Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast, AVG and Malwarebytes crathes during scan


  • This topic is locked This topic is locked
20 replies to this topic

#1 el_mofo

el_mofo

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 04 March 2012 - 10:59 AM

Hi there all.

It seems like I have a virus or mal/spy/adware of some kind.

My Spybot Search and Destroy Teatime alerts me that a "Browser Helper Object" wants to change registry with no option to to deny. This comes on boot.

I have tried scanning in safe mode and quick scan and lots of other things advised on lots of other forums including this one.

I have an okay level of computer knowledge but would greatly appreciate any advice/help/consolation/cake/hug.

Thanks in advance people :)

el mofo

btw, running Windows 7 home premium 64 bit with AMD 980 processor.

Edited by el_mofo, 04 March 2012 - 11:02 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 PM

Posted 04 March 2012 - 11:18 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 04 March 2012 - 12:59 PM

First thank you very much for your help and your time, I do really appreciate this. :)

TDSSkiller results:


17:52:25.0787 6016 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
17:52:26.0124 6016 ============================================================
17:52:26.0124 6016 Current date / time: 2012/03/04 17:52:26.0124
17:52:26.0124 6016 SystemInfo:
17:52:26.0124 6016
17:52:26.0124 6016 OS Version: 6.1.7601 ServicePack: 1.0
17:52:26.0124 6016 Product type: Workstation
17:52:26.0124 6016 ComputerName: S-PC
17:52:26.0125 6016 UserName: s
17:52:26.0125 6016 Windows directory: C:\Windows
17:52:26.0125 6016 System windows directory: C:\Windows
17:52:26.0125 6016 Running under WOW64
17:52:26.0125 6016 Processor architecture: Intel x64
17:52:26.0125 6016 Number of processors: 4
17:52:26.0125 6016 Page size: 0x1000
17:52:26.0125 6016 Boot type: Normal boot
17:52:26.0125 6016 ============================================================
17:52:26.0544 6016 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:52:26.0576 6016 \Device\Harddisk0\DR0:
17:52:26.0576 6016 MBR used
17:52:26.0576 6016 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:52:26.0576 6016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
17:52:26.0606 6016 Initialize success
17:52:26.0606 6016 ============================================================
17:52:56.0922 6096 ============================================================
17:52:56.0922 6096 Scan started
17:52:56.0922 6096 Mode: Manual; TDLFS;
17:52:56.0922 6096 ============================================================
17:52:57.0210 6096 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
17:52:57.0215 6096 1394ohci - ok
17:52:57.0235 6096 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:52:57.0241 6096 ACPI - ok
17:52:57.0258 6096 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:52:57.0258 6096 AcpiPmi - ok
17:52:57.0305 6096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:52:57.0308 6096 adp94xx - ok
17:52:57.0328 6096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:52:57.0330 6096 adpahci - ok
17:52:57.0366 6096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:52:57.0367 6096 adpu320 - ok
17:52:57.0439 6096 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:52:57.0447 6096 AFD - ok
17:52:57.0476 6096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:52:57.0478 6096 agp440 - ok
17:52:57.0516 6096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:52:57.0517 6096 aliide - ok
17:52:57.0535 6096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:52:57.0536 6096 amdide - ok
17:52:57.0547 6096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:52:57.0549 6096 AmdK8 - ok
17:52:57.0570 6096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:52:57.0572 6096 AmdPPM - ok
17:52:57.0610 6096 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:52:57.0613 6096 amdsata - ok
17:52:57.0636 6096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:52:57.0640 6096 amdsbs - ok
17:52:57.0661 6096 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:52:57.0663 6096 amdxata - ok
17:52:57.0706 6096 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
17:52:57.0708 6096 amd_sata - ok
17:52:57.0723 6096 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
17:52:57.0725 6096 amd_xata - ok
17:52:57.0736 6096 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:52:57.0738 6096 AppID - ok
17:52:57.0772 6096 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:52:57.0773 6096 arc - ok
17:52:57.0789 6096 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:52:57.0790 6096 arcsas - ok
17:52:57.0797 6096 AsIO - ok
17:52:57.0811 6096 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
17:52:57.0812 6096 asmthub3 - ok
17:52:57.0843 6096 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
17:52:57.0849 6096 asmtxhci - ok
17:52:57.0860 6096 AsUpIO - ok
17:52:57.0895 6096 aswFsBlk (c7c69ed14a7ddecaf58e3dfd1fca6d37) C:\Windows\system32\drivers\aswFsBlk.sys
17:52:57.0896 6096 aswFsBlk - ok
17:52:57.0932 6096 aswMonFlt (ad5276449159ba8d5206c6094c764249) C:\Windows\system32\drivers\aswMonFlt.sys
17:52:57.0934 6096 aswMonFlt - ok
17:52:57.0944 6096 aswRdr (1e5ca4c89227df49c5fc779e7848ae8b) C:\Windows\System32\Drivers\aswrdr2.sys
17:52:57.0946 6096 aswRdr - ok
17:52:58.0043 6096 aswSnx (45ad1ed2a0ccd582e32b10535f5c42e9) C:\Windows\system32\drivers\aswSnx.sys
17:52:58.0055 6096 aswSnx - ok
17:52:58.0088 6096 aswSP (06fd751c1b15734e57df09614602be66) C:\Windows\system32\drivers\aswSP.sys
17:52:58.0091 6096 aswSP - ok
17:52:58.0097 6096 aswTdi (bf670f65762ff8da7615d7b80914c0f8) C:\Windows\system32\drivers\aswTdi.sys
17:52:58.0098 6096 aswTdi - ok
17:52:58.0141 6096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:52:58.0142 6096 AsyncMac - ok
17:52:58.0154 6096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:52:58.0154 6096 atapi - ok
17:52:58.0185 6096 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:52:58.0186 6096 AVGIDSDriver - ok
