Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

winrscmde stopped working and more


  • Please log in to reply
3 replies to this topic

#1 saasha17

saasha17

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 28 February 2012 - 02:24 PM

I get this error pop up and if i close it and not minimise it, it keeps popping up "winrscmde stopped working"

and also i get others for real player, etc etc that say "------ stopped working" so if my laptop stays on, it keeps showing these pop ups and then sometimes it shut downs and restarts and then boots and comes to the desktop screen and then restarts again...

Please help!!


Thank you

Edited by Orange Blossom, 29 February 2012 - 05:19 AM.
Moved to AII from Vista. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:34 AM

Posted 29 February 2012 - 07:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 saasha17

saasha17
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 01 March 2012 - 10:04 PM

tdskill

19:40:45.0589 6904 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
19:40:45.0930 6904 ============================================================
19:40:45.0930 6904 Current date / time: 2012/03/01 19:40:45.0930
19:40:45.0930 6904 SystemInfo:
19:40:45.0930 6904
19:40:45.0930 6904 OS Version: 6.0.6002 ServicePack: 2.0
19:40:45.0930 6904 Product type: Workstation
19:40:45.0930 6904 ComputerName: MANASA-PC
19:40:45.0931 6904 UserName: manasa
19:40:45.0931 6904 Windows directory: C:\Windows
19:40:45.0931 6904 System windows directory: C:\Windows
19:40:45.0931 6904 Running under WOW64
19:40:45.0931 6904 Processor architecture: Intel x64
19:40:45.0931 6904 Number of processors: 2
19:40:45.0931 6904 Page size: 0x1000
19:40:45.0931 6904 Boot type: Normal boot
19:40:45.0931 6904 ============================================================
19:40:49.0510 6904 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:49.0523 6904 \Device\Harddisk0\DR0:
19:40:49.0523 6904 MBR used
19:40:49.0523 6904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1496000, BlocksNum 0x1BD2F000
19:40:49.0569 6904 Initialize success
19:40:49.0569 6904 ============================================================
19:41:02.0652 3364 ============================================================
19:41:02.0653 3364 Scan started
19:41:02.0653 3364 Mode: Manual; TDLFS;
19:41:02.0653 3364 ============================================================
19:41:04.0915 3364 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:41:05.0125 3364 ACPI - ok
19:41:06.0095 3364 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:41:06.0110 3364 adp94xx - ok
19:41:06.0224 3364 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:41:06.0235 3364 adpahci - ok
19:41:06.0340 3364 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:41:06.0344 3364 adpu160m - ok
19:41:06.0416 3364 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:41:06.0423 3364 adpu320 - ok
19:41:06.0589 3364 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:41:06.0603 3364 AFD - ok
19:41:06.0648 3364 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:41:06.0651 3364 agp440 - ok
19:41:06.0686 3364 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:41:06.0689 3364 aic78xx - ok
19:41:06.0786 3364 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:41:06.0788 3364 aliide - ok
19:41:06.0840 3364 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:41:06.0842 3364 amdide - ok
19:41:06.0873 3364 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:41:06.0877 3364 AmdK8 - ok
19:41:06.0916 3364 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:41:06.0920 3364 arc - ok
19:41:07.0022 3364 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:41:07.0026 3364 arcsas - ok
19:41:07.0081 3364 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:41:07.0084 3364 AsyncMac - ok
19:41:07.0106 3364 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:41:07.0107 3364 atapi - ok
19:41:07.0271 3364 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
19:41:07.0275 3364 AVGIDSDriver - ok
19:41:07.0309 3364 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:41:07.0310 3364 AVGIDSEH - ok
19:41:07.0338 3364 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
19:41:07.0341 3364 AVGIDSFilter - ok
19:41:07.0448 3364 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
19:41:07.0457 3364 Avgldx64 - ok
19:41:07.0554 3364 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:41:07.0556 3364 Avgmfx64 - ok
19:41:07.0625 3364 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:41:07.0627 3364 Avgrkx64 - ok
19:41:07.0660 3364 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
19:41:07.0671 3364 Avgtdia - ok
19:41:07.0828 3364 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:41:07.0831 3364 blbdrive - ok
19:41:07.0959 3364 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:41:07.0961 3364 bowser - ok
19:41:08.0063 3364 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:41:08.0065 3364 BrFiltLo - ok
