Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wireless connection resets and issues with going to any google site


  • This topic is locked This topic is locked
8 replies to this topic

#1 Reinette

Reinette

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 11 March 2012 - 12:05 PM

I've been having issues with my wireless internet connection for a few days now. It would stop working but I would show that the connection was fine. Then google.com stopped pulling up and anything pulling from google would 404. I did a malwarebytes scan and it keeps finding that C:\Windows\svchost.exe is bad and tries to delete it. Reboot and almost immediately it comes back.

I just don't know what to do to get rid of it.

Update: I did a Spybot scan and it found the file and called it Smitfraud-C.gp

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Ashley at 12:54:32 on 2012-03-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8099.5993 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRAM FILES (X86)\MICROTOUCH\MT 7\TwService.exe
C:\PROGRAM FILES (X86)\MICROTOUCH\MT 7\TwRegSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\WN311BFCS.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\M.Play Home Center\MHC.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.exe
C:\Users\Ashley\AppData\Roaming\Google\Google Talk\googletalk.exe
L:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\MicroTouch\MT 7\TwMonitor.exe
C:\Windows\V0640Mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lucidlogix Technologies\VIRTU\EKAG20NT.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://confucius.qcc.mass.edu/ics/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - L:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - L:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [googletalk] C:\Users\Ashley\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [OfficeSyncProcess] "L:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
mRun: [V0640Mon.exe] C:\Windows\V0640Mon.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [AS00_WN311B] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe -hide
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "L:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [ipTray.exe] "C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOUCHM~1.LNK - C:\Program Files (x86)\MicroTouch\MT 7\TwMonitor.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - L:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - L:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - L:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - L:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3E114174-8D0F-443A-BBEF-692A1CE5EA90} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{3E114174-8D0F-443A-BBEF-692A1CE5EA90} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{444A2DA8-72E2-4801-BD4A-FD5CC93B2503}\869737358333D237373303 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4639D582-8BEC-4488-A07B-11423E6AA775} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4639D582-8BEC-4488-A07B-11423E6AA775}\1447865627F637F585350716E6F52374 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4C43318C-3009-4971-A87C-27D47CCCB365} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FDA7A22A-9332-4DB3-AF53-F84D67A2D00C} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FDA7A22A-9332-4DB3-AF53-F84D67A2D00C}\1447865627F637F585350716E6F52374 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - L:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - L:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - L:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [V0640Mon.exe] C:\Windows\V0640Mon.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [AS00_WN311B] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe -hide
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [BCSSync] "L:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [ipTray.exe] "C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe"
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
AppInit_DLLs-X64: C:\Windows\SysWOW64\appinit_dll.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - L:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\4lkaafjm.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: L:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: L:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-7-17 42184]
R2 IduService;Intel® Desktop Utilities Service;C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [2011-11-10 124616]
R2 Intel® Desktop Boards FSC Application Service;Intel® Desktop Boards FSC Application Service;C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [2011-11-10 61440]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 MBAMService;MBAMService;L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-11 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-17 2214504]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-2-9 531328]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]
R2 TwDrvService;MT7 Serial Search Service;C:\Program Files (x86)\MicroTouch\MT 7\TwService.exe [2011-9-18 183296]
R2 TwRegSvc;MT7 Registry Service;C:\Program Files (x86)\MicroTouch\MT 7\TwRegSvc.exe [2011-9-18 44544]
R2 WN311BFCS;Netgear WN311B Wireless Control Service;C:\Windows\System32\WN311BFCS.exe [2011-7-23 393216]
R3 cpuio;CPUIO Service;C:\Windows\SysWOW64\drivers\cpuiox64.sys [2012-2-14 15384]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 TwBus;3M MicroTouch Serial Bus Enumerator;C:\Windows\system32\DRIVERS\TwBus.sys --> C:\Windows\system32\DRIVERS\TwBus.sys [?]
R3 TwTouch;3M MicroTouch Sensor;C:\Windows\system32\DRIVERS\TwTouch.sys --> C:\Windows\system32\DRIVERS\TwTouch.sys [?]
R3 V0640Vid;Creative Live! Cam Socialize (VF0640) Driver;C:\Windows\system32\DRIVERS\V0640Vid.sys --> C:\Windows\system32\DRIVERS\V0640Vid.sys [?]
R3 VirtuWDDM;VirtuWDDM;C:\Windows\system32\DRIVERS\VirtuWDDM.sys --> C:\Windows\system32\DRIVERS\VirtuWDDM.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-9-5 8192]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;L:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 NTG43XX;NETGEAR 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\WN311B64.sys --> C:\Windows\system32\DRIVERS\WN311B64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-7-17 24176]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-03-11 16:43:52 20480 ----a-w- C:\Windows\svchost.exe
2012-03-11 14:29:31 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-11 14:01:40 98816 ----a-w- C:\Windows\sed.exe
2012-03-11 14:01:40 518144 ----a-w- C:\Windows\SWREG.exe
2012-03-11 14:01:40 256000 ----a-w- C:\Windows\PEV.exe
2012-03-11 14:01:40 208896 ----a-w- C:\Windows\MBR.exe
2012-03-11 13:52:56 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-03-11 13:43:59 -------- d-----w- C:\Users\Ashley\AppData\Roaming\Malwarebytes
2012-03-11 13:43:53 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-11 13:43:53 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-10 18:08:52 66336 ----a-w- C:\Windows\System32\drivers\VirtuWDDM.sys
2012-03-10 18:08:52 186656 ----a-w- C:\Windows\System32\appinit_dll.dll
2012-03-10 18:08:52 156960 ----a-w- C:\Windows\SysWow64\appinit_dll.dll
2012-03-10 18:08:52 -------- d-----w- C:\Users\Ashley\Lucidlogix
2012-03-10 18:08:52 -------- d-----w- C:\Program Files\Lucidlogix Technologies
2012-03-09 10:19:35 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AF09AAF2-53B6-4AFD-AEAD-02C37D5D92D2}\mpengine.dll
2012-03-03 23:27:37 -------- d-----w- C:\Program Files (x86)\Cisco
2012-03-03 23:27:15 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2012-03-03 23:27:15 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll
2012-03-03 23:27:15 4171328 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS
2012-03-03 23:27:15 3896632 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2012-03-03 23:27:15 3561272 ----a-w- C:\Windows\System32\bcmihvui64.dll
2012-03-03 23:27:15 -------- d-----w- C:\Program Files\Broadcom
2012-03-02 00:19:53 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-03-02 00:19:40 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-03-02 00:19:30 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-03-02 00:19:21 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-02-26 22:10:20 -------- d-----w- C:\Users\Ashley\AppData\Local\ElevatedDiagnostics
2012-02-18 14:41:57 -------- d-----w- C:\Users\Ashley\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801}
2012-02-16 03:16:54 -------- d-----w- C:\Program Files (x86)\SpeedFan
2012-02-15 23:13:15 -------- d-sha-r- C:\ProgramData\Key-Base
2012-02-15 23:11:36 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-02-15 23:10:38 189608 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2012-02-15 23:10:34 337608 ----a-w- C:\Windows\System32\PROUnstl.exe
2012-02-15 23:08:47 -------- d-----w- C:\Windows\System32\2C0A
2012-02-15 23:01:48 -------- d-----w- C:\Program Files\Common Files\Intel
2012-02-15 23:01:48 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-02-15 10:48:36 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 10:48:36 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 10:48:33 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 10:48:33 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 10:48:31 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 10:48:29 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 10:48:24 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-15 10:48:24 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 05:29:09 -------- d-----w- C:\Users\Ashley\AppData\Roaming\Intel
2012-02-14 05:28:45 15384 ----a-w- C:\Windows\SysWow64\drivers\cpuiox64.sys
2012-02-14 05:28:45 15384 ----a-w- C:\Windows\System32\drivers\cpuiox64.sys
2012-02-14 05:28:43 -------- d-----w- C:\Windows\SysWow64\x64
2012-02-14 05:28:42 970752 ----a-w- C:\Windows\SysWow64\ismbun.exe
2012-02-14 05:28:42 76288 ----a-w- C:\Windows\SysWow64\EfiVar64.dll
2012-02-14 05:28:42 18200 ----a-w- C:\Windows\System32\drivers\variable64.sys
2012-02-14 05:28:42 -------- d-----w- C:\Intel
2012-02-14 05:28:12 -------- d-----w- C:\Users\Ashley\AppData\Local\Downloaded Installations
2012-02-13 21:05:20 18200 ----a-w- C:\Windows\SysWow64\drivers\variable64.sys
2012-02-13 21:03:16 -------- d-----w- C:\EbuDllTmpDir
2012-02-13 21:03:14 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
.
==================== Find3M ====================
.
2012-03-10 17:46:33 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-14 05:27:57 28544 ----a-w- C:\Windows\System32\drivers\intelsmb.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-12-13 23:27:30 4718952 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-12-13 21:58:20 1560168 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-12-13 16:01:00 1698408 ----a-w- C:\Windows\RtlExUpd.dll
2011-12-12 22:20:18 100456 ----a-w- C:\Windows\System32\RCoInstII64.dll
.
============= FINISH: 12:54:58.23 ===============

Attached Files


Edited by Reinette, 11 March 2012 - 01:55 PM.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:24 PM

Posted 11 March 2012 - 03:06 PM

Good evening. :)

Download aswMBR.exe from here and save it to your Desktop.