17:52:58.0214 6096 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:52:58.0215 6096 AVGIDSEH - ok
17:52:58.0234 6096 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:52:58.0234 6096 AVGIDSFilter - ok
17:52:58.0312 6096 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
17:52:58.0312 6096 Avgldx64 - ok
17:52:58.0343 6096 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:52:58.0343 6096 Avgmfx64 - ok
17:52:58.0405 6096 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:52:58.0405 6096 Avgrkx64 - ok
17:52:58.0437 6096 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
17:52:58.0437 6096 Avgtdia - ok
17:52:58.0483 6096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:52:58.0483 6096 b06bdrv - ok
17:52:58.0515 6096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:52:58.0515 6096 b57nd60a - ok
17:52:58.0530 6096 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:52:58.0530 6096 Beep - ok
17:52:58.0561 6096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:52:58.0561 6096 blbdrive - ok
17:52:58.0608 6096 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:52:58.0608 6096 bowser - ok
17:52:58.0608 6096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:52:58.0624 6096 BrFiltLo - ok
17:52:58.0624 6096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:52:58.0624 6096 BrFiltUp - ok
17:52:58.0639 6096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:52:58.0639 6096 Brserid - ok
17:52:58.0655 6096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:52:58.0655 6096 BrSerWdm - ok
17:52:58.0655 6096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:52:58.0655 6096 BrUsbMdm - ok
17:52:58.0671 6096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:52:58.0671 6096 BrUsbSer - ok
17:52:58.0671 6096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:52:58.0671 6096 BTHMODEM - ok
17:52:58.0702 6096 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:52:58.0702 6096 cdfs - ok
17:52:58.0702 6096 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:52:58.0702 6096 cdrom - ok
17:52:58.0717 6096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:52:58.0717 6096 circlass - ok
17:52:58.0749 6096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:52:58.0764 6096 CLFS - ok
17:52:58.0834 6096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:52:58.0836 6096 CmBatt - ok
17:52:58.0909 6096 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:52:58.0911 6096 cmdide - ok
17:52:58.0956 6096 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:52:58.0964 6096 CNG - ok
17:52:58.0980 6096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:52:58.0982 6096 Compbatt - ok
17:52:58.0993 6096 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:52:58.0995 6096 CompositeBus - ok
17:52:59.0012 6096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:52:59.0014 6096 crcdisk - ok
17:52:59.0042 6096 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:52:59.0043 6096 DfsC - ok
17:52:59.0064 6096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:52:59.0065 6096 discache - ok
17:52:59.0105 6096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:52:59.0107 6096 Disk - ok
17:52:59.0164 6096 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:52:59.0166 6096 drmkaud - ok
17:52:59.0209 6096 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:52:59.0224 6096 DXGKrnl - ok
17:52:59.0344 6096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:52:59.0362 6096 ebdrv - ok
17:52:59.0393 6096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:52:59.0395 6096 elxstor - ok
17:52:59.0423 6096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:52:59.0424 6096 ErrDev - ok
17:52:59.0434 6096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:52:59.0436 6096 exfat - ok
17:52:59.0442 6096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:52:59.0444 6096 fastfat - ok
17:52:59.0451 6096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:52:59.0452 6096 fdc - ok
17:52:59.0467 6096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:52:59.0468 6096 FileInfo - ok
17:52:59.0478 6096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:52:59.0479 6096 Filetrace - ok
17:52:59.0484 6096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:52:59.0485 6096 flpydisk - ok
17:52:59.0502 6096 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:52:59.0504 6096 FltMgr - ok
17:52:59.0512 6096 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:52:59.0513 6096 FsDepends - ok
17:52:59.0525 6096 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:52:59.0526 6096 Fs_Rec - ok
17:52:59.0540 6096 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:52:59.0541 6096 fvevol - ok
17:52:59.0546 6096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:52:59.0547 6096 gagp30kx - ok
17:52:59.0610 6096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:52:59.0612 6096 hcw85cir - ok
17:52:59.0638 6096 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:52:59.0646 6096 HdAudAddService - ok
17:52:59.0672 6096 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:52:59.0676 6096 HDAudBus - ok
17:52:59.0685 6096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:52:59.0687 6096 HidBatt - ok
17:52:59.0701 6096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:52:59.0704 6096 HidBth - ok
17:52:59.0710 6096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:52:59.0711 6096 HidIr - ok
17:52:59.0725 6096 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:52:59.0727 6096 HidUsb - ok
17:52:59.0750 6096 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:52:59.0751 6096 HpSAMD - ok
17:52:59.0773 6096 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:52:59.0779 6096 HTTP - ok
17:52:59.0794 6096 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:52:59.0795 6096 hwpolicy - ok
17:52:59.0818 6096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:52:59.0819 6096 i8042prt - ok
17:52:59.0850 6096 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:52:59.0852 6096 iaStorV - ok
17:52:59.0871 6096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:52:59.0873 6096 iirsp - ok