19:41:08.0121 3364 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:41:08.0152 3364 BrFiltUp - ok
19:41:08.0222 3364 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:41:08.0226 3364 Brserid - ok
19:41:08.0320 3364 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:41:08.0323 3364 BrSerWdm - ok
19:41:08.0370 3364 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:41:08.0372 3364 BrUsbMdm - ok
19:41:08.0402 3364 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:41:08.0405 3364 BrUsbSer - ok
19:41:08.0505 3364 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
19:41:08.0507 3364 BthEnum - ok
19:41:08.0572 3364 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:41:08.0574 3364 BTHMODEM - ok
19:41:08.0653 3364 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
19:41:08.0656 3364 BthPan - ok
19:41:08.0723 3364 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
19:41:08.0739 3364 BTHPORT - ok
19:41:08.0877 3364 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
19:41:08.0879 3364 BTHUSB - ok
19:41:08.0931 3364 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:41:08.0933 3364 cdfs - ok
19:41:08.0959 3364 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:41:08.0962 3364 cdrom - ok
19:41:09.0050 3364 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:41:09.0052 3364 circlass - ok
19:41:09.0148 3364 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:41:09.0155 3364 CLFS - ok
19:41:09.0292 3364 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
19:41:09.0295 3364 CmBatt - ok
19:41:09.0348 3364 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:41:09.0351 3364 cmdide - ok
19:41:09.0384 3364 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
19:41:09.0385 3364 Compbatt - ok
19:41:09.0485 3364 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:41:09.0486 3364 crcdisk - ok
19:41:09.0519 3364 cvintdrv - ok
19:41:09.0571 3364 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:41:09.0574 3364 DfsC - ok
19:41:09.0674 3364 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:41:09.0676 3364 disk - ok
19:41:09.0698 3364 DMICall - ok
19:41:09.0843 3364 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:41:09.0845 3364 drmkaud - ok
19:41:10.0006 3364 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:41:10.0030 3364 DXGKrnl - ok
19:41:10.0132 3364 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:41:10.0138 3364 E1G60 - ok
19:41:10.0209 3364 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:41:10.0213 3364 Ecache - ok
19:41:10.0364 3364 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:41:10.0377 3364 elxstor - ok
19:41:10.0493 3364 ErrDev (c2d322c84530db37d3e8e1c7e011bf16) C:\Windows\system32\drivers\errdev.sys
19:41:10.0495 3364 ErrDev - ok
19:41:10.0630 3364 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:41:10.0637 3364 exfat - ok
19:41:10.0719 3364 EyeOne (5c4219c10b5887dff85e1d2779aed55b) C:\Windows\system32\Drivers\i1_x64.sys
19:41:10.0740 3364 EyeOne - ok
19:41:10.0803 3364 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:41:10.0811 3364 fastfat - ok
19:41:10.0903 3364 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:41:10.0906 3364 fdc - ok
19:41:11.0001 3364 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:41:11.0003 3364 FileInfo - ok
19:41:11.0185 3364 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:41:11.0188 3364 Filetrace - ok
19:41:11.0224 3364 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:41:11.0227 3364 flpydisk - ok
19:41:11.0308 3364 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:41:11.0316 3364 FltMgr - ok
19:41:11.0435 3364 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
19:41:11.0438 3364 Fs_Rec - ok
19:41:11.0567 3364 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:41:11.0571 3364 gagp30kx - ok
19:41:11.0622 3364 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:41:11.0625 3364 GEARAspiWDM - ok
19:41:11.0826 3364 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
19:41:11.0836 3364 HdAudAddService - ok
19:41:11.0941 3364 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:11.0965 3364 HDAudBus - ok
19:41:12.0061 3364 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:41:12.0064 3364 HidBth - ok
19:41:12.0127 3364 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:41:12.0129 3364 HidIr - ok
19:41:12.0218 3364 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:41:12.0221 3364 HidUsb - ok
19:41:12.0320 3364 HpCISSs (a27e8af2caac5e2693e6d4e2fce9b54f) C:\Windows\system32\drivers\hpcisss.sys
19:41:12.0324 3364 HpCISSs - ok
19:41:12.0380 3364 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:41:12.0389 3364 HSFHWAZL - ok
19:41:12.0497 3364 HSF_DPV (e6cd7f641916484b0141d191a390d866) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:41:12.0567 3364 HSF_DPV - ok
19:41:12.0674 3364 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:41:12.0691 3364 HTTP - ok
19:41:12.0794 3364 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:41:12.0796 3364 i2omp - ok