  • Double click the tool to run it.
  • When prompted "Would you like to download latest Avast! virus definitions?" click No .
  • Click the Scan button to, well, start the scan - obvious really!
  • Once the scan reports "Scan finished successfully" click Save log.
  • On my system it offers to save it to the Desktop, which may or may not be it's default behaviour, but it's as handy a place as any.
  • You'll also see a file called MBR.dat appear as well - this is a backup that it created, just in case it's needed. Keep it handy for now.

I'd like the contents of aswMBR.txt in your next reply, if you'd be so kind.

So long, and thanks for all the fish.

 

 


#3 Reinette

Reinette
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 11 March 2012 - 03:10 PM

Thanks for the help! Here is the log...


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 16:07:44
-----------------------------
16:07:44.943 OS Version: Windows x64 6.1.7601 Service Pack 1
16:07:44.944 Number of processors: 4 586 0x2A07
16:07:44.944 ComputerName: ASHLEY-PC UserName: Ashley
16:07:45.117 Initialize success
16:07:45.246 AVAST engine defs: 12031101
16:08:04.869 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
16:08:04.870 Disk 0 Vendor: Size: 0MB BusType: 0
16:08:04.872 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
16:08:04.873 Disk 1 Vendor: Size: 0MB BusType: 0
16:08:04.875 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP0T0L0-0
16:08:04.877 Disk 2 Vendor: Size: 0MB BusType: 0
16:08:04.880 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP2T0L0-2
16:08:04.882 Disk 3 Vendor: Size: 0MB BusType: 0
16:08:04.885 Device \Driver\atapi -> MajorFunction fffffa80074075c4
16:08:04.888 Disk 2 MBR read successfully
16:08:04.890 Disk 2 MBR scan
16:08:04.893 Disk 2 MBR:Alureon-M [Rtk]
16:08:04.896 Disk 2 TDL4@MBR code has been found
16:08:04.900 Disk 2 MBR hidden
16:08:04.903 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:08:04.907 Disk 2 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
16:08:04.911 Disk 2 MBR [TDL4] **ROOTKIT**
16:08:04.917 Disk 2 scanning C:\Windows\system32\drivers
16:08:06.293 Service scanning
16:08:09.710 Modules scanning
16:08:09.715 Disk 2 trace - called modules:
16:08:09.724 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80074075c4]<<
16:08:09.728 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xfffffa8007267060]
16:08:09.731 3 CLASSPNP.SYS[fffff880019a343f] -> nt!IofCallDriver -> [0xfffffa8006eea1e0]
16:08:09.735 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006bdb680]
16:08:09.738 \Driver\atapi[0xfffffa8006a15060] -> IRP_MJ_CREATE -> 0xfffffa80074075c4
16:08:09.876 AVAST engine scan C:\Windows
16:08:10.239 AVAST engine scan C:\Windows\system32
16:08:35.702 AVAST engine scan C:\Windows\system32\drivers
16:08:37.634 AVAST engine scan C:\Users\Ashley
16:08:49.808 AVAST engine scan C:\ProgramData
16:08:54.860 Scan finished successfully
16:09:19.355 Disk 2 MBR has been saved successfully to "L:\Users\Ashley\Desktop\MBR.dat"
16:09:19.371 The log file has been saved successfully to "L:\Users\Ashley\Desktop\aswMBR.txt"

#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:24 PM

Posted 11 March 2012 - 04:01 PM

Download TDSSKiller.zip from Kaspersky from here and save it to your Desktop.

  • You will then need to extract the file(s) from the zipped folder.
  • To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...
    In the Extraction Wizard window that opens, click on Next> and in the next window that appears, click on Next> again.
    In the final window, click on Finish

  • Please close all open programs as this may result in a reboot being necessary.
  • Double click TDSSKiller.exe to begin.
  • Click Change parameters and check the two boxes under Additional Options.
  • Click Start scan and allow the tool to do just that.
  • One the scan has completed, if the tool has identified anything allow it to carry out it's default action(s) - you'll need to click Continue where appropriate.
  • Finally, if it prompts you to reboot your machine, please click Reboot Now and ensure that your machine does so.
  • If the scan finds nothing, please click the Report button and let me have a copy of the text file that opens.
  • If you reboot your machine, the log, which i'd like to see, will be located at the root of you hard drive as C:\TDSSKiller.Version_Date_Time_log.txt.
    Please check that you get the one with the right date and time. :)

So long, and thanks for all the fish.

 

 


#5 Reinette

Reinette
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 11 March 2012 - 05:50 PM

Here you go...