17:52:59.0963 6096 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
17:53:00.0001 6096 IntcAzAudAddService - ok
17:53:00.0019 6096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:53:00.0020 6096 intelide - ok
17:53:00.0036 6096 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:53:00.0036 6096 intelppm - ok
17:53:00.0052 6096 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:53:00.0052 6096 IpFilterDriver - ok
17:53:00.0052 6096 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:53:00.0052 6096 IPMIDRV - ok
17:53:00.0083 6096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:53:00.0083 6096 IPNAT - ok
17:53:00.0098 6096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:53:00.0098 6096 IRENUM - ok
17:53:00.0114 6096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:53:00.0114 6096 isapnp - ok
17:53:00.0130 6096 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:53:00.0130 6096 iScsiPrt - ok
17:53:00.0176 6096 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\DRIVERS\jraid.sys
17:53:00.0176 6096 JRAID - ok
17:53:00.0192 6096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:53:00.0208 6096 kbdclass - ok
17:53:00.0223 6096 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:53:00.0223 6096 kbdhid - ok
17:53:00.0270 6096 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:53:00.0270 6096 KSecDD - ok
17:53:00.0301 6096 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:53:00.0301 6096 KSecPkg - ok
17:53:00.0301 6096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:53:00.0317 6096 ksthunk - ok
17:53:00.0463 6096 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
17:53:00.0464 6096 Lavasoft Kernexplorer - ok
17:53:00.0488 6096 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
17:53:00.0489 6096 Lbd - ok
17:53:00.0507 6096 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:53:00.0509 6096 lltdio - ok
17:53:00.0534 6096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:53:00.0535 6096 LSI_FC - ok
17:53:00.0552 6096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:53:00.0553 6096 LSI_SAS - ok
17:53:00.0570 6096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:53:00.0571 6096 LSI_SAS2 - ok
17:53:00.0594 6096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:53:00.0595 6096 LSI_SCSI - ok
17:53:00.0607 6096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:53:00.0608 6096 luafv - ok
17:53:00.0655 6096 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
17:53:00.0661 6096 mcdbus - ok
17:53:00.0681 6096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:53:00.0683 6096 megasas - ok
17:53:00.0703 6096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:53:00.0705 6096 MegaSR - ok
17:53:00.0732 6096 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:53:00.0733 6096 Modem - ok
17:53:00.0739 6096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:53:00.0740 6096 monitor - ok
17:53:00.0756 6096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:53:00.0757 6096 mouclass - ok
17:53:00.0765 6096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:53:00.0766 6096 mouhid - ok
17:53:00.0786 6096 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:53:00.0787 6096 mountmgr - ok
17:53:00.0804 6096 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:53:00.0805 6096 mpio - ok
17:53:00.0822 6096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:53:00.0824 6096 mpsdrv - ok
17:53:00.0833 6096 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:53:00.0834 6096 MRxDAV - ok
17:53:00.0844 6096 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:53:00.0847 6096 mrxsmb - ok
17:53:00.0871 6096 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:53:00.0874 6096 mrxsmb10 - ok
17:53:00.0895 6096 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:53:00.0897 6096 mrxsmb20 - ok
17:53:00.0910 6096 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:53:00.0910 6096 msahci - ok
17:53:00.0926 6096 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:53:00.0928 6096 msdsm - ok
17:53:00.0954 6096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:53:00.0955 6096 Msfs - ok
17:53:00.0967 6096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:53:00.0968 6096 mshidkmdf - ok
17:53:00.0986 6096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:53:00.0987 6096 msisadrv - ok
17:53:01.0013 6096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:53:01.0014 6096 MSKSSRV - ok
17:53:01.0022 6096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:53:01.0023 6096 MSPCLOCK - ok
17:53:01.0032 6096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:53:01.0033 6096 MSPQM - ok
17:53:01.0053 6096 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:53:01.0057 6096 MsRPC - ok
17:53:01.0073 6096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:53:01.0074 6096 mssmbios - ok
17:53:01.0080 6096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:53:01.0081 6096 MSTEE - ok
17:53:01.0096 6096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:53:01.0097 6096 MTConfig - ok
17:53:01.0118 6096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:53:01.0119 6096 Mup - ok
17:53:01.0159 6096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:53:01.0167 6096 NativeWifiP - ok
17:53:01.0207 6096 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:53:01.0222 6096 NDIS - ok
17:53:01.0245 6096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:53:01.0248 6096 NdisCap - ok
17:53:01.0271 6096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:53:01.0272 6096 NdisTapi - ok
17:53:01.0286 6096 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:53:01.0287 6096 Ndisuio - ok
17:53:01.0305 6096 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:53:01.0308 6096 NdisWan - ok
17:53:01.0326 6096 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:53:01.0327 6096 NDProxy - ok
17:53:01.0342 6096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:53:01.0344 6096 NetBIOS - ok
17:53:01.0357 6096 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:53:01.0361 6096 NetBT - ok