19:41:12.0846 3364 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:41:12.0849 3364 i8042prt - ok
19:41:12.0904 3364 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:41:12.0913 3364 iaStorV - ok
19:41:12.0999 3364 ICDUSB3 (55836a07c030748b47c613dc30f724d5) C:\Windows\system32\Drivers\ICDUSB3.sys
19:41:13.0002 3364 ICDUSB3 - ok
19:41:13.0350 3364 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:41:13.0445 3364 igfx - ok
19:41:13.0627 3364 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:41:13.0630 3364 iirsp - ok
19:41:13.0687 3364 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:41:13.0690 3364 intelide - ok
19:41:13.0718 3364 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:41:13.0719 3364 intelppm - ok
19:41:13.0766 3364 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:13.0770 3364 IpFilterDriver - ok
19:41:13.0821 3364 IpInIp - ok
19:41:13.0926 3364 IPMIDRV (e41dd7038db14ae9d35b47b10bdce58a) C:\Windows\system32\drivers\ipmidrv.sys
19:41:13.0930 3364 IPMIDRV - ok
19:41:13.0990 3364 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:41:13.0995 3364 IPNAT - ok
19:41:14.0028 3364 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:41:14.0031 3364 IRENUM - ok
19:41:14.0151 3364 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:41:14.0154 3364 isapnp - ok
19:41:14.0210 3364 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:41:14.0216 3364 iScsiPrt - ok
19:41:14.0245 3364 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:41:14.0248 3364 iteatapi - ok
19:41:14.0344 3364 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:41:14.0346 3364 iteraid - ok
19:41:14.0402 3364 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:14.0405 3364 kbdclass - ok
19:41:14.0435 3364 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:41:14.0438 3364 kbdhid - ok
19:41:14.0542 3364 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
19:41:14.0567 3364 KSecDD - ok
19:41:14.0674 3364 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:41:14.0676 3364 ksthunk - ok
19:41:14.0745 3364 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:41:14.0748 3364 lltdio - ok
19:41:14.0789 3364 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:41:14.0794 3364 LSI_FC - ok
19:41:14.0891 3364 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:41:14.0896 3364 LSI_SAS - ok
19:41:14.0957 3364 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:41:14.0961 3364 LSI_SCSI - ok
19:41:14.0998 3364 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:41:15.0000 3364 luafv - ok
19:41:15.0079 3364 lvalarmk (564abf928a5cbf9ad46fede5b230b025) C:\Windows\system32\drivers\lvalarmk.sys
19:41:15.0081 3364 lvalarmk - ok
19:41:15.0133 3364 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:41:15.0136 3364 megasas - ok
19:41:15.0179 3364 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:41:15.0192 3364 MegaSR - ok
19:41:15.0304 3364 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:41:15.0307 3364 Modem - ok
19:41:15.0355 3364 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:41:15.0356 3364 monitor - ok
19:41:15.0383 3364 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:41:15.0385 3364 mouclass - ok
19:41:15.0439 3364 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:41:15.0442 3364 mouhid - ok
19:41:15.0531 3364 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:41:15.0534 3364 MountMgr - ok
19:41:15.0618 3364 mpio (cbb01a298cb24d250017cea54884bba8) C:\Windows\system32\drivers\mpio.sys
19:41:15.0623 3364 mpio - ok
19:41:15.0714 3364 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:41:15.0719 3364 mpsdrv - ok
19:41:15.0787 3364 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:41:15.0790 3364 Mraid35x - ok
19:41:15.0823 3364 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:41:15.0827 3364 MRxDAV - ok
19:41:15.0943 3364 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:15.0946 3364 mrxsmb - ok
19:41:16.0014 3364 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:16.0021 3364 mrxsmb10 - ok
19:41:16.0109 3364 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:16.0112 3364 mrxsmb20 - ok
19:41:16.0203 3364 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
19:41:16.0205 3364 msahci - ok
19:41:16.0297 3364 msdsm (0db324146494d45417905b7009858937) C:\Windows\system32\drivers\msdsm.sys
19:41:16.0302 3364 msdsm - ok
19:41:16.0414 3364 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:41:16.0415 3364 Msfs - ok
19:41:16.0482 3364 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:41:16.0483 3364 msisadrv - ok
19:41:16.0548 3364 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:41:16.0550 3364 MSKSSRV - ok
19:41:16.0586 3364 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:16.0604 3364 MSPCLOCK - ok
19:41:16.0636 3364 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:41:16.0638 3364 MSPQM - ok
19:41:16.0714 3364 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:41:16.0722 3364 MsRPC - ok
19:41:16.0770 3364 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:16.0771 3364 mssmbios - ok
