Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBR: \\. \PHYSICALDRIVE0\Partition 3 and Alureon.E


  • This topic is locked This topic is locked
7 replies to this topic

#1 Bradix

Bradix

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 07 March 2012 - 05:55 PM

Avast has scanned and is not able to remove MBR:\\.\PHYSICALDRIVE0\Partition 3

Microsoft Security Essentials is unable to remove Trojan:DOS/Alureon.E


Any Help to remove both of these as well as any Other Possible threats would be greatly appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 08 March 2012 - 05:54 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Bradix

Bradix
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 08 March 2012 - 06:57 AM

06:42:29.0046 4000 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
06:42:29.0394 4000 ============================================================
06:42:29.0394 4000 Current date / time: 2012/03/08 06:42:29.0394
06:42:29.0394 4000 SystemInfo:
06:42:29.0394 4000
06:42:29.0394 4000 OS Version: 6.1.7601 ServicePack: 1.0
06:42:29.0394 4000 Product type: Workstation
06:42:29.0395 4000 ComputerName: KEB-656853
06:42:29.0395 4000 UserName: Kris
06:42:29.0395 4000 Windows directory: C:\Windows
06:42:29.0395 4000 System windows directory: C:\Windows
06:42:29.0395 4000 Running under WOW64
06:42:29.0395 4000 Processor architecture: Intel x64
06:42:29.0395 4000 Number of processors: 2
06:42:29.0395 4000 Page size: 0x1000
06:42:29.0395 4000 Boot type: Normal boot
06:42:29.0395 4000 ============================================================
06:42:30.0423 4000 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
06:42:30.0434 4000 \Device\Harddisk0\DR0:
06:42:30.0435 4000 MBR used
06:42:30.0435 4000 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:42:30.0435 4000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
06:42:30.0468 4000 Initialize success
06:42:30.0469 4000 ============================================================
06:43:07.0542 2844 ============================================================
06:43:07.0542 2844 Scan started
06:43:07.0542 2844 Mode: Manual; TDLFS;
06:43:07.0542 2844 ============================================================
06:43:08.0569 2844 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
06:43:08.0573 2844 1394ohci - ok
06:43:08.0595 2844 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
06:43:08.0601 2844 ACPI - ok
06:43:08.0621 2844 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
06:43:08.0623 2844 AcpiPmi - ok
06:43:08.0673 2844 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
06:43:08.0681 2844 adp94xx - ok
06:43:08.0694 2844 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
06:43:08.0700 2844 adpahci - ok
06:43:08.0712 2844 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
06:43:08.0715 2844 adpu320 - ok
06:43:08.0771 2844 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
06:43:08.0777 2844 AFD - ok
06:43:08.0790 2844 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
06:43:08.0792 2844 agp440 - ok
06:43:08.0806 2844 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
06:43:08.0807 2844 aliide - ok
06:43:08.0825 2844 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
06:43:08.0826 2844 amdide - ok
06:43:08.0874 2844 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
06:43:08.0878 2844 AmdK8 - ok
06:43:08.0909 2844 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
06:43:08.0912 2844 AmdPPM - ok
06:43:08.0931 2844 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
06:43:08.0935 2844 amdsata - ok
06:43:08.0951 2844 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
06:43:08.0957 2844 amdsbs - ok
06:43:08.0974 2844 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
06:43:08.0976 2844 amdxata - ok
06:43:09.0021 2844 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
06:43:09.0024 2844 AppID - ok
06:43:09.0058 2844 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
06:43:09.0061 2844 arc - ok
06:43:09.0071 2844 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
06:43:09.0074 2844 arcsas - ok
06:43:09.0110 2844 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
06:43:09.0111 2844 aswFsBlk - ok
06:43:09.0172 2844 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
06:43:09.0176 2844 aswMonFlt - ok
06:43:09.0205 2844 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
06:43:09.0209 2844 aswRdr - ok
06:43:09.0271 2844 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
06:43:09.0292 2844 aswSnx - ok
06:43:09.0337 2844 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
06:43:09.0346 2844 aswSP - ok
06:43:09.0373 2844 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
06:43:09.0377 2844 aswTdi - ok
06:43:09.0426 2844 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
06:43:09.0428 2844 AsyncMac - ok
06:43:09.0468 2844 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
06:43:09.0469 2844 atapi - ok
06:43:09.0541 2844 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
06:43:09.0557 2844 b06bdrv - ok
06:43:09.0585 2844 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
06:43:09.0589 2844 b57nd60a - ok
06:43:09.0618 2844 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
06:43:09.0620 2844 Beep - ok
06:43:09.0663 2844 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
06:43:09.0665 2844 blbdrive - ok
06:43:09.0704 2844 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
06:43:09.0706 2844 bowser - ok
06:43:09.0720 2844 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:43:09.0722 2844 BrFiltLo - ok
06:43:09.0735 2844 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:43:09.0737 2844 BrFiltUp - ok
06:43:09.0768 2844 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
06:43:09.0772 2844 Brserid - ok
06:43:09.0786 2844 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
06:43:09.0788 2844 BrSerWdm - ok
06:43:09.0796 2844 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
06:43:09.0797 2844 BrUsbMdm - ok
06:43:09.0808 2844 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
06:43:09.0809 2844 BrUsbSer - ok
06:43:09.0825 2844 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
06:43:09.0827 2844 BTHMODEM - ok
06:43:09.0843 2844 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
06:43:09.0845 2844 cdfs - ok
06:43:09.0896 2844 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
06:43:09.0901 2844 cdrom - ok
06:43:09.0938 2844 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
06:43:09.0941 2844 circlass - ok
06:43:09.0973 2844 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
06:43:09.0983 2844 CLFS - ok
06:43:10.0038 2844 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
06:43:10.0040 2844 CmBatt - ok
06:43:10.0073 2844 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
06:43:10.0075 2844 cmdide - ok
06:43:10.0110 2844 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
06:43:10.0118 2844 CNG - ok
06:43:10.0138 2844 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
06:43:10.0140 2844 Compbatt - ok
06:43:10.0175 2844 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
06:43:10.0177 2844 CompositeBus - ok
06:43:10.0190 2844 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
06:43:10.0192 2844 crcdisk - ok
06:43:10.0248 2844 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
06:43:10.0256 2844 CSC - ok
06:43:10.0313 2844 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
06:43:10.0317 2844 DfsC - ok
06:43:10.0347 2844 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
06:43:10.0349 2844 discache - ok
06:43:10.0377 2844 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
06:43:10.0379 2844 Disk - ok
06:43:10.0430 2844 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
06:43:10.0432 2844 drmkaud - ok
06:43:10.0480 2844 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
06:43:10.0506 2844 DXGKrnl - ok
06:43:10.0568 2844 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
06:43:10.0625 2844 ebdrv - ok
06:43:10.0673 2844 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
06:43:10.0687 2844 elxstor - ok
06:43:10.0722 2844 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
06:43:10.0725 2844 ErrDev - ok
06:43:10.0765 2844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
06:43:10.0769 2844 exfat - ok
06:43:10.0788 2844 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
06:43:10.0792 2844 fastfat - ok
06:43:10.0810 2844 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
06:43:10.0812 2844 fdc - ok
06:43:10.0841 2844 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
06:43:10.0843 2844 FileInfo - ok
06:43:10.0864 2844 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
06:43:10.0866 2844 Filetrace - ok
06:43:10.0881 2844 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
06:43:10.0883 2844 flpydisk - ok
06:43:10.0918 2844 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
06:43:10.0923 2844 FltMgr - ok
06:43:10.0943 2844 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
06:43:10.0944 2844 FsDepends - ok
06:43:10.0964 2844 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
06:43:10.0965 2844 Fs_Rec - ok
06:43:11.0023 2844 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
06:43:11.0030 2844 fvevol - ok
06:43:11.0066 2844 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
06:43:11.0070 2844 gagp30kx - ok
06:43:11.0093 2844 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
06:43:11.0095 2844 hcw85cir - ok
06:43:11.0150 2844 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
06:43:11.0156 2844 HdAudAddService - ok
06:43:11.0172 2844 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