17:53:01.0412 6096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:53:01.0413 6096 nfrd960 - ok
17:53:01.0421 6096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:53:01.0423 6096 Npfs - ok
17:53:01.0443 6096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:53:01.0445 6096 nsiproxy - ok
17:53:01.0510 6096 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:53:01.0552 6096 Ntfs - ok
17:53:01.0572 6096 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:53:01.0573 6096 Null - ok
17:53:01.0622 6096 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
17:53:01.0626 6096 NVHDA - ok
17:53:01.0871 6096 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:53:01.0918 6096 nvlddmkm - ok
17:53:01.0950 6096 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:53:01.0951 6096 nvraid - ok
17:53:01.0996 6096 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:53:02.0000 6096 nvstor - ok
17:53:02.0043 6096 NvStUSB (4dc87cda61d7b185e79618581f46b85a) C:\Windows\system32\DRIVERS\nvstusb.sys
17:53:02.0050 6096 NvStUSB - ok
17:53:02.0088 6096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:53:02.0089 6096 nv_agp - ok
17:53:02.0098 6096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:53:02.0099 6096 ohci1394 - ok
17:53:02.0128 6096 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:53:02.0129 6096 Parport - ok
17:53:02.0136 6096 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:53:02.0137 6096 partmgr - ok
17:53:02.0161 6096 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:53:02.0163 6096 pci - ok
17:53:02.0182 6096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:53:02.0182 6096 pciide - ok
17:53:02.0190 6096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:53:02.0192 6096 pcmcia - ok
17:53:02.0203 6096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:53:02.0204 6096 pcw - ok
17:53:02.0233 6096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:53:02.0240 6096 PEAUTH - ok
17:53:02.0280 6096 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:53:02.0282 6096 PptpMiniport - ok
17:53:02.0301 6096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:53:02.0303 6096 Processor - ok
17:53:02.0323 6096 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:53:02.0325 6096 Psched - ok
17:53:02.0344 6096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:53:02.0353 6096 ql2300 - ok
17:53:02.0366 6096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:53:02.0367 6096 ql40xx - ok
17:53:02.0386 6096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:53:02.0387 6096 QWAVEdrv - ok
17:53:02.0412 6096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:53:02.0413 6096 RasAcd - ok
17:53:02.0427 6096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:53:02.0428 6096 RasAgileVpn - ok
17:53:02.0449 6096 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:53:02.0451 6096 Rasl2tp - ok
17:53:02.0471 6096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:53:02.0473 6096 RasPppoe - ok
17:53:02.0493 6096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:53:02.0495 6096 RasSstp - ok
17:53:02.0503 6096 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:53:02.0507 6096 rdbss - ok
17:53:02.0521 6096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:53:02.0522 6096 rdpbus - ok
17:53:02.0542 6096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:53:02.0543 6096 RDPCDD - ok
17:53:02.0575 6096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:53:02.0576 6096 RDPENCDD - ok
17:53:02.0595 6096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:53:02.0596 6096 RDPREFMP - ok
17:53:02.0604 6096 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:53:02.0606 6096 RDPWD - ok
17:53:02.0628 6096 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:53:02.0630 6096 rdyboost - ok
17:53:02.0684 6096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:53:02.0685 6096 rspndr - ok
17:53:02.0738 6096 RTL8167 (16d4e350420baa7e63e16e3fc033e1f5) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:53:02.0746 6096 RTL8167 - ok
17:53:02.0812 6096 rtl8192se (8e843c0340c30994161c10fba87eea18) C:\Windows\system32\DRIVERS\rtl8192se.sys
17:53:02.0827 6096 rtl8192se - ok
17:53:02.0903 6096 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:53:02.0903 6096 SASDIFSV - ok
17:53:02.0934 6096 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:53:02.0934 6096 SASKUTIL - ok
17:53:02.0950 6096 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:53:02.0950 6096 sbp2port - ok
17:53:02.0965 6096 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:53:02.0965 6096 scfilter - ok
17:53:02.0981 6096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:53:02.0981 6096 secdrv - ok
17:53:03.0012 6096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:53:03.0012 6096 Serenum - ok
17:53:03.0028 6096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:53:03.0028 6096 Serial - ok
17:53:03.0043 6096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:53:03.0043 6096 sermouse - ok
17:53:03.0065 6096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:53:03.0066 6096 sffdisk - ok
17:53:03.0074 6096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:53:03.0074 6096 sffp_mmc - ok
17:53:03.0093 6096 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:53:03.0094 6096 sffp_sd - ok
17:53:03.0101 6096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:53:03.0102 6096 sfloppy - ok
17:53:03.0181 6096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:53:03.0183 6096 SiSRaid2 - ok
17:53:03.0209 6096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:53:03.0212 6096 SiSRaid4 - ok
17:53:03.0225 6096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:53:03.0229 6096 Smb - ok
17:53:03.0260 6096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:53:03.0261 6096 spldr - ok
17:53:03.0310 6096 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:53:03.0321 6096 srv - ok
17:53:03.0342 6096 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:53:03.0346 6096 srv2 - ok
17:53:03.0375 6096 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:53:03.0378 6096 srvnet - ok