18:44:33.0741 4936 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
18:44:34.0036 4936 ============================================================
18:44:34.0036 4936 Current date / time: 2012/03/11 18:44:34.0036
18:44:34.0036 4936 SystemInfo:
18:44:34.0036 4936
18:44:34.0036 4936 OS Version: 6.1.7601 ServicePack: 1.0
18:44:34.0036 4936 Product type: Workstation
18:44:34.0036 4936 ComputerName: ASHLEY-PC
18:44:34.0036 4936 UserName: Ashley
18:44:34.0036 4936 Windows directory: C:\Windows
18:44:34.0036 4936 System windows directory: C:\Windows
18:44:34.0037 4936 Running under WOW64
18:44:34.0037 4936 Processor architecture: Intel x64
18:44:34.0037 4936 Number of processors: 4
18:44:34.0037 4936 Page size: 0x1000
18:44:34.0037 4936 Boot type: Normal boot
18:44:34.0037 4936 ============================================================
18:44:34.0237 4936 Drive \Device\Harddisk3\DR3 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0237 4936 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0248 4936 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0262 4936 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0291 4936 \Device\Harddisk3\DR3:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:44:34.0291 4936 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
18:44:34.0291 4936 \Device\Harddisk0\DR0:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E000
18:44:34.0291 4936 \Device\Harddisk1\DR1:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
18:44:34.0291 4936 \Device\Harddisk2\DR2:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:44:34.0343 4936 Initialize success
18:44:34.0343 4936 ============================================================
18:44:42.0958 5656 ============================================================
18:44:42.0958 5656 Scan started
18:44:42.0958 5656 Mode: Manual; SigCheck; TDLFS;
18:44:42.0958 5656 ============================================================
18:44:43.0259 5656 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
18:44:43.0320 5656 1394ohci - ok
18:44:43.0339 5656 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:44:43.0352 5656 ACPI - ok
18:44:43.0367 5656 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:44:43.0381 5656 AcpiPmi - ok
18:44:43.0402 5656 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:44:43.0418 5656 adp94xx - ok
18:44:43.0437 5656 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:44:43.0450 5656 adpahci - ok
18:44:43.0467 5656 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:44:43.0478 5656 adpu320 - ok
18:44:43.0501 5656 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:44:43.0520 5656 AFD - ok
18:44:43.0536 5656 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:44:43.0544 5656 agp440 - ok
18:44:43.0560 5656 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:44:43.0568 5656 aliide - ok
18:44:43.0582 5656 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:44:43.0590 5656 amdide - ok
18:44:43.0606 5656 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:44:43.0618 5656 AmdK8 - ok
18:44:43.0633 5656 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:44:43.0645 5656 AmdPPM - ok
18:44:43.0660 5656 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:44:43.0669 5656 amdsata - ok
18:44:43.0686 5656 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:44:43.0697 5656 amdsbs - ok
18:44:43.0712 5656 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:44:43.0720 5656 amdxata - ok
18:44:43.0734 5656 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:44:43.0764 5656 AppID - ok
18:44:43.0784 5656 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:44:43.0793 5656 arc - ok
18:44:43.0809 5656 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:44:43.0819 5656 arcsas - ok
18:44:43.0833 5656 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys
18:44:43.0866 5656 aswFsBlk - ok
18:44:43.0882 5656 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys
18:44:43.0890 5656 aswMonFlt - ok
18:44:43.0905 5656 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys
18:44:43.0913 5656 aswRdr - ok
18:44:43.0933 5656 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys
18:44:43.0947 5656 aswSnx - ok
18:44:43.0964 5656 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys
18:44:43.0975 5656 aswSP - ok
18:44:43.0989 5656 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys
18:44:43.0997 5656 aswTdi - ok
18:44:44.0013 5656 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:44.0042 5656 AsyncMac - ok
18:44:44.0057 5656 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:44:44.0064 5656 atapi - ok
18:44:44.0089 5656 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:44:44.0107 5656 b06bdrv - ok
18:44:44.0125 5656 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:44:44.0140 5656 b57nd60a - ok
18:44:44.0195 5656 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:44:44.0252 5656 BCM43XX - ok
18:44:44.0269 5656 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:44:44.0298 5656 Beep - ok
18:44:44.0314 5656 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:44:44.0326 5656 blbdrive - ok
18:44:44.0344 5656 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:44:44.0356 5656 bowser - ok
18:44:44.0371 5656 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:44:44.0384 5656 BrFiltLo - ok
18:44:44.0399 5656 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:44:44.0412 5656 BrFiltUp - ok
18:44:44.0428 5656 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:44:44.0459 5656 Bridge - ok
18:44:44.0462 5656 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:44:44.0491 5656 BridgeMP - ok
18:44:44.0510 5656 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:44:44.0524 5656 Brserid - ok
18:44:44.0538 5656 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:44:44.0551 5656 BrSerWdm - ok
18:44:44.0565 5656 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:44:44.0578 5656 BrUsbMdm - ok
18:44:44.0591 5656 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:44:44.0602 5656 BrUsbSer - ok
18:44:44.0616 5656 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:44:44.0630 5656 BTHMODEM - ok
18:44:44.0635 5656 catchme - ok
18:44:44.0651 5656 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:44:44.0681 5656 cdfs - ok
18:44:44.0698 5656 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:44:44.0711 5656 cdrom - ok
18:44:44.0729 5656 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:44:44.0742 5656 circlass - ok
18:44:44.0757 5656 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:44:44.0771 5656 CLFS - ok
18:44:44.0791 5656 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:44:44.0802 5656 CmBatt - ok
18:44:44.0816 5656 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:44:44.0825 5656 cmdide - ok
18:44:44.0844 5656 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:44:44.0865 5656 CNG - ok
18:44:44.0880 5656 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:44:44.0888 5656 Compbatt - ok
18:44:44.0903 5656 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:44:44.0917 5656 CompositeBus - ok
18:44:44.0929 5656 cpuio (907966b70662669ea1892281f85689ff) C:\Windows\SysWOW64\Drivers\cpuiox64.sys
18:44:44.0936 5656 cpuio - ok
18:44:44.0950 5656 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:44:44.0959 5656 crcdisk - ok
18:44:44.0982 5656 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:44:45.0000 5656 CSC - ok
18:44:45.0021 5656 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:44:45.0050 5656 DfsC - ok
18:44:45.0067 5656 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:44:45.0097 5656 discache - ok
18:44:45.0111 5656 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:44:45.0120 5656 Disk - ok
18:44:45.0134 5656 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
18:44:45.0145 5656 dmvsc - ok
18:44:45.0162 5656 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:44:45.0175 5656 drmkaud - ok
18:44:45.0197 5656 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:44:45.0217 5656 DXGKrnl - ok
18:44:45.0234 5656 e1cexpress (5db7ceb8fb44abf01614e33bad2056e0) C:\Windows\system32\DRIVERS\e1c62x64.sys
18:44:45.0246 5656 e1cexpress - ok
18:44:45.0290 5656 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:44:45.0341 5656 ebdrv - ok
18:44:45.0366 5656 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:44:45.0383 5656 elxstor - ok
18:44:45.0397 5656 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:44:45.0409 5656 ErrDev - ok
18:44:45.0428 5656 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:44:45.0460 5656 exfat - ok
18:44:45.0477 5656 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:44:45.0509 5656 fastfat - ok
18:44:45.0526 5656 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:44:45.0537 5656 fdc - ok
18:44:45.0554 5656 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:44:45.0563 5656 FileInfo - ok
18:44:45.0578 5656 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:44:45.0607 5656 Filetrace - ok
18:44:45.0621 5656 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:44:45.0639 5656 flpydisk - ok
18:44:45.0656 5656 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:44:45.0668 5656 FltMgr - ok
18:44:45.0686 5656 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:44:45.0695 5656 FsDepends - ok
18:44:45.0710 5656 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:44:45.0717 5656 Fs_Rec - ok
18:44:45.0733 5656 FTDIBUS (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys
18:44:45.0740 5656 FTDIBUS - ok
18:44:45.0755 5656 FTSER2K (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys
18:44:45.0763 5656 FTSER2K - ok
18:44:45.0780 5656 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:44:45.0793 5656 fvevol - ok
18:44:45.0808 5656 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:44:45.0817 5656 gagp30kx - ok
18:44:45.0832 5656 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:44:45.0839 5656 GEARAspiWDM - ok
18:44:45.0855 5656 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:44:45.0867 5656 hcw85cir - ok
18:44:45.0885 5656 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:44:45.0903 5656 HdAudAddService - ok
18:44:45.0920 5656 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:44:45.0933 5656 HDAudBus - ok
18:44:45.0948 5656 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:44:45.0960 5656 HidBatt - ok
18:44:45.0975 5656 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:44:45.0989 5656 HidBth - ok
18:44:46.0005 5656 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:44:46.0019 5656 HidIr - ok
18:44:46.0035 5656 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:44:46.0047 5656 HidUsb - ok
18:44:46.0066 5656 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:44:46.0075 5656 HpSAMD - ok
18:44:46.0098 5656 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:44:46.0136 5656 HTTP - ok
18:44:46.0151 5656 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:44:46.0158 5656 hwpolicy - ok
18:44:46.0174 5656 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:44:46.0187 5656 i8042prt - ok
18:44:46.0206 5656 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:44:46.0221 5656 iaStorV - ok
18:44:46.0349 5656 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:44:46.0513 5656 igfx - ok