06:43:11.0174 2844 HDAudBus - ok
06:43:11.0184 2844 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
06:43:11.0186 2844 HidBatt - ok
06:43:11.0203 2844 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
06:43:11.0206 2844 HidBth - ok
06:43:11.0231 2844 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
06:43:11.0233 2844 HidIr - ok
06:43:11.0250 2844 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
06:43:11.0252 2844 HidUsb - ok
06:43:11.0276 2844 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
06:43:11.0278 2844 HpSAMD - ok
06:43:11.0319 2844 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
06:43:11.0330 2844 HTTP - ok
06:43:11.0362 2844 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
06:43:11.0364 2844 hwpolicy - ok
06:43:11.0382 2844 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
06:43:11.0385 2844 i8042prt - ok
06:43:11.0410 2844 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
06:43:11.0417 2844 iaStorV - ok
06:43:11.0461 2844 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
06:43:11.0464 2844 iirsp - ok
06:43:11.0486 2844 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
06:43:11.0488 2844 intelide - ok
06:43:11.0514 2844 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
06:43:11.0516 2844 intelppm - ok
06:43:11.0579 2844 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:43:11.0582 2844 IpFilterDriver - ok
06:43:11.0609 2844 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
06:43:11.0612 2844 IPMIDRV - ok
06:43:11.0633 2844 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
06:43:11.0636 2844 IPNAT - ok
06:43:11.0663 2844 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
06:43:11.0664 2844 IRENUM - ok
06:43:11.0685 2844 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
06:43:11.0687 2844 isapnp - ok
06:43:11.0706 2844 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
06:43:11.0711 2844 iScsiPrt - ok
06:43:11.0731 2844 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
06:43:11.0734 2844 kbdclass - ok
06:43:11.0771 2844 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
06:43:11.0773 2844 kbdhid - ok
06:43:11.0811 2844 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
06:43:11.0814 2844 KSecDD - ok
06:43:11.0827 2844 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
06:43:11.0830 2844 KSecPkg - ok
06:43:11.0866 2844 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
06:43:11.0867 2844 ksthunk - ok
06:43:11.0912 2844 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
06:43:11.0914 2844 lltdio - ok
06:43:11.0940 2844 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
06:43:11.0944 2844 LSI_FC - ok
06:43:11.0956 2844 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
06:43:11.0958 2844 LSI_SAS - ok
06:43:11.0971 2844 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:43:11.0974 2844 LSI_SAS2 - ok
06:43:11.0987 2844 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:43:11.0990 2844 LSI_SCSI - ok
06:43:12.0001 2844 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
06:43:12.0004 2844 luafv - ok
06:43:12.0017 2844 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
06:43:12.0019 2844 megasas - ok
06:43:12.0031 2844 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
06:43:12.0035 2844 MegaSR - ok
06:43:12.0062 2844 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
06:43:12.0064 2844 Modem - ok
06:43:12.0116 2844 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
06:43:12.0119 2844 monitor - ok
06:43:12.0166 2844 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
06:43:12.0170 2844 mouclass - ok
06:43:12.0191 2844 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
06:43:12.0194 2844 mouhid - ok
06:43:12.0230 2844 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
06:43:12.0233 2844 mountmgr - ok
06:43:12.0285 2844 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
06:43:12.0289 2844 MpFilter - ok
06:43:12.0325 2844 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
06:43:12.0330 2844 mpio - ok
06:43:12.0347 2844 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
06:43:12.0348 2844 MpNWMon - ok
06:43:12.0363 2844 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
06:43:12.0366 2844 mpsdrv - ok
06:43:12.0403 2844 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
06:43:12.0406 2844 MRxDAV - ok
06:43:12.0439 2844 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:43:12.0443 2844 mrxsmb - ok
06:43:12.0458 2844 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:43:12.0463 2844 mrxsmb10 - ok
06:43:12.0502 2844 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:43:12.0505 2844 mrxsmb20 - ok
06:43:12.0540 2844 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
06:43:12.0542 2844 msahci - ok
06:43:12.0578 2844 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
06:43:12.0581 2844 msdsm - ok
06:43:12.0621 2844 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
06:43:12.0623 2844 Msfs - ok
06:43:12.0640 2844 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
06:43:12.0642 2844 mshidkmdf - ok
06:43:12.0652 2844 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
06:43:12.0654 2844 msisadrv - ok
06:43:12.0689 2844 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
06:43:12.0691 2844 MSKSSRV - ok
06:43:12.0724 2844 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
06:43:12.0726 2844 MSPCLOCK - ok
06:43:12.0743 2844 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
06:43:12.0745 2844 MSPQM - ok
06:43:12.0789 2844 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
06:43:12.0796 2844 MsRPC - ok
06:43:12.0831 2844 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
06:43:12.0833 2844 mssmbios - ok
06:43:12.0843 2844 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
06:43:12.0845 2844 MSTEE - ok
06:43:12.0856 2844 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
06:43:12.0858 2844 MTConfig - ok
06:43:12.0879 2844 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
06:43:12.0880 2844 Mup - ok
06:43:12.0912 2844 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
06:43:12.0916 2844 NativeWifiP - ok
06:43:12.0972 2844 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
06:43:12.0999 2844 NDIS - ok
06:43:13.0022 2844 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
06:43:13.0025 2844 NdisCap - ok
06:43:13.0057 2844 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
06:43:13.0060 2844 NdisTapi - ok
06:43:13.0093 2844 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
06:43:13.0095 2844 Ndisuio - ok
06:43:13.0139 2844 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
06:43:13.0143 2844 NdisWan - ok
06:43:13.0188 2844 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
06:43:13.0190 2844 NDProxy - ok
06:43:13.0221 2844 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
06:43:13.0223 2844 NetBIOS - ok
06:43:13.0266 2844 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
06:43:13.0270 2844 NetBT - ok
06:43:13.0308 2844 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
06:43:13.0311 2844 nfrd960 - ok
06:43:13.0349 2844 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:43:13.0353 2844 NisDrv - ok
06:43:13.0376 2844 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
06:43:13.0378 2844 Npfs - ok
06:43:13.0402 2844 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
06:43:13.0404 2844 nsiproxy - ok
06:43:13.0476 2844 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
06:43:13.0523 2844 Ntfs - ok
06:43:13.0541 2844 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
06:43:13.0543 2844 Null - ok
06:43:13.0805 2844 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
06:43:14.0016 2844 nvlddmkm - ok
06:43:14.0045 2844 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
06:43:14.0048 2844 nvraid - ok
06:43:14.0086 2844 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
06:43:14.0089 2844 nvstor - ok
06:43:14.0113 2844 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
06:43:14.0116 2844 nv_agp - ok
06:43:14.0147 2844 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
06:43:14.0149 2844 ohci1394 - ok
06:43:14.0185 2844 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
06:43:14.0187 2844 Parport - ok
06:43:14.0218 2844 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
06:43:14.0219 2844 partmgr - ok
06:43:14.0241 2844 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
06:43:14.0244 2844 pci - ok
06:43:14.0257 2844 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
06:43:14.0259 2844 pciide - ok
06:43:14.0279 2844 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
06:43:14.0282 2844 pcmcia - ok
06:43:14.0298 2844 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
06:43:14.0300 2844 pcw - ok
06:43:14.0321 2844 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
06:43:14.0328 2844 PEAUTH - ok
06:43:14.0398 2844 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
06:43:14.0403 2844 PptpMiniport - ok
06:43:14.0429 2844 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
06:43:14.0432 2844 Processor - ok
06:43:14.0467 2844 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
06:43:14.0470 2844 Psched - ok
06:43:14.0500 2844 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
06:43:14.0522 2844 ql2300 - ok
06:43:14.0540 2844 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
06:43:14.0543 2844 ql40xx - ok
06:43:14.0565 2844 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
06:43:14.0567 2844 QWAVEdrv - ok
06:43:14.0584 2844 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
06:43:14.0585 2844 RasAcd - ok