19:41:16.0809 3364 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:41:16.0812 3364 MSTEE - ok
19:41:16.0840 3364 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:41:16.0842 3364 Mup - ok
19:41:17.0003 3364 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:41:17.0010 3364 NativeWifiP - ok
19:41:17.0084 3364 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:41:17.0102 3364 NDIS - ok
19:41:17.0193 3364 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:17.0196 3364 NdisTapi - ok
19:41:17.0229 3364 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:17.0232 3364 Ndisuio - ok
19:41:17.0261 3364 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:17.0267 3364 NdisWan - ok
19:41:17.0296 3364 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:41:17.0299 3364 NDProxy - ok
19:41:17.0414 3364 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:41:17.0415 3364 NetBIOS - ok
19:41:17.0509 3364 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:41:17.0517 3364 netbt - ok
19:41:17.0827 3364 NETw5v64 (bfbd278f8c9bcec693345759ac278e14) C:\Windows\system32\DRIVERS\NETw5v64.sys
19:41:17.0960 3364 NETw5v64 - ok
19:41:18.0061 3364 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:41:18.0064 3364 nfrd960 - ok
19:41:18.0140 3364 ni1006k (f1f9fd23a443d03c08de1faa4064c3a6) C:\Windows\system32\drivers\ni1006k.sys
19:41:18.0143 3364 ni1006k - ok
19:41:18.0256 3364 ni1045k (667d1c486fc1bbcdcc7876933ca295b4) C:\Windows\system32\drivers\ni1045kl.sys
19:41:18.0258 3364 ni1045k - ok
19:41:18.0331 3364 ni1065k (fee448ffc85aad1bab076a0d23177e47) C:\Windows\system32\drivers\ni1065k.sys
19:41:18.0333 3364 ni1065k - ok
19:41:18.0475 3364 ni488lock (df9ffbbe707efd43499b59df39b736f9) C:\Windows\system32\drivers\ni488lock.sys
19:41:18.0478 3364 ni488lock - ok
19:41:18.0538 3364 nicdrk (4dfbfcebd1c97a89093cfaf66a538b84) C:\Windows\system32\drivers\nicdrkl.sys
19:41:18.0540 3364 nicdrk - ok
19:41:18.0709 3364 nidimk (4741dccd2ec6149c457b5af037c0e143) C:\Windows\system32\drivers\nidimkl.sys
19:41:18.0711 3364 nidimk - ok
19:41:18.0773 3364 nidmxfk (87b4e0ff79b86da28546a82bbafb15bb) C:\Windows\system32\drivers\nidmxfkl.sys
19:41:18.0775 3364 nidmxfk - ok
19:41:18.0807 3364 nidsark (aa2a61af87306a2c4f42cb16f99c2989) C:\Windows\system32\drivers\nidsarkl.sys
19:41:18.0809 3364 nidsark - ok
19:41:18.0864 3364 niemrk (48fc6c56ab50c045119beec2a6aa42f9) C:\Windows\system32\drivers\niemrkl.sys
19:41:18.0866 3364 niemrk - ok
19:41:18.0953 3364 niesrk (bf315a73346b82be06e84c04dbe5f2d4) C:\Windows\system32\drivers\niesrkl.sys
19:41:18.0955 3364 niesrk - ok
19:41:19.0016 3364 nifslk (f5bfadaf92cf0795cfd27ae2d12abcc9) C:\Windows\system32\drivers\nifslkl.sys
19:41:19.0018 3364 nifslk - ok
19:41:19.0054 3364 nimdbgk (f17f16e19b15080767f4b486be242074) C:\Windows\system32\drivers\nimdbgkl.sys
19:41:19.0056 3364 nimdbgk - ok
19:41:19.0139 3364 nimru2k (839006d5112034570769b8505cdaf064) C:\Windows\system32\drivers\nimru2kl.sys
19:41:19.0141 3364 nimru2k - ok
19:41:19.0192 3364 nimsdrk (3c0750dd23edf358be37758c189e56b6) C:\Windows\system32\drivers\nimsdrkl.sys
19:41:19.0194 3364 nimsdrk - ok
19:41:19.0212 3364 nimslk - ok
19:41:19.0232 3364 nimsrlk - ok
19:41:19.0267 3364 nimstsk (1d8b7ad26c1244248ee99df07d71bc18) C:\Windows\system32\drivers\nimstskl.sys
19:41:19.0269 3364 nimstsk - ok
19:41:19.0356 3364 nimxdfk (83dce6e9f1ecb1a43f6a38799f3e8921) C:\Windows\system32\drivers\nimxdfkl.sys
19:41:19.0358 3364 nimxdfk - ok
19:41:19.0456 3364 nimxpk (9ff699b654e70a17f293f2181186fe7b) C:\Windows\system32\drivers\nimxpkl.sys
19:41:19.0458 3364 nimxpk - ok
19:41:19.0495 3364 ninshsdk (ce455bfe673e2a9c2c16ea5c5d4e32e0) C:\Windows\system32\drivers\ninshsdkl.sys
19:41:19.0497 3364 ninshsdk - ok
19:41:19.0576 3364 niorbk (4d5dc82886164126ab7953e7b55c388f) C:\Windows\system32\drivers\niorbkl.sys
19:41:19.0579 3364 niorbk - ok
19:41:19.0647 3364 nipalfwedl (c34e916f22a8a098fbc4433cdab9e917) C:\Windows\system32\drivers\nipalfwedl.sys
19:41:19.0659 3364 nipalfwedl - ok
19:41:19.0703 3364 NIPALK (58b4f6dd0056b9d7278b4b4f1642037b) C:\Windows\system32\drivers\nipalk.sys
19:41:19.0717 3364 NIPALK - ok
19:41:19.0914 3364 nipalusbedl (416102ca21410d503dfd0ec8cff438df) C:\Windows\system32\drivers\nipalusbedl.sys
19:41:19.0916 3364 nipalusbedl - ok
19:41:19.0972 3364 nipbcfk (a2cc7e62a620361cf0b7d953ebe83c62) C:\Windows\system32\drivers\nipbcfk.sys
19:41:19.0974 3364 nipbcfk - ok
19:41:20.0024 3364 nipxigpk (cb60104c1ce1e687673500137055f5cb) C:\Windows\system32\drivers\nipxigpk.sys
19:41:20.0027 3364 nipxigpk - ok
19:41:20.0108 3364 nipxirmk (9c74e35e03371512f79dfe539785c79c) C:\Windows\system32\drivers\nipxirmkl.sys
19:41:20.0110 3364 nipxirmk - ok
19:41:20.0176 3364 niscdk (28935400c421717ec30b944604349a48) C:\Windows\system32\drivers\niscdkl.sys
19:41:20.0178 3364 niscdk - ok
19:41:20.0229 3364 nisdigk (e9f962614d03a2dc3df42effb46f8939) C:\Windows\system32\drivers\nisdigkl.sys
19:41:20.0231 3364 nisdigk - ok
19:41:20.0312 3364 nisftk (869eb2cc6777da54ab6f86827d2c0171) C:\Windows\system32\drivers\nisftkl.sys