18:44:46.0528 5656 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:44:46.0537 5656 iirsp - ok
18:44:46.0596 5656 IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
18:44:46.0660 5656 IntcAzAudAddService - ok
18:44:46.0680 5656 IntcDAud (ae594cc17c33ac146739494615e14851) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:44:46.0693 5656 IntcDAud - ok
18:44:46.0710 5656 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:44:46.0718 5656 intelide - ok
18:44:46.0733 5656 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:44:46.0745 5656 intelppm - ok
18:44:46.0762 5656 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:46.0792 5656 IpFilterDriver - ok
18:44:46.0809 5656 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:44:46.0821 5656 IPMIDRV - ok
18:44:46.0838 5656 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:44:46.0867 5656 IPNAT - ok
18:44:46.0885 5656 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
18:44:46.0901 5656 irda - ok
18:44:46.0916 5656 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:44:46.0931 5656 IRENUM - ok
18:44:46.0948 5656 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
18:44:46.0959 5656 irsir - ok
18:44:46.0974 5656 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:44:46.0982 5656 isapnp - ok
18:44:47.0000 5656 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:44:47.0012 5656 iScsiPrt - ok
18:44:47.0027 5656 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:44:47.0036 5656 kbdclass - ok
18:44:47.0051 5656 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:44:47.0062 5656 kbdhid - ok
18:44:47.0081 5656 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:44:47.0090 5656 KSecDD - ok
18:44:47.0106 5656 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:44:47.0117 5656 KSecPkg - ok
18:44:47.0131 5656 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:44:47.0160 5656 ksthunk - ok
18:44:47.0179 5656 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
18:44:47.0187 5656 LGBusEnum - ok
18:44:47.0202 5656 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
18:44:47.0210 5656 LGVirHid - ok
18:44:47.0224 5656 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:44:47.0254 5656 lltdio - ok
18:44:47.0273 5656 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:44:47.0283 5656 LSI_FC - ok
18:44:47.0299 5656 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:44:47.0308 5656 LSI_SAS - ok
18:44:47.0324 5656 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:44:47.0333 5656 LSI_SAS2 - ok
18:44:47.0349 5656 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:44:47.0358 5656 LSI_SCSI - ok
18:44:47.0373 5656 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:44:47.0403 5656 luafv - ok
18:44:47.0419 5656 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
18:44:47.0427 5656 MBAMProtector - ok
18:44:47.0445 5656 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:44:47.0454 5656 megasas - ok
18:44:47.0471 5656 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:44:47.0483 5656 MegaSR - ok
18:44:47.0499 5656 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:44:47.0506 5656 MEIx64 - ok
18:44:47.0524 5656 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:44:47.0553 5656 Modem - ok
18:44:47.0570 5656 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:44:47.0582 5656 monitor - ok
18:44:47.0599 5656 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:44:47.0607 5656 mouclass - ok
18:44:47.0622 5656 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:44:47.0634 5656 mouhid - ok
18:44:47.0649 5656 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:44:47.0658 5656 mountmgr - ok
18:44:47.0674 5656 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:44:47.0685 5656 mpio - ok
18:44:47.0700 5656 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:44:47.0731 5656 mpsdrv - ok
18:44:47.0749 5656 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:44:47.0765 5656 MRxDAV - ok
18:44:47.0782 5656 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:47.0796 5656 mrxsmb - ok
18:44:47.0814 5656 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:47.0828 5656 mrxsmb10 - ok
18:44:47.0846 5656 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:47.0857 5656 mrxsmb20 - ok
18:44:47.0873 5656 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:44:47.0881 5656 msahci - ok
18:44:47.0897 5656 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:44:47.0906 5656 msdsm - ok
18:44:47.0925 5656 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:44:47.0954 5656 Msfs - ok
18:44:47.0969 5656 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:44:47.0998 5656 mshidkmdf - ok
18:44:48.0013 5656 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:44:48.0020 5656 msisadrv - ok
18:44:48.0036 5656 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:44:48.0065 5656 MSKSSRV - ok
18:44:48.0079 5656 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:48.0108 5656 MSPCLOCK - ok
18:44:48.0122 5656 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:44:48.0151 5656 MSPQM - ok
18:44:48.0168 5656 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:44:48.0182 5656 MsRPC - ok
18:44:48.0198 5656 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:44:48.0206 5656 mssmbios - ok
18:44:48.0222 5656 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:44:48.0251 5656 MSTEE - ok
18:44:48.0265 5656 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:44:48.0276 5656 MTConfig - ok
18:44:48.0291 5656 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:44:48.0300 5656 Mup - ok
18:44:48.0320 5656 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:44:48.0339 5656 NativeWifiP - ok
18:44:48.0362 5656 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:44:48.0386 5656 NDIS - ok
18:44:48.0401 5656 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:48.0430 5656 NdisCap - ok
18:44:48.0445 5656 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:48.0474 5656 NdisTapi - ok
18:44:48.0490 5656 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:48.0519 5656 Ndisuio - ok
18:44:48.0535 5656 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:48.0566 5656 NdisWan - ok
18:44:48.0582 5656 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:44:48.0611 5656 NDProxy - ok
18:44:48.0625 5656 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:44:48.0655 5656 NetBIOS - ok
18:44:48.0672 5656 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:44:48.0702 5656 NetBT - ok
18:44:48.0722 5656 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:44:48.0731 5656 nfrd960 - ok
18:44:48.0746 5656 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:44:48.0776 5656 Npfs - ok
18:44:48.0791 5656 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:44:48.0821 5656 nsiproxy - ok
18:44:48.0853 5656 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:44:48.0888 5656 Ntfs - ok
18:44:48.0932 5656 NTG43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\WN311B64.sys
18:44:48.0988 5656 NTG43XX - ok
18:44:49.0020 5656 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:44:49.0049 5656 Null - ok
18:44:49.0065 5656 nusb3hub (b227e75ad10a142dd326b4cc8d73a6d9) C:\Windows\system32\DRIVERS\nusb3hub.sys
18:44:49.0076 5656 nusb3hub - ok
18:44:49.0093 5656 nusb3xhc (55959db860e4e484681586824d09e52c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:44:49.0105 5656 nusb3xhc - ok
18:44:49.0241 5656 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:44:49.0399 5656 nvlddmkm - ok
18:44:49.0417 5656 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:44:49.0427 5656 nvraid - ok
18:44:49.0442 5656 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:44:49.0453 5656 nvstor - ok
18:44:49.0470 5656 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:44:49.0480 5656 nv_agp - ok
18:44:49.0494 5656 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:44:49.0505 5656 ohci1394 - ok
18:44:49.0527 5656 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:44:49.0539 5656 Parport - ok
18:44:49.0553 5656 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:44:49.0562 5656 partmgr - ok
18:44:49.0566 5656 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
18:44:49.0576 5656 pbfilter - ok
18:44:49.0592 5656 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:44:49.0603 5656 pci - ok
18:44:49.0616 5656 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:44:49.0624 5656 pciide - ok
18:44:49.0640 5656 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:44:49.0651 5656 pcmcia - ok
18:44:49.0666 5656 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:44:49.0675 5656 pcw - ok
18:44:49.0697 5656 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:44:49.0734 5656 PEAUTH - ok
18:44:49.0761 5656 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
18:44:49.0768 5656 Point64 - ok
18:44:49.0786 5656 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:44:49.0815 5656 PptpMiniport - ok
18:44:49.0829 5656 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:44:49.0841 5656 Processor - ok
18:44:49.0859 5656 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:44:49.0888 5656 Psched - ok
18:44:49.0916 5656 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:44:49.0948 5656 ql2300 - ok
18:44:49.0963 5656 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:44:49.0973 5656 ql40xx - ok
18:44:49.0988 5656 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:44:50.0003 5656 QWAVEdrv - ok
18:44:50.0016 5656 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:44:50.0045 5656 RasAcd - ok
18:44:50.0059 5656 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:50.0088 5656 RasAgileVpn - ok
18:44:50.0104 5656 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:50.0133 5656 Rasl2tp - ok
18:44:50.0149 5656 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:50.0179 5656 RasPppoe - ok
18:44:50.0193 5656 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:44:50.0223 5656 RasSstp - ok
18:44:50.0240 5656 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:44:50.0271 5656 rdbss - ok
18:44:50.0286 5656 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:50.0299 5656 rdpbus - ok
18:44:50.0314 5656 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:50.0343 5656 RDPCDD - ok
18:44:50.0361 5656 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:44:50.0373 5656 RDPDR - ok
18:44:50.0388 5656 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:44:50.0416 5656 RDPENCDD - ok
18:44:50.0431 5656 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:44:50.0459 5656 RDPREFMP - ok
18:44:50.0475 5656 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:44:50.0505 5656 RDPWD - ok
18:44:50.0521 5656 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:44:50.0532 5656 rdyboost - ok
18:44:50.0548 5656 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:44:50.0557 5656 RimUsb - ok
18:44:50.0575 5656 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:44:50.0604 5656 rspndr - ok
18:44:50.0621 5656 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:50.0634 5656 RTL8167 - ok
18:44:50.0655 5656 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
18:44:50.0674 5656 RTL8192su - ok
18:44:50.0687 5656 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:44:50.0698 5656 s3cap - ok
18:44:50.0713 5656 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:44:50.0722 5656 sbp2port - ok