17:53:03.0407 6096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:53:03.0408 6096 stexstor - ok
17:53:03.0439 6096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:53:03.0440 6096 swenum - ok
17:53:03.0505 6096 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:53:03.0515 6096 Tcpip - ok
17:53:03.0570 6096 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:53:03.0599 6096 TCPIP6 - ok
17:53:03.0621 6096 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:53:03.0623 6096 tcpipreg - ok
17:53:03.0646 6096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:53:03.0647 6096 TDPIPE - ok
17:53:03.0653 6096 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:53:03.0655 6096 TDTCP - ok
17:53:03.0676 6096 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:53:03.0678 6096 tdx - ok
17:53:03.0693 6096 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:53:03.0694 6096 TermDD - ok
17:53:03.0717 6096 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:53:03.0719 6096 tssecsrv - ok
17:53:03.0726 6096 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:53:03.0728 6096 TsUsbFlt - ok
17:53:03.0734 6096 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:53:03.0735 6096 TsUsbGD - ok
17:53:03.0769 6096 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:53:03.0771 6096 tunnel - ok
17:53:03.0778 6096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:53:03.0779 6096 uagp35 - ok
17:53:03.0798 6096 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:53:03.0802 6096 udfs - ok
17:53:03.0815 6096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:53:03.0816 6096 uliagpkx - ok
17:53:03.0830 6096 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:53:03.0831 6096 umbus - ok
17:53:03.0838 6096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:53:03.0839 6096 UmPass - ok
17:53:03.0872 6096 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:53:03.0874 6096 usbccgp - ok
17:53:03.0906 6096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:53:03.0910 6096 usbcir - ok
17:53:03.0951 6096 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:53:03.0954 6096 usbehci - ok
17:53:04.0000 6096 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
17:53:04.0003 6096 usbfilter - ok
17:53:04.0030 6096 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:53:04.0038 6096 usbhub - ok
17:53:04.0068 6096 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:53:04.0069 6096 usbohci - ok
17:53:04.0096 6096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:53:04.0099 6096 usbprint - ok
17:53:04.0129 6096 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:53:04.0130 6096 USBSTOR - ok
17:53:04.0157 6096 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:53:04.0158 6096 usbuhci - ok
17:53:04.0178 6096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:53:04.0179 6096 vdrvroot - ok
17:53:04.0200 6096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:53:04.0201 6096 vga - ok
17:53:04.0226 6096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:53:04.0227 6096 VgaSave - ok
17:53:04.0255 6096 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:53:04.0257 6096 vhdmp - ok
17:53:04.0273 6096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:53:04.0274 6096 viaide - ok
17:53:04.0288 6096 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:53:04.0289 6096 volmgr - ok
17:53:04.0315 6096 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:53:04.0318 6096 volmgrx - ok
17:53:04.0335 6096 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:53:04.0337 6096 volsnap - ok
17:53:04.0360 6096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:53:04.0362 6096 vsmraid - ok
17:53:04.0369 6096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:53:04.0369 6096 vwifibus - ok
17:53:04.0385 6096 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:53:04.0385 6096 vwififlt - ok
17:53:04.0400 6096 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:53:04.0400 6096 vwifimp - ok
17:53:04.0416 6096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:53:04.0416 6096 WacomPen - ok
17:53:04.0431 6096 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:53:04.0431 6096 WANARP - ok
17:53:04.0447 6096 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:53:04.0447 6096 Wanarpv6 - ok
17:53:04.0494 6096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:53:04.0494 6096 Wd - ok
17:53:04.0525 6096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:53:04.0541 6096 Wdf01000 - ok
17:53:04.0587 6096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:53:04.0587 6096 WfpLwf - ok
17:53:04.0587 6096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:53:04.0587 6096 WIMMount - ok
17:53:04.0603 6096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:53:04.0619 6096 WmiAcpi - ok
17:53:04.0634 6096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:53:04.0634 6096 ws2ifsl - ok
17:53:04.0650 6096 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:53:04.0665 6096 WudfPf - ok
17:53:04.0665 6096 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:53:04.0665 6096 WUDFRd - ok
17:53:04.0697 6096 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
17:53:04.0697 6096 xusb21 - ok
17:53:04.0821 6096 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
17:53:04.0821 6096 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
17:53:04.0853 6096 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:53:05.0000 6096 \Device\Harddisk0\DR0 - ok
17:53:05.0007 6096 Boot (0x1200) (712212f02a8b15c77338b8b2e0d6bf3e) \Device\Harddisk0\DR0\Partition0
17:53:05.0009 6096 \Device\Harddisk0\DR0\Partition0 - ok
17:53:05.0016 6096 Boot (0x1200) (c9e1b4c7146ab026a17a55b775f027c5) \Device\Harddisk0\DR0\Partition1
17:53:05.0017 6096 \Device\Harddisk0\DR0\Partition1 - ok
17:53:05.0018 6096 ============================================================
17:53:05.0018 6096 Scan finished
17:53:05.0018 6096 ============================================================
17:53:05.0027 6084 Detected object count: 0
17:53:05.0027 6084 Actual detected object count: 0