19:41:20.0314 3364 nisftk - ok
19:41:20.0366 3364 nispdk (ebafe2a3446dca29070267a3e4f75c33) C:\Windows\system32\drivers\nispdkl.sys
19:41:20.0368 3364 nispdk - ok
19:41:20.0403 3364 nissrk (36133d60486b256768df44b62663afa6) C:\Windows\system32\drivers\nissrkl.sys
19:41:20.0406 3364 nissrk - ok
19:41:20.0501 3364 nistc2k (4f4bcc0aa1bad95f3c78304a2a5dbe2b) C:\Windows\system32\drivers\nistc2kl.sys
19:41:20.0504 3364 nistc2k - ok
19:41:20.0558 3364 nistcrk (02cd95980f5549ffa546036a867a4b7d) C:\Windows\system32\drivers\nistcrkl.sys
19:41:20.0560 3364 nistcrk - ok
19:41:20.0619 3364 niswdk (84daa07de7371242b5f9e1812c23094d) C:\Windows\system32\drivers\niswdkl.sys
19:41:20.0621 3364 niswdk - ok
19:41:20.0743 3364 nitiork (2b2d380abe20a566ff98f27676912750) C:\Windows\system32\drivers\nitiorkl.sys
19:41:20.0745 3364 nitiork - ok
19:41:20.0823 3364 NiViFWK (e66584015a297375a680b76bc9fb4e74) C:\Windows\system32\drivers\NiViFWKl.sys
19:41:20.0825 3364 NiViFWK - ok
19:41:20.0906 3364 NiViPciK (9d6fcd06857db141003811361d7b1e10) C:\Windows\system32\drivers\NiViPciKl.sys
19:41:20.0909 3364 NiViPciK - ok
19:41:20.0965 3364 NiViPxiK (75df8f72665764f583f59888b7797c5e) C:\Windows\system32\drivers\NiViPxiKl.sys
19:41:20.0968 3364 NiViPxiK - ok
19:41:21.0013 3364 niwfrk (388909607d9d64dc50f91ffb4580bdab) C:\Windows\system32\drivers\niwfrkl.sys
19:41:21.0016 3364 niwfrk - ok
19:41:21.0135 3364 nixsrk (1e162526df21eae426e28e3e38f3a398) C:\Windows\system32\drivers\nixsrkl.sys
19:41:21.0138 3364 nixsrk - ok
19:41:21.0211 3364 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:41:21.0213 3364 Npfs - ok
19:41:21.0244 3364 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:41:21.0247 3364 nsiproxy - ok
19:41:21.0383 3364 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:41:21.0422 3364 Ntfs - ok
19:41:21.0524 3364 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:41:21.0527 3364 Null - ok
19:41:21.0598 3364 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:41:21.0603 3364 nvraid - ok
19:41:21.0635 3364 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:41:21.0638 3364 nvstor - ok
19:41:21.0674 3364 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:41:21.0679 3364 nv_agp - ok
19:41:21.0766 3364 NwlnkFlt - ok
19:41:21.0800 3364 NwlnkFwd - ok
19:41:21.0858 3364 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
19:41:21.0861 3364 ohci1394 - ok
19:41:21.0995 3364 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
19:41:22.0000 3364 Parport - ok
19:41:22.0089 3364 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
19:41:22.0092 3364 partmgr - ok
19:41:22.0163 3364 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:41:22.0167 3364 pci - ok
19:41:22.0202 3364 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
19:41:22.0204 3364 pciide - ok
19:41:22.0304 3364 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:41:22.0311 3364 pcmcia - ok
19:41:22.0385 3364 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:41:22.0403 3364 PEAUTH - ok
19:41:22.0617 3364 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:41:22.0622 3364 PptpMiniport - ok
19:41:22.0669 3364 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:41:22.0672 3364 Processor - ok
19:41:22.0774 3364 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:41:22.0777 3364 PSched - ok
19:41:22.0872 3364 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:41:22.0874 3364 PxHlpa64 - ok
19:41:22.0994 3364 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:41:23.0025 3364 ql2300 - ok
19:41:23.0124 3364 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:41:23.0128 3364 ql40xx - ok
19:41:23.0175 3364 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:41:23.0177 3364 QWAVEdrv - ok
19:41:23.0202 3364 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:41:23.0204 3364 RasAcd - ok
19:41:23.0303 3364 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:23.0308 3364 Rasl2tp - ok
19:41:23.0353 3364 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:23.0356 3364 RasPppoe - ok
19:41:23.0378 3364 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:41:23.0382 3364 RasSstp - ok
19:41:23.0485 3364 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:41:23.0493 3364 rdbss - ok
19:41:23.0602 3364 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:23.0605 3364 RDPCDD - ok
19:41:23.0701 3364 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\drivers\rdpdr.sys
19:41:23.0709 3364 rdpdr - ok
19:41:23.0802 3364 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:41:23.0805 3364 RDPENCDD - ok
19:41:23.0892 3364 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
19:41:23.0899 3364 RDPWD - ok
19:41:24.0002 3364 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
19:41:24.0008 3364 RFCOMM - ok
19:41:24.0084 3364 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys
19:41:24.0088 3364 rimsptsk - ok
19:41:24.0130 3364 RimUsb - ok
19:41:24.0188 3364 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:41:24.0191 3364 RimVSerPort - ok