06:43:14.0617 2844 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
06:43:14.0619 2844 RasAgileVpn - ok
06:43:14.0655 2844 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:43:14.0657 2844 Rasl2tp - ok
06:43:14.0669 2844 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
06:43:14.0671 2844 RasPppoe - ok
06:43:14.0683 2844 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
06:43:14.0685 2844 RasSstp - ok
06:43:14.0721 2844 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
06:43:14.0729 2844 rdbss - ok
06:43:14.0750 2844 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
06:43:14.0753 2844 rdpbus - ok
06:43:14.0786 2844 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:43:14.0788 2844 RDPCDD - ok
06:43:14.0826 2844 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
06:43:14.0830 2844 RDPDR - ok
06:43:14.0840 2844 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
06:43:14.0842 2844 RDPENCDD - ok
06:43:14.0868 2844 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
06:43:14.0869 2844 RDPREFMP - ok
06:43:14.0926 2844 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
06:43:14.0929 2844 RdpVideoMiniport - ok
06:43:14.0971 2844 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
06:43:14.0977 2844 RDPWD - ok
06:43:15.0023 2844 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
06:43:15.0030 2844 rdyboost - ok
06:43:15.0107 2844 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
06:43:15.0109 2844 rspndr - ok
06:43:15.0146 2844 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
06:43:15.0153 2844 RTL8167 - ok
06:43:15.0187 2844 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
06:43:15.0190 2844 s3cap - ok
06:43:15.0229 2844 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
06:43:15.0232 2844 sbp2port - ok
06:43:15.0271 2844 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
06:43:15.0273 2844 scfilter - ok
06:43:15.0299 2844 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
06:43:15.0302 2844 secdrv - ok
06:43:15.0329 2844 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
06:43:15.0330 2844 Serenum - ok
06:43:15.0351 2844 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
06:43:15.0353 2844 Serial - ok
06:43:15.0376 2844 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
06:43:15.0378 2844 sermouse - ok
06:43:15.0409 2844 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
06:43:15.0411 2844 sffdisk - ok
06:43:15.0422 2844 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
06:43:15.0423 2844 sffp_mmc - ok
06:43:15.0437 2844 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
06:43:15.0438 2844 sffp_sd - ok
06:43:15.0458 2844 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
06:43:15.0459 2844 sfloppy - ok
06:43:15.0499 2844 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:43:15.0500 2844 SiSRaid2 - ok
06:43:15.0509 2844 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
06:43:15.0511 2844 SiSRaid4 - ok
06:43:15.0539 2844 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
06:43:15.0541 2844 Smb - ok
06:43:15.0572 2844 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
06:43:15.0573 2844 spldr - ok
06:43:15.0614 2844 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
06:43:15.0620 2844 srv - ok
06:43:15.0651 2844 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
06:43:15.0661 2844 srv2 - ok
06:43:15.0710 2844 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
06:43:15.0717 2844 srvnet - ok
06:43:15.0782 2844 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
06:43:15.0784 2844 stexstor - ok
06:43:15.0828 2844 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
06:43:15.0831 2844 storflt - ok
06:43:15.0846 2844 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
06:43:15.0848 2844 storvsc - ok
06:43:15.0865 2844 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
06:43:15.0867 2844 swenum - ok
06:43:15.0913 2844 Synth3dVsc - ok
06:43:16.0002 2844 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
06:43:16.0049 2844 Tcpip - ok
06:43:16.0107 2844 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
06:43:16.0123 2844 TCPIP6 - ok
06:43:16.0159 2844 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
06:43:16.0160 2844 tcpipreg - ok
06:43:16.0191 2844 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
06:43:16.0193 2844 TDPIPE - ok
06:43:16.0214 2844 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
06:43:16.0215 2844 TDTCP - ok
06:43:16.0240 2844 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
06:43:16.0242 2844 tdx - ok
06:43:16.0285 2844 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
06:43:16.0290 2844 TermDD - ok
06:43:16.0353 2844 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:43:16.0355 2844 tssecsrv - ok
06:43:16.0398 2844 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
06:43:16.0401 2844 TsUsbFlt - ok
06:43:16.0409 2844 tsusbhub - ok
06:43:16.0455 2844 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
06:43:16.0458 2844 tunnel - ok
06:43:16.0495 2844 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
06:43:16.0500 2844 uagp35 - ok
06:43:16.0549 2844 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
06:43:16.0556 2844 udfs - ok
06:43:16.0601 2844 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
06:43:16.0604 2844 uliagpkx - ok
06:43:16.0644 2844 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
06:43:16.0646 2844 umbus - ok
06:43:16.0666 2844 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
06:43:16.0669 2844 UmPass - ok
06:43:16.0698 2844 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
06:43:16.0701 2844 usbccgp - ok
06:43:16.0736 2844 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
06:43:16.0739 2844 usbcir - ok
06:43:16.0764 2844 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
06:43:16.0767 2844 usbehci - ok
06:43:16.0804 2844 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
06:43:16.0810 2844 usbhub - ok
06:43:16.0832 2844 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
06:43:16.0834 2844 usbohci - ok
06:43:16.0853 2844 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
06:43:16.0855 2844 usbprint - ok
06:43:16.0878 2844 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
06:43:16.0881 2844 USBSTOR - ok
06:43:16.0901 2844 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
06:43:16.0903 2844 usbuhci - ok
06:43:16.0937 2844 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
06:43:16.0939 2844 vdrvroot - ok
06:43:16.0962 2844 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
06:43:16.0965 2844 vga - ok
06:43:16.0987 2844 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
06:43:16.0990 2844 VgaSave - ok
06:43:16.0999 2844 VGPU - ok
06:43:17.0037 2844 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
06:43:17.0041 2844 vhdmp - ok
06:43:17.0109 2844 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys
06:43:17.0136 2844 VIAHdAudAddService - ok
06:43:17.0173 2844 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
06:43:17.0175 2844 viaide - ok
06:43:17.0209 2844 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
06:43:17.0214 2844 vmbus - ok
06:43:17.0245 2844 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
06:43:17.0247 2844 VMBusHID - ok
06:43:17.0268 2844 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
06:43:17.0271 2844 volmgr - ok
06:43:17.0310 2844 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
06:43:17.0317 2844 volmgrx - ok
06:43:17.0362 2844 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
06:43:17.0368 2844 volsnap - ok
06:43:17.0414 2844 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
06:43:17.0418 2844 vsmraid - ok
06:43:17.0442 2844 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
06:43:17.0444 2844 vwifibus - ok
06:43:17.0473 2844 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
06:43:17.0475 2844 WacomPen - ok
06:43:17.0509 2844 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
06:43:17.0512 2844 WANARP - ok
06:43:17.0518 2844 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
06:43:17.0520 2844 Wanarpv6 - ok
06:43:17.0572 2844 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
06:43:17.0574 2844 Wd - ok
06:43:17.0589 2844 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
06:43:17.0597 2844 Wdf01000 - ok
06:43:17.0645 2844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
06:43:17.0647 2844 WfpLwf - ok
06:43:17.0666 2844 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
06:43:17.0668 2844 WIMMount - ok
06:43:17.0727 2844 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
06:43:17.0729 2844 WmiAcpi - ok
06:43:17.0755 2844 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
06:43:17.0756 2844 ws2ifsl - ok
06:43:17.0800 2844 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
06:43:17.0802 2844 WudfPf - ok
06:43:17.0825 2844 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
06:43:17.0971 2844 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
06:43:17.0971 2844 \Device\Harddisk0\DR0 - detected TDSS File System (1)
06:43:18.0007 2844 Boot (0x1200) (d6c65b4dfb4e2e29ce83d7cf59a662a2) \Device\Harddisk0\DR0\Partition0
06:43:18.0009 2844 \Device\Harddisk0\DR0\Partition0 - ok
06:43:18.0016 2844 Boot (0x1200) (5c946b4f131168751130991049ec05f9) \Device\Harddisk0\DR0\Partition1
06:43:18.0018 2844 \Device\Harddisk0\DR0\Partition1 - ok
06:43:18.0023 2844 ============================================================
06:43:18.0023 2844 Scan finished
06:43:18.0023 2844 ============================================================
06:43:18.0045 2308 Detected object count: 1
06:43:18.0045 2308 Actual detected object count: 1


