1636 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:25:48.0212 1636 pciide - ok
16:25:48.0274 1636 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:25:48.0274 1636 pcmcia - ok
16:25:48.0305 1636 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:25:48.0305 1636 pcw - ok
16:25:48.0524 1636 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:25:48.0524 1636 PEAUTH - ok
16:25:48.0726 1636 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:25:48.0726 1636 PptpMiniport - ok
16:25:48.0773 1636 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:25:48.0773 1636 Processor - ok
16:25:49.0054 1636 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:25:49.0070 1636 Psched - ok
16:25:49.0257 1636 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:25:49.0319 1636 ql2300 - ok
16:25:49.0522 1636 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:25:49.0522 1636 ql40xx - ok
16:25:49.0631 1636 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:25:49.0647 1636 QWAVEdrv - ok
16:25:49.0678 1636 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:25:49.0694 1636 RasAcd - ok
16:25:49.0865 1636 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:49.0896 1636 RasAgileVpn - ok
16:25:50.0037 1636 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:50.0037 1636 Rasl2tp - ok
16:25:50.0162 1636 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:50.0162 1636 RasPppoe - ok
16:25:50.0302 1636 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:25:50.0302 1636 RasSstp - ok
16:25:50.0598 1636 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:25:50.0598 1636 rdbss - ok
16:25:50.0739 1636 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:25:50.0770 1636 rdpbus - ok
16:25:50.0926 1636 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:50.0926 1636 RDPCDD - ok
16:25:51.0129 1636 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:25:51.0144 1636 RDPDR - ok
16:25:51.0347 1636 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:25:51.0363 1636 RDPENCDD - ok
16:25:51.0519 1636 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:25:51.0519 1636 RDPREFMP - ok
16:25:51.0597 1636 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:51.0597 1636 RdpVideoMiniport - ok
16:25:51.0659 1636 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:25:51.0675 1636 RDPWD - ok
16:25:51.0753 1636 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:25:51.0768 1636 rdyboost - ok
16:25:52.0096 1636 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:25:52.0096 1636 rspndr - ok
16:25:52.0174 1636 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:25:52.0174 1636 RTL8167 - ok
16:25:52.0314 1636 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:25:52.0314 1636 s3cap - ok
16:25:52.0689 1636 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:25:52.0689 1636 sbp2port - ok
16:25:52.0923 1636 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:25:52.0923 1636 scfilter - ok
16:25:53.0157 1636 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:25:53.0157 1636 secdrv - ok
16:25:53.0438 1636 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:25:53.0438 1636 Serenum - ok
16:25:53.0796 1636 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:25:53.0796 1636 Serial - ok
16:25:53.0906 1636 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:25:53.0921 1636 sermouse - ok
16:25:53.0968 1636 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:25:53.0968 1636 sffdisk - ok
16:25:53.0984 1636 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:25:53.0984 1636 sffp_mmc - ok
16:25:54.0296 1636 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:25:54.0296 1636 sffp_sd - ok
16:25:54.0342 1636 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:25:54.0342 1636 sfloppy - ok
16:25:54.0467 1636 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:25:54.0467 1636 SiSRaid2 - ok
16:25:54.0561 1636 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:25:54.0561 1636 SiSRaid4 - ok
16:25:54.0717 1636 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:25:54.0717 1636 Smb - ok
16:25:54.0779 1636 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:25:54.0779 1636 spldr - ok
16:25:55.0185 1636 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
16:25:55.0185 1636 SRTSP - ok
16:25:55.0497 1636 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
16:25:55.0497 1636 SRTSPX - ok
16:25:55.0731 1636 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:25:55.0762 1636 srv - ok
16:25:55.0965 1636 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:25:55.0965 1636 srv2 - ok
16:25:56.0012 1636 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:25:56.0012 1636 srvnet - ok
16:25:56.0183 1636 SSMO3v2Filter (d1e083d50f354a1840c9df1c62437bc9) C:\Windows\system32\drivers\MO3v2Driver.sys
16:25:56.0183 1636 SSMO3v2Filter - ok
16:25:56.0417 1636 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:25:56.0464 1636 stexstor - ok
16:25:56.0620 1636 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
16:25:56.0620 1636 storflt - ok
16:25:56.0729 1636 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:25:56.0729 1636 storvsc - ok
16:25:56.0916 1636 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:25:56.0916 1636 swenum - ok
16:25:57.0182 1636 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
16:25:57.0213 1636 SymDS - ok
16:25:57.0556 1636 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
16:25:57.0572 1636 SymEFA - ok
16:25:57.0930 1636 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:25:57.0930 1636 SymEvent - ok
16:25:58.0414 1636 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
16:25:58.0414 1636 SymIRON - ok
16:25:58.0586 1636 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
16:25:58.0586 1636 SymNetS - ok
16:25:58.0679 1636 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
16:25:58.0679 1636 Synth3dVsc - ok
16:25:59.0038 1636 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:25:59.0069 1636 Tcpip - ok