18:44:50.0737 5656 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:44:50.0766 5656 scfilter - ok
18:44:50.0783 5656 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:44:50.0812 5656 secdrv - ok
18:44:50.0829 5656 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:44:50.0840 5656 Serenum - ok
18:44:50.0855 5656 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:44:50.0867 5656 Serial - ok
18:44:50.0881 5656 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:44:50.0892 5656 sermouse - ok
18:44:50.0910 5656 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:44:50.0923 5656 sffdisk - ok
18:44:50.0936 5656 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:44:50.0949 5656 sffp_mmc - ok
18:44:50.0963 5656 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:44:50.0975 5656 sffp_sd - ok
18:44:50.0989 5656 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:44:51.0000 5656 sfloppy - ok
18:44:51.0017 5656 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:44:51.0026 5656 SiSRaid2 - ok
18:44:51.0040 5656 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:44:51.0049 5656 SiSRaid4 - ok
18:44:51.0064 5656 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:44:51.0094 5656 Smb - ok
18:44:51.0109 5656 smbusp (3da591bbab178a3152b8685dc43b20cd) C:\Windows\system32\DRIVERS\intelsmb.sys
18:44:51.0119 5656 smbusp - ok
18:44:51.0124 5656 speedfan - ok
18:44:51.0143 5656 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:44:51.0151 5656 spldr - ok
18:44:51.0175 5656 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:44:51.0193 5656 srv - ok
18:44:51.0213 5656 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:44:51.0230 5656 srv2 - ok
18:44:51.0247 5656 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:44:51.0260 5656 srvnet - ok
18:44:51.0281 5656 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:44:51.0290 5656 stexstor - ok
18:44:51.0307 5656 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:44:51.0315 5656 storflt - ok
18:44:51.0332 5656 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:44:51.0340 5656 storvsc - ok
18:44:51.0355 5656 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:44:51.0363 5656 swenum - ok
18:44:51.0402 5656 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:44:51.0440 5656 Tcpip - ok
18:44:51.0473 5656 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:44:51.0504 5656 TCPIP6 - ok
18:44:51.0519 5656 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:44:51.0548 5656 tcpipreg - ok
18:44:51.0562 5656 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:44:51.0591 5656 TDPIPE - ok
18:44:51.0604 5656 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:44:51.0633 5656 TDTCP - ok
18:44:51.0648 5656 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:44:51.0676 5656 tdx - ok
18:44:51.0691 5656 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
18:44:51.0699 5656 TermDD - ok
18:44:51.0720 5656 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:51.0749 5656 tssecsrv - ok
18:44:51.0763 5656 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:44:51.0773 5656 TsUsbFlt - ok
18:44:51.0787 5656 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:44:51.0798 5656 TsUsbGD - ok
18:44:51.0814 5656 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:44:51.0843 5656 tunnel - ok
18:44:51.0857 5656 TwBus (7d918d1b87719d4f063dccc2615dce36) C:\Windows\system32\DRIVERS\TwBus.sys
18:44:51.0865 5656 TwBus - ok
18:44:51.0883 5656 TwTouch (f0901a250797760536d55ce46a5f4c37) C:\Windows\system32\DRIVERS\TwTouch.sys
18:44:51.0895 5656 TwTouch - ok
18:44:51.0909 5656 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:44:51.0918 5656 uagp35 - ok
18:44:51.0935 5656 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:44:51.0967 5656 udfs - ok
18:44:51.0985 5656 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:44:51.0994 5656 uliagpkx - ok
18:44:52.0009 5656 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:44:52.0020 5656 umbus - ok
18:44:52.0034 5656 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:44:52.0046 5656 UmPass - ok
18:44:52.0063 5656 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:44:52.0077 5656 usbaudio - ok
18:44:52.0092 5656 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:52.0103 5656 usbccgp - ok
18:44:52.0117 5656 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:44:52.0132 5656 usbcir - ok
18:44:52.0146 5656 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:44:52.0157 5656 usbehci - ok
18:44:52.0174 5656 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:44:52.0189 5656 usbhub - ok
18:44:52.0202 5656 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:44:52.0213 5656 usbohci - ok
18:44:52.0227 5656 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:44:52.0240 5656 usbprint - ok
18:44:52.0254 5656 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:52.0266 5656 USBSTOR - ok
18:44:52.0280 5656 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:44:52.0291 5656 usbuhci - ok
18:44:52.0306 5656 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:44:52.0321 5656 usbvideo - ok
18:44:52.0339 5656 V0640Vid (34af631f8d8bdbe77e7fbd99ff147d3f) C:\Windows\system32\DRIVERS\V0640Vid.sys
18:44:52.0352 5656 V0640Vid - ok
18:44:52.0368 5656 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:44:52.0376 5656 vdrvroot - ok
18:44:52.0391 5656 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:52.0403 5656 vga - ok
18:44:52.0417 5656 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:44:52.0445 5656 VgaSave - ok
18:44:52.0461 5656 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:44:52.0473 5656 vhdmp - ok
18:44:52.0487 5656 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:44:52.0495 5656 viaide - ok
18:44:52.0510 5656 VirtuWDDM (ae6afc99525d6ad4a450ab3c0ebc9eea) C:\Windows\system32\DRIVERS\VirtuWDDM.sys
18:44:52.0518 5656 VirtuWDDM - ok
18:44:52.0533 5656 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:44:52.0543 5656 vmbus - ok
18:44:52.0557 5656 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:44:52.0568 5656 VMBusHID - ok
18:44:52.0582 5656 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:44:52.0591 5656 volmgr - ok
18:44:52.0609 5656 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:44:52.0622 5656 volmgrx - ok
18:44:52.0639 5656 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:44:52.0652 5656 volsnap - ok
18:44:52.0668 5656 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:44:52.0679 5656 vsmraid - ok
18:44:52.0694 5656 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:44:52.0707 5656 vwifibus - ok
18:44:52.0721 5656 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:44:52.0739 5656 vwififlt - ok
18:44:52.0754 5656 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:44:52.0768 5656 vwifimp - ok
18:44:52.0786 5656 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:44:52.0797 5656 WacomPen - ok
18:44:52.0812 5656 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:52.0841 5656 WANARP - ok
18:44:52.0844 5656 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:52.0872 5656 Wanarpv6 - ok
18:44:52.0892 5656 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:44:52.0900 5656 Wd - ok
18:44:52.0919 5656 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:44:52.0938 5656 Wdf01000 - ok
18:44:52.0959 5656 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:44:52.0988 5656 WfpLwf - ok
18:44:53.0002 5656 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:44:53.0010 5656 WIMMount - ok
18:44:53.0035 5656 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:44:53.0048 5656 WinUsb - ok
18:44:53.0063 5656 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:44:53.0074 5656 WmiAcpi - ok
18:44:53.0096 5656 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:44:53.0124 5656 ws2ifsl - ok
18:44:53.0143 5656 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:44:53.0172 5656 WudfPf - ok
18:44:53.0188 5656 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:44:53.0218 5656 WUDFRd - ok
18:44:53.0230 5656 __FOX__FOXONE_DRIVER__ - ok
18:44:53.0248 5656 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk3\DR3
18:44:53.0248 5656 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - infected
18:44:53.0248 5656 \Device\Harddisk3\DR3 - detected Rootkit.Boot.Pihar.b (0)
18:44:53.0274 5656 \Device\Harddisk3\DR3 ( TDSS File System ) - warning
18:44:53.0274 5656 \Device\Harddisk3\DR3 - detected TDSS File System (1)
18:44:53.0277 5656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:44:53.0300 5656 \Device\Harddisk0\DR0 - ok
18:44:53.0302 5656 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
18:44:53.0365 5656 \Device\Harddisk1\DR1 - ok
18:44:53.0380 5656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
18:44:53.0445 5656 \Device\Harddisk2\DR2 - ok
18:44:53.0447 5656 Boot (0x1200) (5980f7335d10ef55e93c0694e279194d) \Device\Harddisk3\DR3\Partition0
18:44:53.0448 5656 \Device\Harddisk3\DR3\Partition0 - ok
18:44:53.0450 5656 Boot (0x1200) (7945a0f0f3ff7fadde06c2f495e60c9b) \Device\Harddisk3\DR3\Partition1
18:44:53.0450 5656 \Device\Harddisk3\DR3\Partition1 - ok
18:44:53.0452 5656 Boot (0x1200) (bc2cd11a1b88dd7e6b5f165915d9b23f) \Device\Harddisk0\DR0\Partition0
18:44:53.0453 5656 \Device\Harddisk0\DR0\Partition0 - ok
18:44:53.0454 5656 Boot (0x1200) (f3d6a88930720ea1059f8dbd3d247912) \Device\Harddisk1\DR1\Partition0
18:44:53.0455 5656 \Device\Harddisk1\DR1\Partition0 - ok
18:44:53.0489 5656 Boot (0x1200) (c98561df38e4391e8db588aa3fa3474d) \Device\Harddisk2\DR2\Partition0
18:44:53.0490 5656 \Device\Harddisk2\DR2\Partition0 - ok
18:44:53.0490 5656 ============================================================
18:44:53.0490 5656 Scan finished
18:44:53.0490 5656 ============================================================
18:44:53.0496 4376 Detected object count: 2
18:44:53.0497 4376 Actual detected object count: 2
18:45:27.0847 4376 \Device\Harddisk3\DR3\# - copied to quarantine
18:45:27.0847 4376 \Device\Harddisk3\DR3 - copied to quarantine
18:45:27.0880 4376 \Device\Harddisk3\DR3\TDLFS\ph.dll - copied to quarantine
18:45:27.0881 4376 \Device\Harddisk3\DR3\TDLFS\phx.dll - copied to quarantine
18:45:27.0885 4376 \Device\Harddisk3\DR3\TDLFS\sub.dll - copied to quarantine
18:45:27.0888 4376 \Device\Harddisk3\DR3\TDLFS\subx.dll - copied to quarantine
18:45:27.0896 4376 \Device\Harddisk3\DR3\TDLFS\phd - copied to quarantine
18:45:27.0902 4376 \Device\Harddisk3\DR3\TDLFS\phdx - copied to quarantine
18:45:27.0903 4376 \Device\Harddisk3\DR3\TDLFS\phs - copied to quarantine
18:45:27.0904 4376 \Device\Harddisk3\DR3\TDLFS\phdata - copied to quarantine
18:45:27.0905 4376 \Device\Harddisk3\DR3\TDLFS\phld - copied to quarantine
18:45:27.0907 4376 \Device\Harddisk3\DR3\TDLFS\phln - copied to quarantine
18:45:27.0910 4376 \Device\Harddisk3\DR3\TDLFS\phlx - copied to quarantine
18:45:27.0911 4376 \Device\Harddisk3\DR3\TDLFS\phm - copied to quarantine
18:45:27.0913 4376 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
18:45:27.0913 4376 \Device\Harddisk3\DR3 - ok
18:45:27.0947 4376 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
18:45:27.0948 4376 \Device\Harddisk3\DR3 ( TDSS File System ) - skipped by user
18:45:27.0948 4376 \Device\Harddisk3\DR3 ( TDSS File System ) - User select action: Skip
18:45:38.0493 4580 Deinitialize success