GMER won't work according to your note of it not working with my 64 bit, so skipped it.












aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-08 06:49:31
-----------------------------
06:49:31.848 OS Version: Windows x64 6.1.7601 Service Pack 1
06:49:31.848 Number of processors: 2 586 0x602
06:49:31.849 ComputerName: KEB-656853 UserName: Kris
06:49:34.440 Initialize success
06:49:34.752 AVAST engine defs: 12030800
06:49:54.423 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-7
06:49:54.428 Disk 0 Vendor: WDC_WD5000AAKX-001CA0 15.01H15 Size: 476940MB BusType: 3
06:49:54.450 Disk 0 MBR read successfully
06:49:54.456 Disk 0 MBR scan
06:49:54.463 Disk 0 Windows 7 default MBR code
06:49:54.470 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 100 MB offset 2048
06:49:54.484 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 476838 MB offset 206848
06:49:54.517 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 976771072
06:49:54.523 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk]
06:49:54.559 Disk 0 scanning C:\Windows\system32\drivers
06:50:01.055 Service scanning
06:50:06.962 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
06:50:15.360 Modules scanning
06:50:15.379 Disk 0 trace - called modules:
06:50:15.398 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
06:50:15.409 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a6d610]
06:50:15.417 3 CLASSPNP.SYS[fffff880019aa43f] -> nt!IofCallDriver -> [0xfffffa8004875520]
06:50:15.424 5 ACPI.sys[fffff88000fa27a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-7[0xfffffa800486c680]
06:50:17.138 AVAST engine scan C:\Windows
06:50:21.998 AVAST engine scan C:\Windows\system32
06:53:06.669 AVAST engine scan C:\Windows\system32\drivers
06:53:25.727 AVAST engine scan C:\Users\Kris
06:55:14.822 Disk 0 MBR has been saved successfully to "C:\Users\Kris\Documents\MBR.dat"
06:55:14.887 The log file has been saved successfully to "C:\Users\Kris\Documents\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 08 March 2012 - 07:10 AM

TDSSkiller log is incomplete

Restart the PC

Run tdsskiller and aswmbr again and post the new logs

#5 Bradix

Bradix
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 08 March 2012 - 03:54 PM

Sorry for the long delay, I had to go to work and just got back.... also I went to reboot the computer and It will not reboot back normally and just hangs at a black screen with just the mouse icon, so I had to go into safe-mode with networking for these logs.