16:25:59.0350 1636 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:25:59.0366 1636 TCPIP6 - ok
16:25:59.0584 1636 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:25:59.0584 1636 tcpipreg - ok
16:25:59.0615 1636 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:25:59.0615 1636 TDPIPE - ok
16:25:59.0662 1636 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:25:59.0662 1636 TDTCP - ok
16:25:59.0693 1636 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:25:59.0709 1636 tdx - ok
16:25:59.0740 1636 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:25:59.0740 1636 TermDD - ok
16:25:59.0818 1636 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
16:25:59.0849 1636 terminpt - ok
16:25:59.0927 1636 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:59.0927 1636 tssecsrv - ok
16:25:59.0958 1636 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:25:59.0958 1636 TsUsbFlt - ok
16:25:59.0990 1636 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:25:59.0990 1636 TsUsbGD - ok
16:26:00.0068 1636 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
16:26:00.0114 1636 tsusbhub - ok
16:26:00.0364 1636 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:26:00.0380 1636 tunnel - ok
16:26:00.0551 1636 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:26:00.0551 1636 uagp35 - ok
16:26:00.0582 1636 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:26:00.0598 1636 udfs - ok
16:26:00.0660 1636 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:26:00.0676 1636 uliagpkx - ok
16:26:00.0957 1636 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:26:00.0957 1636 umbus - ok
16:26:00.0988 1636 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:26:00.0988 1636 UmPass - ok
16:26:01.0097 1636 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:26:01.0097 1636 USBAAPL64 - ok
16:26:01.0581 1636 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:26:01.0596 1636 usbaudio - ok
16:26:02.0080 1636 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:26:02.0080 1636 usbccgp - ok
16:26:02.0283 1636 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:26:02.0298 1636 usbcir - ok
16:26:02.0392 1636 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:26:02.0423 1636 usbehci - ok
16:26:02.0517 1636 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:26:02.0532 1636 usbhub - ok
16:26:03.0016 1636 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:26:03.0047 1636 usbohci - ok
16:26:03.0359 1636 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:26:03.0453 1636 usbprint - ok
16:26:03.0609 1636 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:26:03.0624 1636 USBSTOR - ok
16:26:03.0905 1636 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:26:03.0968 1636 usbuhci - ok
16:26:04.0108 1636 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:26:04.0108 1636 vdrvroot - ok
16:26:04.0514 1636 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:26:04.0514 1636 vga - ok
16:26:04.0685 1636 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:26:04.0685 1636 VgaSave - ok
16:26:04.0716 1636 VGPU - ok
16:26:04.0732 1636 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:26:04.0748 1636 vhdmp - ok
16:26:04.0779 1636 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:26:04.0779 1636 viaide - ok
16:26:04.0904 1636 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
16:26:04.0904 1636 vmbus - ok
16:26:04.0919 1636 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:26:04.0950 1636 VMBusHID - ok
16:26:05.0028 1636 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:26:05.0028 1636 volmgr - ok
16:26:05.0153 1636 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:26:05.0200 1636 volmgrx - ok
16:26:06.0292 1636 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:26:06.0292 1636 volsnap - ok
16:26:06.0417 1636 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:26:06.0417 1636 vsmraid - ok
16:26:06.0464 1636 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:26:06.0464 1636 vwifibus - ok
16:26:06.0604 1636 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:26:06.0604 1636 vwififlt - ok
16:26:06.0635 1636 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:26:06.0635 1636 WacomPen - ok
16:26:06.0698 1636 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:26:06.0698 1636 WANARP - ok
16:26:06.0698 1636 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:26:06.0698 1636 Wanarpv6 - ok
16:26:06.0869 1636 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:26:06.0869 1636 Wd - ok
16:26:06.0932 1636 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:26:06.0947 1636 WDC_SAM - ok
16:26:06.0994 1636 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:26:07.0010 1636 Wdf01000 - ok
16:26:07.0244 1636 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:26:07.0275 1636 WfpLwf - ok
16:26:07.0384 1636 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:26:07.0384 1636 WIMMount - ok
16:26:07.0743 1636 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:26:07.0743 1636 WinUsb - ok
16:26:07.0899 1636 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:26:07.0914 1636 WmiAcpi - ok
16:26:08.0398 1636 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:26:08.0398 1636 ws2ifsl - ok
16:26:08.0663 1636 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:26:08.0679 1636 WudfPf - ok
16:26:08.0710 1636 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:26:08.0710 1636 WUDFRd - ok
16:26:08.0804 1636 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:26:08.0835 1636 \Device\Harddisk0\DR0 - ok
16:26:08.0835 1636 Boot (0x1200) (de50083bb0a0fd907cf99375837ab4fa) \Device\Harddisk0\DR0\Partition0
16:26:08.0835 1636 \Device\Harddisk0\DR0\Partition0 - ok
16:26:08.0835 1636 ============================================================
16:26:08.0835 1636 Scan finished
16:26:08.0835 1636 ============================================================
16:26:08.0850 2772 Detected object count: 0
16:26:08.0850 2772 Actual detected object count: 0