19:41:24.0289 3364 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
19:41:24.0292 3364 ROOTMODEM - ok
19:41:24.0361 3364 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:41:24.0365 3364 rspndr - ok
19:41:24.0504 3364 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:41:24.0512 3364 sbp2port - ok
19:41:24.0627 3364 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
19:41:24.0632 3364 sdbus - ok
19:41:24.0742 3364 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:41:24.0745 3364 secdrv - ok
19:41:24.0884 3364 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
19:41:24.0886 3364 Serenum - ok
19:41:24.0959 3364 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
19:41:24.0964 3364 Serial - ok
19:41:25.0001 3364 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:41:25.0004 3364 sermouse - ok
19:41:25.0113 3364 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
19:41:25.0116 3364 SFEP - ok
19:41:25.0192 3364 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
19:41:25.0194 3364 sffdisk - ok
19:41:25.0230 3364 sffp_mmc (dbbd3fd8af718966af768a754e07e8c0) C:\Windows\system32\drivers\sffp_mmc.sys
19:41:25.0233 3364 sffp_mmc - ok
19:41:25.0267 3364 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:41:25.0269 3364 sffp_sd - ok
19:41:25.0330 3364 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:41:25.0332 3364 sfloppy - ok
19:41:25.0474 3364 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:41:25.0477 3364 SiSRaid2 - ok
19:41:25.0548 3364 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:41:25.0551 3364 SiSRaid4 - ok
19:41:25.0674 3364 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:41:25.0679 3364 Smb - ok
19:41:25.0763 3364 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:41:25.0764 3364 spldr - ok
19:41:25.0916 3364 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:41:25.0928 3364 srv - ok
19:41:26.0061 3364 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:41:26.0065 3364 srv2 - ok
19:41:26.0113 3364 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:41:26.0117 3364 srvnet - ok
19:41:26.0204 3364 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:41:26.0207 3364 swenum - ok
19:41:26.0335 3364 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:41:26.0338 3364 Symc8xx - ok
19:41:26.0371 3364 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:41:26.0373 3364 Sym_hi - ok
19:41:26.0447 3364 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:41:26.0450 3364 Sym_u3 - ok
19:41:26.0540 3364 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys
19:41:26.0548 3364 SynTP - ok
19:41:26.0797 3364 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
19:41:26.0855 3364 Tcpip - ok
19:41:27.0019 3364 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
19:41:27.0036 3364 Tcpip6 - ok
19:41:27.0146 3364 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:41:27.0149 3364 tcpipreg - ok
19:41:27.0235 3364 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:41:27.0241 3364 TDPIPE - ok
19:41:27.0352 3364 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:41:27.0355 3364 TDTCP - ok
19:41:27.0413 3364 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:41:27.0417 3364 tdx - ok
19:41:27.0456 3364 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:41:27.0460 3364 TermDD - ok
19:41:27.0692 3364 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:27.0695 3364 tssecsrv - ok
19:41:27.0753 3364 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:41:27.0756 3364 tunmp - ok
19:41:27.0800 3364 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:41:27.0803 3364 tunnel - ok
19:41:27.0932 3364 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:41:27.0936 3364 uagp35 - ok
19:41:28.0009 3364 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:41:28.0020 3364 udfs - ok
19:41:28.0173 3364 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:41:28.0177 3364 uliagpkx - ok
19:41:28.0281 3364 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:41:28.0290 3364 uliahci - ok
19:41:28.0395 3364 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:41:28.0401 3364 UlSata - ok
19:41:28.0469 3364 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:41:28.0475 3364 ulsata2 - ok
19:41:28.0501 3364 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:41:28.0507 3364 umbus - ok
19:41:28.0632 3364 usb6xxxk - ok
19:41:28.0706 3364 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:41:28.0710 3364 USBAAPL64 - ok
19:41:28.0757 3364 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
19:41:28.0767 3364 usbaudio - ok
19:41:28.0852 3364 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:28.0861 3364 usbccgp - ok
19:41:28.0925 3364 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:41:28.0930 3364 usbcir - ok
19:41:29.0020 3364 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:41:29.0022 3364 usbehci - ok
19:41:29.0086 3364 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:41:29.0095 3364 usbhub - ok