15:43:09.0358 0972 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
15:43:09.0966 0972 ============================================================
15:43:09.0966 0972 Current date / time: 2012/03/08 15:43:09.0966
15:43:09.0966 0972 SystemInfo:
15:43:09.0966 0972
15:43:09.0966 0972 OS Version: 6.1.7601 ServicePack: 1.0
15:43:09.0966 0972 Product type: Workstation
15:43:09.0982 0972 ComputerName: KEB-656853
15:43:09.0982 0972 UserName: Kris
15:43:09.0982 0972 Windows directory: C:\Windows
15:43:09.0982 0972 System windows directory: C:\Windows
15:43:09.0982 0972 Running under WOW64
15:43:09.0982 0972 Processor architecture: Intel x64
15:43:09.0982 0972 Number of processors: 2
15:43:09.0982 0972 Page size: 0x1000
15:43:09.0982 0972 Boot type: Safe boot with network
15:43:09.0982 0972 ============================================================
15:43:11.0277 0972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
15:43:11.0277 0972 \Device\Harddisk0\DR0:
15:43:11.0277 0972 MBR used
15:43:11.0277 0972 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:43:11.0277 0972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:43:11.0323 0972 Initialize success
15:43:11.0323 0972 ============================================================
15:43:21.0963 0780 ============================================================
15:43:21.0963 0780 Scan started
15:43:21.0963 0780 Mode: Manual; TDLFS;
15:43:21.0963 0780 ============================================================
15:43:23.0273 0780 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:43:23.0273 0780 1394ohci - ok
15:43:23.0304 0780 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:43:23.0320 0780 ACPI - ok
15:43:23.0335 0780 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:43:23.0335 0780 AcpiPmi - ok
15:43:23.0382 0780 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:43:23.0382 0780 adp94xx - ok
15:43:23.0398 0780 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:43:23.0398 0780 adpahci - ok
15:43:23.0413 0780 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:43:23.0413 0780 adpu320 - ok
15:43:23.0476 0780 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:43:23.0476 0780 AFD - ok
15:43:23.0507 0780 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:43:23.0523 0780 agp440 - ok
15:43:23.0523 0780 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:43:23.0538 0780 aliide - ok
15:43:23.0538 0780 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:43:23.0538 0780 amdide - ok
15:43:23.0585 0780 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:43:23.0585 0780 AmdK8 - ok
15:43:23.0601 0780 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:43:23.0601 0780 AmdPPM - ok
15:43:23.0632 0780 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:43:23.0632 0780 amdsata - ok
15:43:23.0647 0780 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:43:23.0647 0780 amdsbs - ok
15:43:23.0663 0780 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:43:23.0663 0780 amdxata - ok
15:43:23.0710 0780 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:43:23.0710 0780 AppID - ok
15:43:23.0741 0780 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:43:23.0741 0780 arc - ok
15:43:23.0741 0780 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:43:23.0741 0780 arcsas - ok
15:43:23.0788 0780 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
15:43:23.0788 0780 aswFsBlk - ok
15:43:23.0835 0780 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
15:43:23.0835 0780 aswMonFlt - ok
15:43:23.0866 0780 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
15:43:23.0866 0780 aswRdr - ok
15:43:23.0928 0780 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
15:43:23.0928 0780 aswSnx - ok
15:43:23.0959 0780 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
15:43:23.0959 0780 aswSP - ok
15:43:23.0975 0780 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
15:43:23.0975 0780 aswTdi - ok
15:43:24.0022 0780 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:24.0022 0780 AsyncMac - ok
15:43:24.0053 0780 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:43:24.0053 0780 atapi - ok
15:43:24.0084 0780 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:43:24.0100 0780 b06bdrv - ok
15:43:24.0115 0780 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:43:24.0115 0780 b57nd60a - ok
15:43:24.0147 0780 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:43:24.0147 0780 Beep - ok
15:43:24.0193 0780 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:43:24.0193 0780 blbdrive - ok
15:43:24.0240 0780 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:43:24.0240 0780 bowser - ok
15:43:24.0256 0780 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:43:24.0256 0780 BrFiltLo - ok
15:43:24.0271 0780 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:43:24.0271 0780 BrFiltUp - ok
15:43:24.0287 0780 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:43:24.0303 0780 Brserid - ok
15:43:24.0303 0780 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:43:24.0318 0780 BrSerWdm - ok
15:43:24.0318 0780 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:43:24.0318 0780 BrUsbMdm - ok
15:43:24.0334 0780 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:43:24.0334 0780 BrUsbSer - ok
15:43:24.0349 0780 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:43:24.0349 0780 BTHMODEM - ok
15:43:24.0365 0780 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:43:24.0365 0780 cdfs - ok
15:43:24.0412 0780 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:43:24.0412 0780 cdrom - ok
15:43:24.0443 0780 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:43:24.0443 0780 circlass - ok
15:43:24.0474 0780 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:43:24.0474 0780 CLFS - ok
15:43:24.0505 0780 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:43:24.0505 0780 CmBatt - ok
15:43:24.0552 0780 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:43:24.0552 0780 cmdide - ok
15:43:24.0583 0780 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:43:24.0583 0780 CNG - ok
15:43:24.0599 0780 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:43:24.0599 0780 Compbatt - ok
15:43:24.0646 0780 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:43:24.0646 0780 CompositeBus - ok
15:43:24.0661 0780 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:43:24.0661 0780 crcdisk - ok
15:43:24.0708 0780 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:43:24.0708 0780 CSC - ok
15:43:24.0755 0780 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:43:24.0755 0780 DfsC - ok
15:43:24.0771 0780 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:43:24.0771 0780 discache - ok
15:43:24.0802 0780 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:43:24.0802 0780 Disk - ok
15:43:24.0849 0780 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:43:24.0849 0780 drmkaud - ok
15:43:24.0895 0780 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:43:24.0895 0780 DXGKrnl - ok
15:43:24.0958 0780 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:43:25.0005 0780 ebdrv - ok
15:43:25.0036 0780 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:43:25.0036 0780 elxstor - ok
15:43:25.0067 0780 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:43:25.0067 0780 ErrDev - ok
15:43:25.0083 0780 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:43:25.0098 0780 exfat - ok
15:43:25.0098 0780 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:43:25.0098 0780 fastfat - ok
15:43:25.0129 0780 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:43:25.0129 0780 fdc - ok
15:43:25.0192 0780 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:43:25.0192 0780 FileInfo - ok
15:43:25.0208 0780 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:43:25.0208 0780 Filetrace - ok
15:43:25.0223 0780 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:43:25.0223 0780 flpydisk - ok
15:43:25.0270 0780 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:43:25.0270 0780 FltMgr - ok
15:43:25.0286 0780 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:43:25.0286 0780 FsDepends - ok
15:43:25.0301 0780 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:43:25.0301 0780 Fs_Rec - ok
15:43:25.0364 0780 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:43:25.0379 0780 fvevol - ok
15:43:25.0395 0780 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:43:25.0395 0780 gagp30kx - ok
15:43:25.0410 0780 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:43:25.0410 0780 hcw85cir - ok
15:43:25.0457 0780 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:43:25.0457 0780 HdAudAddService - ok
15:43:25.0473 0780 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:43:25.0473 0780 HDAudBus - ok
15:43:25.0488 0780 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:43:25.0488 0780 HidBatt - ok
15:43:25.0504 0780 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:43:25.0504 0780 HidBth - ok
15:43:25.0535 0780 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:43:25.0535 0780 HidIr - ok
15:43:25.0551 0780 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:43:25.0551 0780 HidUsb - ok