Here you go...

18:44:33.0741 4936 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
18:44:34.0036 4936 ============================================================
18:44:34.0036 4936 Current date / time: 2012/03/11 18:44:34.0036
18:44:34.0036 4936 SystemInfo:
18:44:34.0036 4936
18:44:34.0036 4936 OS Version: 6.1.7601 ServicePack: 1.0
18:44:34.0036 4936 Product type: Workstation
18:44:34.0036 4936 ComputerName: ASHLEY-PC
18:44:34.0036 4936 UserName: Ashley
18:44:34.0036 4936 Windows directory: C:\Windows
18:44:34.0036 4936 System windows directory: C:\Windows
18:44:34.0037 4936 Running under WOW64
18:44:34.0037 4936 Processor architecture: Intel x64
18:44:34.0037 4936 Number of processors: 4
18:44:34.0037 4936 Page size: 0x1000
18:44:34.0037 4936 Boot type: Normal boot
18:44:34.0037 4936 ============================================================
18:44:34.0237 4936 Drive \Device\Harddisk3\DR3 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0237 4936 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0248 4936 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0262 4936 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:34.0291 4936 \Device\Harddisk3\DR3:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:44:34.0291 4936 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
18:44:34.0291 4936 \Device\Harddisk0\DR0:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E000
18:44:34.0291 4936 \Device\Harddisk1\DR1:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
18:44:34.0291 4936 \Device\Harddisk2\DR2:
18:44:34.0291 4936 MBR used
18:44:34.0291 4936 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:44:34.0343 4936 Initialize success
18:44:34.0343 4936 ============================================================
18:44:42.0958 5656 ============================================================
18:44:42.0958 5656 Scan started
18:44:42.0958 5656 Mode: Manual; SigCheck; TDLFS;
18:44:42.0958 5656 ============================================================
18:44:43.0259 5656 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
18:44:43.0320 5656 1394ohci - ok
18:44:43.0339 5656 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:44:43.0352 5656 ACPI - ok
18:44:43.0367 5656 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:44:43.0381 5656 AcpiPmi - ok
18:44:43.0402 5656 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:44:43.0418 5656 adp94xx - ok
18:44:43.0437 5656 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:44:43.0450 5656 adpahci - ok
18:44:43.0467 5656 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:44:43.0478 5656 adpu320 - ok
18:44:43.0501 5656 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:44:43.0520 5656 AFD - ok
18:44:43.0536 5656 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:44:43.0544 5656 agp440 - ok
18:44:43.0560 5656 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:44:43.0568 5656 aliide - ok
18:44:43.0582 5656 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:44:43.0590 5656 amdide - ok
18:44:43.0606 5656 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:44:43.0618 5656 AmdK8 - ok
18:44:43.0633 5656 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:44:43.0645 5656 AmdPPM - ok
18:44:43.0660 5656 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:44:43.0669 5656 amdsata - ok
18:44:43.0686 5656 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:44:43.0697 5656 amdsbs - ok
18:44:43.0712 5656 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:44:43.0720 5656 amdxata - ok
18:44:43.0734 5656 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:44:43.0764 5656 AppID - ok
18:44:43.0784 5656 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:44:43.0793 5656 arc - ok
18:44:43.0809 5656 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:44:43.0819 5656 arcsas - ok
18:44:43.0833 5656 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys
18:44:43.0866 5656 aswFsBlk - ok
18:44:43.0882 5656 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys
18:44:43.0890 5656 aswMonFlt - ok
18:44:43.0905 5656 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys
18:44:43.0913 5656 aswRdr - ok
18:44:43.0933 5656 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys
18:44:43.0947 5656 aswSnx - ok
18:44:43.0964 5656 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys
18:44:43.0975 5656 aswSP - ok
18:44:43.0989 5656 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys
18:44:43.0997 5656 aswTdi - ok
18:44:44.0013 5656 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:44.0042 5656 AsyncMac - ok
18:44:44.0057 5656 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:44:44.0064 5656 atapi - ok
18:44:44.0089 5656 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:44:44.0107 5656 b06bdrv - ok
18:44:44.0125 5656 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:44:44.0140 5656 b57nd60a - ok
18:44:44.0195 5656 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:44:44.0252 5656 BCM43XX - ok
18:44:44.0269 5656 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:44:44.0298 5656 Beep - ok
18:44:44.0314 5656 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:44:44.0326 5656 blbdrive - ok
18:44:44.0344 5656 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:44:44.0356 5656 bowser - ok
18:44:44.0371 5656 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:44:44.0384 5656 BrFiltLo - ok
18:44:44.0399 5656 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:44:44.0412 5656 BrFiltUp - ok
18:44:44.0428 5656 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:44:44.0459 5656 Bridge - ok
18:44:44.0462 5656 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:44:44.0491 5656 BridgeMP - ok
18:44:44.0510 5656 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:44:44.0524 5656 Brserid - ok
18:44:44.0538 5656 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:44:44.0551 5656 BrSerWdm - ok
18:44:44.0565 5656 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:44:44.0578 5656 BrUsbMdm - ok
18:44:44.0591 5656 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:44:44.0602 5656 BrUsbSer - ok
18:44:44.0616 5656 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:44:44.0630 5656 BTHMODEM - ok
18:44:44.0635 5656 catchme - ok
18:44:44.0651 5656 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:44:44.0681 5656 cdfs - ok
18:44:44.0698 5656 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:44:44.0711 5656 cdrom - ok
18:44:44.0729 5656 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:44:44.0742 5656 circlass - ok
18:44:44.0757 5656 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:44:44.0771 5656 CLFS - ok
18:44:44.0791 5656 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:44:44.0802 5656 CmBatt - ok
18:44:44.0816 5656 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:44:44.0825 5656 cmdide - ok
18:44:44.0844 5656 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:44:44.0865 5656 CNG - ok
18:44:44.0880 5656 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:44:44.0888 5656 Compbatt - ok
18:44:44.0903 5656 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:44:44.0917 5656 CompositeBus - ok
18:44:44.0929 5656 cpuio (907966b70662669ea1892281f85689ff) C:\Windows\SysWOW64\Drivers\cpuiox64.sys
18:44:44.0936 5656 cpuio - ok
18:44:44.0950 5656 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:44:44.0959 5656 crcdisk - ok
18:44:44.0982 5656 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:44:45.0000 5656 CSC - ok
18:44:45.0021 5656 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:44:45.0050 5656 DfsC - ok
18:44:45.0067 5656 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:44:45.0097 5656 discache - ok
18:44:45.0111 5656 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:44:45.0120 5656 Disk - ok
18:44:45.0134 5656 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
18:44:45.0145 5656 dmvsc - ok
18:44:45.0162 5656 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:44:45.0175 5656 drmkaud - ok
18:44:45.0197 5656 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:44:45.0217 5656 DXGKrnl - ok
18:44:45.0234 5656 e1cexpress (5db7ceb8fb44abf01614e33bad2056e0) C:\Windows\system32\DRIVERS\e1c62x64.sys
18:44:45.0246 5656 e1cexpress - ok
18:44:45.0290 5656 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:44:45.0341 5656 ebdrv - ok
18:44:45.0366 5656 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:44:45.0383 5656 elxstor - ok
18:44:45.0397 5656 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:44:45.0409 5656 ErrDev - ok
18:44:45.0428 5656 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:44:45.0460 5656 exfat - ok
18:44:45.0477 5656 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:44:45.0509 5656 fastfat - ok
18:44:45.0526 5656 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:44:45.0537 5656 fdc - ok
18:44:45.0554 5656 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:44:45.0563 5656 FileInfo - ok
18:44:45.0578 5656 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:44:45.0607 5656 Filetrace - ok
18:44:45.0621 5656 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:44:45.0639 5656 flpydisk - ok
18:44:45.0656 5656 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:44:45.0668 5656 FltMgr - ok
18:44:45.0686 5656 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:44:45.0695 5656 FsDepends - ok
18:44:45.0710 5656 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:44:45.0717 5656 Fs_Rec - ok
18:44:45.0733 5656 FTDIBUS (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys
18:44:45.0740 5656 FTDIBUS - ok
18:44:45.0755 5656 FTSER2K (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys
18:44:45.0763 5656 FTSER2K - ok
18:44:45.0780 5656 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:44:45.0793 5656 fvevol - ok
18:44:45.0808 5656 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:44:45.0817 5656 gagp30kx - ok
18:44:45.0832 5656 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:44:45.0839 5656 GEARAspiWDM - ok
18:44:45.0855 5656 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:44:45.0867 5656 hcw85cir - ok
18:44:45.0885 5656 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:44:45.0903 5656 HdAudAddService - ok
18:44:45.0920 5656 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:44:45.0933 5656 HDAudBus - ok
18:44:45.0948 5656 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:44:45.0960 5656 HidBatt - ok
18:44:45.0975 5656 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:44:45.0989 5656 HidBth - ok
18:44:46.0005 5656 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:44:46.0019 5656 HidIr - ok
18:44:46.0035 5656 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:44:46.0047 5656 HidUsb - ok
18:44:46.0066 5656 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:44:46.0075 5656 HpSAMD - ok
18:44:46.0098 5656 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:44:46.0136 5656 HTTP - ok