19:41:29.0187 3364 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:41:29.0190 3364 usbohci - ok
19:41:29.0249 3364 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
19:41:29.0252 3364 usbprint - ok
19:41:29.0344 3364 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:29.0363 3364 USBSTOR - ok
19:41:29.0451 3364 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:41:29.0454 3364 usbuhci - ok
19:41:29.0523 3364 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
19:41:29.0530 3364 usbvideo - ok
19:41:29.0721 3364 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:29.0725 3364 vga - ok
19:41:29.0791 3364 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:41:29.0794 3364 VgaSave - ok
19:41:29.0893 3364 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:41:29.0915 3364 viaide - ok
19:41:30.0025 3364 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:41:30.0027 3364 volmgr - ok
19:41:30.0085 3364 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:41:30.0097 3364 volmgrx - ok
19:41:30.0191 3364 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:41:30.0199 3364 volsnap - ok
19:41:30.0302 3364 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:41:30.0308 3364 vsmraid - ok
19:41:30.0476 3364 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:41:30.0479 3364 WacomPen - ok
19:41:30.0532 3364 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:30.0537 3364 Wanarp - ok
19:41:30.0581 3364 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:30.0583 3364 Wanarpv6 - ok
19:41:30.0704 3364 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:41:30.0707 3364 Wd - ok
19:41:30.0763 3364 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
19:41:30.0766 3364 WDC_SAM - ok
19:41:30.0922 3364 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:41:30.0948 3364 Wdf01000 - ok
19:41:31.0183 3364 winachsf (b5c348b265178fb9ee55addb3929485d) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:41:31.0206 3364 winachsf - ok
19:41:31.0447 3364 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
19:41:31.0450 3364 WmiAcpi - ok
19:41:31.0627 3364 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:41:31.0631 3364 WpdUsb - ok
19:41:31.0713 3364 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:41:31.0716 3364 ws2ifsl - ok
19:41:31.0862 3364 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:41:31.0867 3364 WUDFRd - ok
19:41:32.0005 3364 yukonx64 (be950bff950ae6b22a9ee80bce55cc3a) C:\Windows\system32\DRIVERS\yk60x64.sys
19:41:32.0016 3364 yukonx64 - ok
19:41:32.0070 3364 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0
19:41:32.0101 3364 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:41:32.0101 3364 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:41:32.0164 3364 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:41:32.0164 3364 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:41:32.0199 3364 Boot (0x1200) (f19ce2c8c2fecf1fee6cc20b2d3e2446) \Device\Harddisk0\DR0\Partition0
19:41:32.0202 3364 \Device\Harddisk0\DR0\Partition0 - ok
19:41:32.0202 3364 ============================================================
19:41:32.0202 3364 Scan finished
19:41:32.0202 3364 ============================================================
19:41:32.0222 5564 Detected object count: 2
19:41:32.0222 5564 Actual detected object count: 2
19:41:50.0070 5564 \Device\Harddisk0\DR0\# - copied to quarantine
19:41:50.0071 5564 \Device\Harddisk0\DR0 - copied to quarantine
19:41:50.0159 5564 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:41:50.0163 5564 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:41:50.0190 5564 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:41:50.0208 5564 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:41:50.0210 5564 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:41:50.0212 5564 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:41:50.0215 5564 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:41:50.0220 5564 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:41:50.0225 5564 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:41:50.0228 5564 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:41:50.0229 5564 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Quarantine
19:41:50.0253 5564 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:41:50.0257 5564 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:41:50.0278 5564 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:41:50.0292 5564 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:41:50.0294 5564 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:41:50.0296 5564 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:41:50.0298 5564 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:41:50.0302 5564 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:41:50.0306 5564 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:41:50.0309 5564 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:41:50.0309 5564 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
19:42:27.0085 3356 Deinitialize success