15:43:25.0598 0780 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:43:25.0598 0780 HpSAMD - ok
15:43:25.0629 0780 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:43:25.0629 0780 HTTP - ok
15:43:25.0676 0780 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:43:25.0676 0780 hwpolicy - ok
15:43:25.0707 0780 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:43:25.0707 0780 i8042prt - ok
15:43:25.0738 0780 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:43:25.0738 0780 iaStorV - ok
15:43:25.0769 0780 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:43:25.0785 0780 iirsp - ok
15:43:25.0800 0780 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:43:25.0800 0780 intelide - ok
15:43:25.0816 0780 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:43:25.0816 0780 intelppm - ok
15:43:25.0847 0780 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:25.0847 0780 IpFilterDriver - ok
15:43:25.0894 0780 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:43:25.0894 0780 IPMIDRV - ok
15:43:25.0910 0780 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:43:25.0910 0780 IPNAT - ok
15:43:25.0941 0780 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:43:25.0941 0780 IRENUM - ok
15:43:25.0956 0780 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:43:25.0956 0780 isapnp - ok
15:43:25.0988 0780 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:43:25.0988 0780 iScsiPrt - ok
15:43:26.0019 0780 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:43:26.0019 0780 kbdclass - ok
15:43:26.0066 0780 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:43:26.0066 0780 kbdhid - ok
15:43:26.0097 0780 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:43:26.0097 0780 KSecDD - ok
15:43:26.0112 0780 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:43:26.0112 0780 KSecPkg - ok
15:43:26.0144 0780 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:43:26.0144 0780 ksthunk - ok
15:43:26.0190 0780 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:43:26.0190 0780 lltdio - ok
15:43:26.0222 0780 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:43:26.0222 0780 LSI_FC - ok
15:43:26.0237 0780 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:43:26.0237 0780 LSI_SAS - ok
15:43:26.0237 0780 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:43:26.0237 0780 LSI_SAS2 - ok
15:43:26.0253 0780 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:43:26.0253 0780 LSI_SCSI - ok
15:43:26.0268 0780 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:43:26.0268 0780 luafv - ok
15:43:26.0268 0780 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:43:26.0284 0780 megasas - ok
15:43:26.0284 0780 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:43:26.0284 0780 MegaSR - ok
15:43:26.0315 0780 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:43:26.0315 0780 Modem - ok
15:43:26.0362 0780 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:43:26.0362 0780 monitor - ok
15:43:26.0393 0780 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:43:26.0393 0780 mouclass - ok
15:43:26.0409 0780 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:43:26.0409 0780 mouhid - ok
15:43:26.0440 0780 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:43:26.0440 0780 mountmgr - ok
15:43:26.0471 0780 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
15:43:26.0471 0780 MpFilter - ok
15:43:26.0518 0780 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:43:26.0518 0780 mpio - ok
15:43:26.0534 0780 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:43:26.0534 0780 MpNWMon - ok
15:43:26.0549 0780 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:43:26.0549 0780 mpsdrv - ok
15:43:26.0580 0780 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:43:26.0580 0780 MRxDAV - ok
15:43:26.0627 0780 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:26.0627 0780 mrxsmb - ok
15:43:26.0643 0780 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:26.0643 0780 mrxsmb10 - ok
15:43:26.0674 0780 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:26.0674 0780 mrxsmb20 - ok
15:43:26.0705 0780 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:43:26.0705 0780 msahci - ok
15:43:26.0736 0780 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:43:26.0736 0780 msdsm - ok
15:43:26.0783 0780 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:43:26.0783 0780 Msfs - ok
15:43:26.0799 0780 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:43:26.0799 0780 mshidkmdf - ok
15:43:26.0830 0780 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:43:26.0830 0780 msisadrv - ok
15:43:26.0861 0780 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:43:26.0861 0780 MSKSSRV - ok
15:43:26.0892 0780 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:26.0892 0780 MSPCLOCK - ok
15:43:26.0892 0780 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:43:26.0908 0780 MSPQM - ok
15:43:26.0939 0780 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:43:26.0939 0780 MsRPC - ok
15:43:26.0955 0780 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:43:26.0955 0780 mssmbios - ok
15:43:26.0955 0780 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:43:26.0970 0780 MSTEE - ok
15:43:26.0970 0780 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:43:26.0970 0780 MTConfig - ok
15:43:26.0986 0780 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:43:27.0002 0780 Mup - ok
15:43:27.0033 0780 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:43:27.0033 0780 NativeWifiP - ok
15:43:27.0080 0780 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:43:27.0095 0780 NDIS - ok
15:43:27.0111 0780 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:27.0111 0780 NdisCap - ok
15:43:27.0142 0780 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:27.0142 0780 NdisTapi - ok
15:43:27.0189 0780 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:27.0189 0780 Ndisuio - ok
15:43:27.0220 0780 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:27.0220 0780 NdisWan - ok
15:43:27.0267 0780 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:43:27.0267 0780 NDProxy - ok
15:43:27.0282 0780 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:43:27.0282 0780 NetBIOS - ok
15:43:27.0314 0780 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:43:27.0314 0780 NetBT - ok
15:43:27.0345 0780 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:43:27.0345 0780 nfrd960 - ok
15:43:27.0392 0780 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:43:27.0392 0780 NisDrv - ok
15:43:27.0407 0780 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:43:27.0407 0780 Npfs - ok
15:43:27.0438 0780 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:43:27.0438 0780 nsiproxy - ok
15:43:27.0485 0780 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:43:27.0516 0780 Ntfs - ok
15:43:27.0532 0780 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:43:27.0532 0780 Null - ok
15:43:27.0750 0780 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:43:27.0922 0780 nvlddmkm - ok
15:43:27.0953 0780 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:43:27.0969 0780 nvraid - ok
15:43:28.0000 0780 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:43:28.0000 0780 nvstor - ok
15:43:28.0031 0780 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:43:28.0031 0780 nv_agp - ok
15:43:28.0062 0780 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:43:28.0062 0780 ohci1394 - ok
15:43:28.0094 0780 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:43:28.0109 0780 Parport - ok
15:43:28.0140 0780 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:43:28.0140 0780 partmgr - ok
15:43:28.0140 0780 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:43:28.0156 0780 pci - ok
15:43:28.0156 0780 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:43:28.0172 0780 pciide - ok
15:43:28.0187 0780 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:43:28.0187 0780 pcmcia - ok
15:43:28.0203 0780 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:43:28.0203 0780 pcw - ok
15:43:28.0234 0780 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:43:28.0234 0780 PEAUTH - ok
15:43:28.0296 0780 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:43:28.0312 0780 PptpMiniport - ok
15:43:28.0328 0780 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:43:28.0328 0780 Processor - ok
15:43:28.0359 0780 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:43:28.0359 0780 Psched - ok
15:43:28.0390 0780 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:43:28.0406 0780 ql2300 - ok
15:43:28.0421 0780 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:43:28.0421 0780 ql40xx - ok
15:43:28.0437 0780 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:43:28.0437 0780 QWAVEdrv - ok
15:43:28.0452 0780 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:43:28.0452 0780 RasAcd - ok
15:43:28.0484 0780 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:28.0484 0780 RasAgileVpn - ok
15:43:28.0530 0780 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:28.0530 0780 Rasl2tp - ok
15:43:28.0546 0780 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:28.0546 0780 RasPppoe - ok
15:43:28.0562 0780 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:43:28.0562 0780 RasSstp - ok