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-22 16:29:01
-----------------------------
16:29:01.047 OS Version: Windows x64 6.1.7601 Service Pack 1
16:29:01.047 Number of processors: 2 586 0x6B02
16:29:01.047 ComputerName: JOHNNYROCKET-PC UserName: Johnny Rocket
16:29:02.967 Initialize success
16:29:11.890 AVAST engine defs: 12022200
16:29:20.502 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-7
16:29:20.502 Disk 0 Vendor: Hitachi_HDP725032GLA360 GM3OA52A Size: 305245MB BusType: 3
16:29:20.517 Disk 0 MBR read successfully
16:29:20.517 Disk 0 MBR scan
16:29:20.517 Disk 0 Windows 7 default MBR code
16:29:20.533 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
16:29:20.548 Disk 0 scanning C:\Windows\system32\drivers
16:29:32.919 Service scanning
16:30:11.654 Modules scanning
16:30:11.654 Disk 0 trace - called modules:
16:30:11.670 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:30:11.670 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800490b3c0]
16:30:11.670 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8003a14580]
16:30:11.670 5 ACPI.sys[fffff88000edf7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-7[0xfffffa80046a7060]
16:30:12.637 AVAST engine scan C:\Windows
16:30:15.991 AVAST engine scan C:\Windows\system32
16:34:30.776 AVAST engine scan C:\Windows\system32\drivers
16:34:52.477 AVAST engine scan C:\Users\Johnny Rocket
16:48:11.772 AVAST engine scan C:\ProgramData
16:48:27.935 File: C:\ProgramData\Microsoft\Windows\DRM\6B3.tmp **INFECTED** Win32:Malware-gen
16:48:27.966 File: C:\ProgramData\Microsoft\Windows\DRM\6C4.tmp **INFECTED** Win32:Malware-gen
16:49:34.565 Scan finished successfully
16:50:00.118 Disk 0 MBR has been saved successfully to "C:\Users\Johnny Rocket\Documents\MBR.dat"
16:50:00.118 The log file has been saved successfully to "C:\Users\Johnny Rocket\Documents\aswMBR2.txt"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 22 February 2012 - 06:03 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#14 iyaayashua

iyaayashua
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 22 February 2012 - 06:23 PM

on the malware bytes...do you want me to run it and reboot if it finds something...then run it again after reboot and repeat until i get a clean log?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:42 PM

Posted 22 February 2012 - 06:56 PM

No need ,if any infections reoccur on each scan,reboot and scan again

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users