GMER

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-01 20:22:23
Windows 6.0.6002 Service Pack 2
Running: 6vdkz1yv.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00214fbd36a3
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\00214fbd36a3 (not active ControlSet)

---- EOF - GMER 1.0.15 ----
aswMBR
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-01 21:33:31
-----------------------------
21:33:31.581 OS Version: Windows x64 6.0.6002 Service Pack 2
21:33:31.581 Number of processors: 2 586 0x170A
21:33:31.581 ComputerName: MANASA-PC UserName: manasa
21:33:35.352 Initialize success
21:33:43.126 AVAST engine defs: 12030101
21:33:47.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:33:47.917 Disk 0 Vendor: Hitachi_HTS543225L9SA00 FBEOC43C Size: 238475MB BusType: 3
21:33:47.921 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007c
21:33:47.926 Disk 1 Vendor: RICOH 02 Size: 238475MB BusType: 0
21:33:47.930 Device \Driver\atapi -> MajorFunction fffffa800632a5c4
21:33:47.935 Disk 0 MBR read successfully
21:33:47.940 Disk 0 MBR scan
21:33:47.947 Disk 0 MBR:Pihar-C [Rtk]
21:33:47.952 Disk 0 TDL4@MBR code has been found
21:33:47.958 Disk 0 Windows VISTA default MBR code found via API
21:33:47.963 Disk 0 MBR hidden
21:33:47.980 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10539 MB offset 2048
21:33:48.006 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 227934 MB offset 21585920
21:33:48.017 Disk 0 MBR [TDL4] **ROOTKIT**
21:33:48.026 Disk 0 trace - called modules:
21:33:48.035 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800632a5c4]<<hal.dll
21:33:48.044 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d80060]
21:33:48.051 3 CLASSPNP.SYS[fffffa60012fac33] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b6e940]
21:33:48.060 \Driver\atapi[0xfffffa80062b0e70] -> IRP_MJ_CREATE -> 0xfffffa800632a5c4
21:33:50.452 AVAST engine scan C:\Windows
21:33:58.840 AVAST engine scan C:\Windows\system32
21:39:24.776 AVAST engine scan C:\Windows\system32\drivers
21:39:49.188 AVAST engine scan C:\Users\manasa
22:04:04.524 Disk 0 MBR has been saved successfully to "C:\Users\manasa\MBR.dat"
22:04:04.542 The log file has been saved successfully to "C:\Users\manasa\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:34 AM

Posted 02 March 2012 - 01:58 AM

Restart the PC ,run TDSSkiller and ASWMBR once again and post the new LOGS

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users