15:43:28.0593 0780 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:43:28.0593 0780 rdbss - ok
15:43:28.0608 0780 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:43:28.0608 0780 rdpbus - ok
15:43:28.0640 0780 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:43:28.0640 0780 RDPCDD - ok
15:43:28.0671 0780 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:43:28.0671 0780 RDPDR - ok
15:43:28.0686 0780 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:43:28.0686 0780 RDPENCDD - ok
15:43:28.0702 0780 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:43:28.0702 0780 RDPREFMP - ok
15:43:28.0764 0780 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
15:43:28.0764 0780 RdpVideoMiniport - ok
15:43:28.0796 0780 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:43:28.0796 0780 RDPWD - ok
15:43:28.0842 0780 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:43:28.0842 0780 rdyboost - ok
15:43:28.0889 0780 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:43:28.0889 0780 rspndr - ok
15:43:28.0920 0780 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:43:28.0920 0780 RTL8167 - ok
15:43:28.0952 0780 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:43:28.0952 0780 s3cap - ok
15:43:28.0983 0780 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:43:28.0983 0780 sbp2port - ok
15:43:29.0014 0780 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:43:29.0014 0780 scfilter - ok
15:43:29.0061 0780 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:43:29.0061 0780 secdrv - ok
15:43:29.0092 0780 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:43:29.0092 0780 Serenum - ok
15:43:29.0108 0780 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:43:29.0108 0780 Serial - ok
15:43:29.0139 0780 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:43:29.0139 0780 sermouse - ok
15:43:29.0170 0780 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:43:29.0170 0780 sffdisk - ok
15:43:29.0186 0780 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:43:29.0186 0780 sffp_mmc - ok
15:43:29.0201 0780 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:43:29.0201 0780 sffp_sd - ok
15:43:29.0201 0780 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:43:29.0201 0780 sfloppy - ok
15:43:29.0232 0780 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:43:29.0232 0780 SiSRaid2 - ok
15:43:29.0248 0780 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:43:29.0248 0780 SiSRaid4 - ok
15:43:29.0264 0780 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:43:29.0279 0780 Smb - ok
15:43:29.0295 0780 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:43:29.0295 0780 spldr - ok
15:43:29.0342 0780 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:43:29.0342 0780 srv - ok
15:43:29.0388 0780 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:43:29.0388 0780 srv2 - ok
15:43:29.0420 0780 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:43:29.0420 0780 srvnet - ok
15:43:29.0451 0780 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:43:29.0451 0780 stexstor - ok
15:43:29.0498 0780 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:43:29.0498 0780 storflt - ok
15:43:29.0513 0780 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:43:29.0513 0780 storvsc - ok
15:43:29.0529 0780 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:43:29.0529 0780 swenum - ok
15:43:29.0576 0780 Synth3dVsc - ok
15:43:29.0638 0780 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:43:29.0669 0780 Tcpip - ok
15:43:29.0716 0780 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:43:29.0732 0780 TCPIP6 - ok
15:43:29.0763 0780 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:43:29.0763 0780 tcpipreg - ok
15:43:29.0794 0780 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:43:29.0794 0780 TDPIPE - ok
15:43:29.0810 0780 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:43:29.0810 0780 TDTCP - ok
15:43:29.0841 0780 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:43:29.0841 0780 tdx - ok
15:43:29.0872 0780 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:43:29.0872 0780 TermDD - ok
15:43:29.0934 0780 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:29.0934 0780 tssecsrv - ok
15:43:29.0981 0780 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:43:29.0981 0780 TsUsbFlt - ok
15:43:29.0997 0780 tsusbhub - ok
15:43:30.0044 0780 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:43:30.0044 0780 tunnel - ok
15:43:30.0075 0780 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:43:30.0075 0780 uagp35 - ok
15:43:30.0106 0780 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:43:30.0106 0780 udfs - ok
15:43:30.0153 0780 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:43:30.0153 0780 uliagpkx - ok
15:43:30.0184 0780 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:43:30.0184 0780 umbus - ok
15:43:30.0200 0780 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:43:30.0215 0780 UmPass - ok
15:43:30.0231 0780 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:30.0231 0780 usbccgp - ok
15:43:30.0262 0780 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:43:30.0262 0780 usbcir - ok
15:43:30.0278 0780 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:43:30.0278 0780 usbehci - ok
15:43:30.0293 0780 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:43:30.0309 0780 usbhub - ok
15:43:30.0324 0780 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:43:30.0324 0780 usbohci - ok
15:43:30.0340 0780 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:43:30.0340 0780 usbprint - ok
15:43:30.0356 0780 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:43:30.0356 0780 USBSTOR - ok
15:43:30.0371 0780 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:43:30.0371 0780 usbuhci - ok
15:43:30.0402 0780 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:43:30.0402 0780 vdrvroot - ok
15:43:30.0449 0780 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:30.0449 0780 vga - ok
15:43:30.0480 0780 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:43:30.0480 0780 VgaSave - ok
15:43:30.0496 0780 VGPU - ok
15:43:30.0543 0780 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:43:30.0543 0780 vhdmp - ok
15:43:30.0605 0780 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys
15:43:30.0636 0780 VIAHdAudAddService - ok
15:43:30.0668 0780 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:43:30.0668 0780 viaide - ok
15:43:30.0699 0780 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:43:30.0699 0780 vmbus - ok
15:43:30.0730 0780 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:43:30.0730 0780 VMBusHID - ok
15:43:30.0761 0780 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:43:30.0761 0780 volmgr - ok
15:43:30.0792 0780 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:43:30.0808 0780 volmgrx - ok
15:43:30.0839 0780 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:43:30.0839 0780 volsnap - ok
15:43:30.0886 0780 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:43:30.0886 0780 vsmraid - ok
15:43:30.0902 0780 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:43:30.0902 0780 vwifibus - ok
15:43:30.0933 0780 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:43:30.0933 0780 WacomPen - ok
15:43:30.0964 0780 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:43:30.0964 0780 WANARP - ok
15:43:30.0964 0780 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:43:30.0964 0780 Wanarpv6 - ok
15:43:31.0011 0780 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:43:31.0011 0780 Wd - ok
15:43:31.0026 0780 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:43:31.0042 0780 Wdf01000 - ok
15:43:31.0089 0780 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:31.0089 0780 WfpLwf - ok
15:43:31.0120 0780 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:43:31.0120 0780 WIMMount - ok
15:43:31.0182 0780 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:43:31.0182 0780 WmiAcpi - ok
15:43:31.0198 0780 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:43:31.0198 0780 ws2ifsl - ok
15:43:31.0260 0780 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:43:31.0260 0780 WudfPf - ok
15:43:31.0292 0780 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:43:31.0448 0780 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:43:31.0448 0780 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:43:31.0479 0780 Boot (0x1200) (d6c65b4dfb4e2e29ce83d7cf59a662a2) \Device\Harddisk0\DR0\Partition0
15:43:31.0479 0780 \Device\Harddisk0\DR0\Partition0 - ok
15:43:31.0479 0780 Boot (0x1200) (5c946b4f131168751130991049ec05f9) \Device\Harddisk0\DR0\Partition1
15:43:31.0479 0780 \Device\Harddisk0\DR0\Partition1 - ok
15:43:31.0479 0780 ============================================================
15:43:31.0479 0780 Scan finished
15:43:31.0479 0780 ============================================================
15:43:31.0494 1408 Detected object count: 1
15:43:31.0494 1408 Actual detected object count: 1
15:43:47.0921 1408 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:43:47.0921 1408 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:43:57.0188 0904 Deinitialize success






















aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-08 15:46:33
-----------------------------
15:46:33.874 OS Version: Windows x64 6.1.7601 Service Pack 1
15:46:33.874 Number of processors: 2 586 0x602
15:46:33.874 ComputerName: KEB-656853 UserName: Kris
15:46:35.809 Initialize success
15:46:36.635 AVAST engine defs: 12030800
15:47:04.107 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-1
15:47:04.107 Disk 0 Vendor: WDC_WD5000AAKX-001CA0 15.01H15 Size: 476940MB BusType: 3
15:47:04.123 Disk 0 MBR read successfully
15:47:04.123 Disk 0 MBR scan
15:47:04.435 Disk 0 Windows 7 default MBR code
15:47:04.450 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 100 MB offset 2048
15:47:04.731 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 476838 MB offset 206848
15:47:04.762 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 976771072
15:47:04.856 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk]
15:47:05.043 Disk 0 scanning C:\Windows\system32\drivers
15:47:17.055 Service scanning
15:47:23.155 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
15:47:31.345 Modules scanning
15:47:31.345 Disk 0 trace - called modules:
15:47:31.360 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:47:31.360 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a41060]
15:47:31.360 3 CLASSPNP.SYS[fffff880019bd43f] -> nt!IofCallDriver -> [0xfffffa80048e1e40]
15:47:31.376 5 ACPI.sys[fffff88000eeb7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-1[0xfffffa80048ef060]
15:47:32.733 AVAST engine scan C:\Windows
15:47:35.978 AVAST engine scan C:\Windows\system32
15:49:27.050 AVAST engine scan C:\Windows\system32\drivers
15:49:34.663 AVAST engine scan C:\Users\Kris
15:52:54.343 Disk 0 MBR has been saved successfully to "C:\Users\Kris\Documents\MBR.dat"
15:52:54.359 The log file has been saved successfully to "C:\Users\Kris\Documents\aswMBR2.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:56 PM

Posted 08 March 2012 - 07:20 PM

We need to take a deeper look

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#7 Bradix

Bradix
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 08 March 2012 - 11:19 PM

Thanks Narenxp, posted it here http://www.bleepingcomputer.com/forums/topic445554.html

Hope I did it right, I had to edit it because I accidentally put the Attache for a sec on the paste heh

Thanks for your help.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:56 PM

Posted 09 March 2012 - 12:13 AM

Now that your log is properly posted and replied to, to avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users