18:44:46.0151 5656 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:44:46.0158 5656 hwpolicy - ok
18:44:46.0174 5656 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:44:46.0187 5656 i8042prt - ok
18:44:46.0206 5656 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:44:46.0221 5656 iaStorV - ok
18:44:46.0349 5656 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:44:46.0513 5656 igfx - ok
18:44:46.0528 5656 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:44:46.0537 5656 iirsp - ok
18:44:46.0596 5656 IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
18:44:46.0660 5656 IntcAzAudAddService - ok
18:44:46.0680 5656 IntcDAud (ae594cc17c33ac146739494615e14851) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:44:46.0693 5656 IntcDAud - ok
18:44:46.0710 5656 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:44:46.0718 5656 intelide - ok
18:44:46.0733 5656 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:44:46.0745 5656 intelppm - ok
18:44:46.0762 5656 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:46.0792 5656 IpFilterDriver - ok
18:44:46.0809 5656 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:44:46.0821 5656 IPMIDRV - ok
18:44:46.0838 5656 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:44:46.0867 5656 IPNAT - ok
18:44:46.0885 5656 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
18:44:46.0901 5656 irda - ok
18:44:46.0916 5656 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:44:46.0931 5656 IRENUM - ok
18:44:46.0948 5656 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
18:44:46.0959 5656 irsir - ok
18:44:46.0974 5656 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:44:46.0982 5656 isapnp - ok
18:44:47.0000 5656 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:44:47.0012 5656 iScsiPrt - ok
18:44:47.0027 5656 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:44:47.0036 5656 kbdclass - ok
18:44:47.0051 5656 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:44:47.0062 5656 kbdhid - ok
18:44:47.0081 5656 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:44:47.0090 5656 KSecDD - ok
18:44:47.0106 5656 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:44:47.0117 5656 KSecPkg - ok
18:44:47.0131 5656 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:44:47.0160 5656 ksthunk - ok
18:44:47.0179 5656 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
18:44:47.0187 5656 LGBusEnum - ok
18:44:47.0202 5656 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
18:44:47.0210 5656 LGVirHid - ok
18:44:47.0224 5656 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:44:47.0254 5656 lltdio - ok
18:44:47.0273 5656 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:44:47.0283 5656 LSI_FC - ok
18:44:47.0299 5656 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:44:47.0308 5656 LSI_SAS - ok
18:44:47.0324 5656 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:44:47.0333 5656 LSI_SAS2 - ok
18:44:47.0349 5656 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:44:47.0358 5656 LSI_SCSI - ok
18:44:47.0373 5656 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:44:47.0403 5656 luafv - ok
18:44:47.0419 5656 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
18:44:47.0427 5656 MBAMProtector - ok
18:44:47.0445 5656 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:44:47.0454 5656 megasas - ok
18:44:47.0471 5656 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:44:47.0483 5656 MegaSR - ok
18:44:47.0499 5656 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:44:47.0506 5656 MEIx64 - ok
18:44:47.0524 5656 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:44:47.0553 5656 Modem - ok
18:44:47.0570 5656 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:44:47.0582 5656 monitor - ok
18:44:47.0599 5656 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:44:47.0607 5656 mouclass - ok
18:44:47.0622 5656 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:44:47.0634 5656 mouhid - ok
18:44:47.0649 5656 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:44:47.0658 5656 mountmgr - ok
18:44:47.0674 5656 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:44:47.0685 5656 mpio - ok
18:44:47.0700 5656 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:44:47.0731 5656 mpsdrv - ok
18:44:47.0749 5656 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:44:47.0765 5656 MRxDAV - ok
18:44:47.0782 5656 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:47.0796 5656 mrxsmb - ok
18:44:47.0814 5656 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:47.0828 5656 mrxsmb10 - ok
18:44:47.0846 5656 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:47.0857 5656 mrxsmb20 - ok
18:44:47.0873 5656 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:44:47.0881 5656 msahci - ok
18:44:47.0897 5656 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:44:47.0906 5656 msdsm - ok
18:44:47.0925 5656 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:44:47.0954 5656 Msfs - ok
18:44:47.0969 5656 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:44:47.0998 5656 mshidkmdf - ok
18:44:48.0013 5656 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:44:48.0020 5656 msisadrv - ok
18:44:48.0036 5656 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:44:48.0065 5656 MSKSSRV - ok
18:44:48.0079 5656 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:48.0108 5656 MSPCLOCK - ok
18:44:48.0122 5656 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:44:48.0151 5656 MSPQM - ok
18:44:48.0168 5656 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:44:48.0182 5656 MsRPC - ok
18:44:48.0198 5656 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:44:48.0206 5656 mssmbios - ok
18:44:48.0222 5656 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:44:48.0251 5656 MSTEE - ok
18:44:48.0265 5656 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:44:48.0276 5656 MTConfig - ok
18:44:48.0291 5656 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:44:48.0300 5656 Mup - ok
18:44:48.0320 5656 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:44:48.0339 5656 NativeWifiP - ok
18:44:48.0362 5656 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:44:48.0386 5656 NDIS - ok
18:44:48.0401 5656 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:48.0430 5656 NdisCap - ok
18:44:48.0445 5656 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:48.0474 5656 NdisTapi - ok
18:44:48.0490 5656 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:48.0519 5656 Ndisuio - ok
18:44:48.0535 5656 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:48.0566 5656 NdisWan - ok
18:44:48.0582 5656 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:44:48.0611 5656 NDProxy - ok
18:44:48.0625 5656 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:44:48.0655 5656 NetBIOS - ok
18:44:48.0672 5656 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:44:48.0702 5656 NetBT - ok
18:44:48.0722 5656 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:44:48.0731 5656 nfrd960 - ok
18:44:48.0746 5656 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:44:48.0776 5656 Npfs - ok
18:44:48.0791 5656 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:44:48.0821 5656 nsiproxy - ok
18:44:48.0853 5656 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:44:48.0888 5656 Ntfs - ok
18:44:48.0932 5656 NTG43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\WN311B64.sys
18:44:48.0988 5656 NTG43XX - ok
18:44:49.0020 5656 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:44:49.0049 5656 Null - ok
18:44:49.0065 5656 nusb3hub (b227e75ad10a142dd326b4cc8d73a6d9) C:\Windows\system32\DRIVERS\nusb3hub.sys
18:44:49.0076 5656 nusb3hub - ok
18:44:49.0093 5656 nusb3xhc (55959db860e4e484681586824d09e52c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:44:49.0105 5656 nusb3xhc - ok
18:44:49.0241 5656 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:44:49.0399 5656 nvlddmkm - ok
18:44:49.0417 5656 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:44:49.0427 5656 nvraid - ok
18:44:49.0442 5656 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:44:49.0453 5656 nvstor - ok
18:44:49.0470 5656 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:44:49.0480 5656 nv_agp - ok
18:44:49.0494 5656 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:44:49.0505 5656 ohci1394 - ok
18:44:49.0527 5656 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:44:49.0539 5656 Parport - ok
18:44:49.0553 5656 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:44:49.0562 5656 partmgr - ok
18:44:49.0566 5656 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
18:44:49.0576 5656 pbfilter - ok
18:44:49.0592 5656 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:44:49.0603 5656 pci - ok
18:44:49.0616 5656 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:44:49.0624 5656 pciide - ok
18:44:49.0640 5656 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:44:49.0651 5656 pcmcia - ok
18:44:49.0666 5656 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:44:49.0675 5656 pcw - ok
18:44:49.0697 5656 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:44:49.0734 5656 PEAUTH - ok
18:44:49.0761 5656 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
18:44:49.0768 5656 Point64 - ok
18:44:49.0786 5656 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:44:49.0815 5656 PptpMiniport - ok
18:44:49.0829 5656 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:44:49.0841 5656 Processor - ok
18:44:49.0859 5656 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:44:49.0888 5656 Psched - ok
18:44:49.0916 5656 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:44:49.0948 5656 ql2300 - ok
18:44:49.0963 5656 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:44:49.0973 5656 ql40xx - ok
18:44:49.0988 5656 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:44:50.0003 5656 QWAVEdrv - ok
18:44:50.0016 5656 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:44:50.0045 5656 RasAcd - ok
18:44:50.0059 5656 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:50.0088 5656 RasAgileVpn - ok
18:44:50.0104 5656 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:50.0133 5656 Rasl2tp - ok
18:44:50.0149 5656 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:50.0179 5656 RasPppoe - ok
18:44:50.0193 5656 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:44:50.0223 5656 RasSstp - ok
18:44:50.0240 5656 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:44:50.0271 5656 rdbss - ok
18:44:50.0286 5656 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:50.0299 5656 rdpbus - ok
18:44:50.0314 5656 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:50.0343 5656 RDPCDD - ok
18:44:50.0361 5656 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:44:50.0373 5656 RDPDR - ok
18:44:50.0388 5656 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:44:50.0416 5656 RDPENCDD - ok
18:44:50.0431 5656 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:44:50.0459 5656 RDPREFMP - ok
18:44:50.0475 5656 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:44:50.0505 5656 RDPWD - ok