aswMBR results (There was no avast update but I already have the latest Avast program, not sure what that means):

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-04 17:53:32
-----------------------------
17:53:32.053 OS Version: Windows x64 6.1.7601 Service Pack 1
17:53:32.053 Number of processors: 4 586 0x403
17:53:32.053 ComputerName: S-PC UserName: s
17:53:33.432 Initialize success
17:53:33.582 AVAST engine defs: 12030400
17:54:03.196 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
17:54:03.203 Disk 0 Vendor: WDC_WD10 24.0 Size: 953869MB BusType: 11
17:54:03.226 Disk 0 MBR read successfully
17:54:03.228 Disk 0 MBR scan
17:54:03.231 Disk 0 Windows 7 default MBR code
17:54:03.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:54:03.236 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
17:54:03.257 Disk 0 scanning C:\Windows\system32\drivers
17:54:08.490 Service scanning
17:54:19.401 Modules scanning
17:54:19.408 Disk 0 trace - called modules:
17:54:19.425 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
17:54:19.429 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007df6060]
17:54:19.766 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8006e26040]
17:54:19.772 5 amd_xata.sys[fffff8800114c8f7] -> nt!IofCallDriver -> \Device\0000006d[0xfffffa8006cd4060]
17:54:21.070 AVAST engine scan C:\Windows
17:54:22.786 AVAST engine scan C:\Windows\system32
17:55:32.637 AVAST engine scan C:\Windows\system32\drivers
17:55:39.620 AVAST engine scan C:\Users\s
17:57:14.550 AVAST engine scan C:\ProgramData
17:58:30.494 Scan finished successfully
17:58:39.166 Disk 0 MBR has been saved successfully to "C:\Users\s\Documents\MBR.dat"
17:58:39.166 The log file has been saved successfully to "C:\Users\s\Documents\aswMBR.txt"

#4 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 04 March 2012 - 04:03 PM

Is it ok to carry on trying to fix this or should I wait for a response based on the posted logs?

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 PM

Posted 05 March 2012 - 03:32 AM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#6 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 07:37 AM

FIXTDSS found nothing

ESET crashed once. Rebooted computer and ran again then stuck at 25% for almost an hour with the timer still going. Just as I was typing this it moved on, I was expecting to need to restart it. Could this long delay be the mal/spy/adware hiding itself?

It is now at 63% and has been for a while. I'll post results when done...

#7 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 08:24 AM

ESET results:


C:\ProgramData\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\s\Downloads\cnet_SecurityTaskManager_Setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 PM

Posted 05 March 2012 - 08:49 AM

Can you run malwarebytes in safemode?

#9 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 12:16 PM

I can run Avast and AVG in normal mode, they find nothing. AVG rootkit scan finds 20+ rootkits, when I allow restart to clear them and do another scan it says they are still there. I will try malwarebytes in normal mode now and post results.

#10 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 12:27 PM

Running MBAM resulted in BSOD, I'll now try safe mode.

#11 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 12:35 PM

Froze after 11 seconds while scanning C:\Config.Msi\49f07.rbf which is the same file which took ages to be scanned by ESET earlier.

#12 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 05 March 2012 - 03:01 PM

I deleted the Config.msi folder and contents and now all scans go ahead no problems.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 PM

Posted 06 March 2012 - 01:53 AM

Please post the mbam log here

Do you still have crashes?

#14 el_mofo

el_mofo
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:07 PM

Posted 07 March 2012 - 02:32 PM

No longer crashing, thank you so much for your help good sir, here's the log:


Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
s :: S-PC [administrator]

Protection: Enabled

07/03/2012 19:08:18
mbam-log-2012-03-07 (19-08-18).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 313695
Time elapsed: 22 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:07 PM

Posted 08 March 2012 - 05:39 AM

that looks good,do you still have crashes?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users