18:44:50.0521 5656 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:44:50.0532 5656 rdyboost - ok
18:44:50.0548 5656 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:44:50.0557 5656 RimUsb - ok
18:44:50.0575 5656 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:44:50.0604 5656 rspndr - ok
18:44:50.0621 5656 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:50.0634 5656 RTL8167 - ok
18:44:50.0655 5656 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
18:44:50.0674 5656 RTL8192su - ok
18:44:50.0687 5656 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:44:50.0698 5656 s3cap - ok
18:44:50.0713 5656 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:44:50.0722 5656 sbp2port - ok
18:44:50.0737 5656 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:44:50.0766 5656 scfilter - ok
18:44:50.0783 5656 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:44:50.0812 5656 secdrv - ok
18:44:50.0829 5656 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:44:50.0840 5656 Serenum - ok
18:44:50.0855 5656 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:44:50.0867 5656 Serial - ok
18:44:50.0881 5656 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:44:50.0892 5656 sermouse - ok
18:44:50.0910 5656 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:44:50.0923 5656 sffdisk - ok
18:44:50.0936 5656 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:44:50.0949 5656 sffp_mmc - ok
18:44:50.0963 5656 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:44:50.0975 5656 sffp_sd - ok
18:44:50.0989 5656 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:44:51.0000 5656 sfloppy - ok
18:44:51.0017 5656 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:44:51.0026 5656 SiSRaid2 - ok
18:44:51.0040 5656 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:44:51.0049 5656 SiSRaid4 - ok
18:44:51.0064 5656 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:44:51.0094 5656 Smb - ok
18:44:51.0109 5656 smbusp (3da591bbab178a3152b8685dc43b20cd) C:\Windows\system32\DRIVERS\intelsmb.sys
18:44:51.0119 5656 smbusp - ok
18:44:51.0124 5656 speedfan - ok
18:44:51.0143 5656 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:44:51.0151 5656 spldr - ok
18:44:51.0175 5656 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:44:51.0193 5656 srv - ok
18:44:51.0213 5656 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:44:51.0230 5656 srv2 - ok
18:44:51.0247 5656 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:44:51.0260 5656 srvnet - ok
18:44:51.0281 5656 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:44:51.0290 5656 stexstor - ok
18:44:51.0307 5656 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:44:51.0315 5656 storflt - ok
18:44:51.0332 5656 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:44:51.0340 5656 storvsc - ok
18:44:51.0355 5656 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:44:51.0363 5656 swenum - ok
18:44:51.0402 5656 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:44:51.0440 5656 Tcpip - ok
18:44:51.0473 5656 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:44:51.0504 5656 TCPIP6 - ok
18:44:51.0519 5656 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:44:51.0548 5656 tcpipreg - ok
18:44:51.0562 5656 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:44:51.0591 5656 TDPIPE - ok
18:44:51.0604 5656 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:44:51.0633 5656 TDTCP - ok
18:44:51.0648 5656 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:44:51.0676 5656 tdx - ok
18:44:51.0691 5656 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
18:44:51.0699 5656 TermDD - ok
18:44:51.0720 5656 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:51.0749 5656 tssecsrv - ok
18:44:51.0763 5656 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:44:51.0773 5656 TsUsbFlt - ok
18:44:51.0787 5656 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:44:51.0798 5656 TsUsbGD - ok
18:44:51.0814 5656 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:44:51.0843 5656 tunnel - ok
18:44:51.0857 5656 TwBus (7d918d1b87719d4f063dccc2615dce36) C:\Windows\system32\DRIVERS\TwBus.sys
18:44:51.0865 5656 TwBus - ok
18:44:51.0883 5656 TwTouch (f0901a250797760536d55ce46a5f4c37) C:\Windows\system32\DRIVERS\TwTouch.sys
18:44:51.0895 5656 TwTouch - ok
18:44:51.0909 5656 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:44:51.0918 5656 uagp35 - ok
18:44:51.0935 5656 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:44:51.0967 5656 udfs - ok
18:44:51.0985 5656 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:44:51.0994 5656 uliagpkx - ok
18:44:52.0009 5656 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:44:52.0020 5656 umbus - ok
18:44:52.0034 5656 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:44:52.0046 5656 UmPass - ok
18:44:52.0063 5656 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:44:52.0077 5656 usbaudio - ok
18:44:52.0092 5656 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:52.0103 5656 usbccgp - ok
18:44:52.0117 5656 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:44:52.0132 5656 usbcir - ok
18:44:52.0146 5656 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:44:52.0157 5656 usbehci - ok
18:44:52.0174 5656 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:44:52.0189 5656 usbhub - ok
18:44:52.0202 5656 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:44:52.0213 5656 usbohci - ok
18:44:52.0227 5656 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:44:52.0240 5656 usbprint - ok
18:44:52.0254 5656 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:52.0266 5656 USBSTOR - ok
18:44:52.0280 5656 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:44:52.0291 5656 usbuhci - ok
18:44:52.0306 5656 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:44:52.0321 5656 usbvideo - ok
18:44:52.0339 5656 V0640Vid (34af631f8d8bdbe77e7fbd99ff147d3f) C:\Windows\system32\DRIVERS\V0640Vid.sys
18:44:52.0352 5656 V0640Vid - ok
18:44:52.0368 5656 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:44:52.0376 5656 vdrvroot - ok
18:44:52.0391 5656 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:52.0403 5656 vga - ok
18:44:52.0417 5656 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:44:52.0445 5656 VgaSave - ok
18:44:52.0461 5656 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:44:52.0473 5656 vhdmp - ok
18:44:52.0487 5656 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:44:52.0495 5656 viaide - ok
18:44:52.0510 5656 VirtuWDDM (ae6afc99525d6ad4a450ab3c0ebc9eea) C:\Windows\system32\DRIVERS\VirtuWDDM.sys
18:44:52.0518 5656 VirtuWDDM - ok
18:44:52.0533 5656 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:44:52.0543 5656 vmbus - ok
18:44:52.0557 5656 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:44:52.0568 5656 VMBusHID - ok
18:44:52.0582 5656 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:44:52.0591 5656 volmgr - ok
18:44:52.0609 5656 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:44:52.0622 5656 volmgrx - ok
18:44:52.0639 5656 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:44:52.0652 5656 volsnap - ok
18:44:52.0668 5656 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:44:52.0679 5656 vsmraid - ok
18:44:52.0694 5656 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:44:52.0707 5656 vwifibus - ok
18:44:52.0721 5656 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:44:52.0739 5656 vwififlt - ok
18:44:52.0754 5656 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:44:52.0768 5656 vwifimp - ok
18:44:52.0786 5656 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:44:52.0797 5656 WacomPen - ok
18:44:52.0812 5656 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:52.0841 5656 WANARP - ok
18:44:52.0844 5656 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:52.0872 5656 Wanarpv6 - ok
18:44:52.0892 5656 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:44:52.0900 5656 Wd - ok
18:44:52.0919 5656 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:44:52.0938 5656 Wdf01000 - ok
18:44:52.0959 5656 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:44:52.0988 5656 WfpLwf - ok
18:44:53.0002 5656 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:44:53.0010 5656 WIMMount - ok
18:44:53.0035 5656 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:44:53.0048 5656 WinUsb - ok
18:44:53.0063 5656 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:44:53.0074 5656 WmiAcpi - ok
18:44:53.0096 5656 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:44:53.0124 5656 ws2ifsl - ok
18:44:53.0143 5656 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:44:53.0172 5656 WudfPf - ok
18:44:53.0188 5656 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:44:53.0218 5656 WUDFRd - ok
18:44:53.0230 5656 __FOX__FOXONE_DRIVER__ - ok
18:44:53.0248 5656 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk3\DR3
18:44:53.0248 5656 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - infected
18:44:53.0248 5656 \Device\Harddisk3\DR3 - detected Rootkit.Boot.Pihar.b (0)
18:44:53.0274 5656 \Device\Harddisk3\DR3 ( TDSS File System ) - warning
18:44:53.0274 5656 \Device\Harddisk3\DR3 - detected TDSS File System (1)
18:44:53.0277 5656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:44:53.0300 5656 \Device\Harddisk0\DR0 - ok
18:44:53.0302 5656 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
18:44:53.0365 5656 \Device\Harddisk1\DR1 - ok
18:44:53.0380 5656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
18:44:53.0445 5656 \Device\Harddisk2\DR2 - ok
18:44:53.0447 5656 Boot (0x1200) (5980f7335d10ef55e93c0694e279194d) \Device\Harddisk3\DR3\Partition0
18:44:53.0448 5656 \Device\Harddisk3\DR3\Partition0 - ok
18:44:53.0450 5656 Boot (0x1200) (7945a0f0f3ff7fadde06c2f495e60c9b) \Device\Harddisk3\DR3\Partition1
18:44:53.0450 5656 \Device\Harddisk3\DR3\Partition1 - ok
18:44:53.0452 5656 Boot (0x1200) (bc2cd11a1b88dd7e6b5f165915d9b23f) \Device\Harddisk0\DR0\Partition0
18:44:53.0453 5656 \Device\Harddisk0\DR0\Partition0 - ok
18:44:53.0454 5656 Boot (0x1200) (f3d6a88930720ea1059f8dbd3d247912) \Device\Harddisk1\DR1\Partition0
18:44:53.0455 5656 \Device\Harddisk1\DR1\Partition0 - ok
18:44:53.0489 5656 Boot (0x1200) (c98561df38e4391e8db588aa3fa3474d) \Device\Harddisk2\DR2\Partition0
18:44:53.0490 5656 \Device\Harddisk2\DR2\Partition0 - ok
18:44:53.0490 5656 ============================================================
18:44:53.0490 5656 Scan finished
18:44:53.0490 5656 ============================================================
18:44:53.0496 4376 Detected object count: 2
18:44:53.0497 4376 Actual detected object count: 2
18:45:27.0847 4376 \Device\Harddisk3\DR3\# - copied to quarantine
18:45:27.0847 4376 \Device\Harddisk3\DR3 - copied to quarantine
18:45:27.0880 4376 \Device\Harddisk3\DR3\TDLFS\ph.dll - copied to quarantine
18:45:27.0881 4376 \Device\Harddisk3\DR3\TDLFS\phx.dll - copied to quarantine
18:45:27.0885 4376 \Device\Harddisk3\DR3\TDLFS\sub.dll - copied to quarantine
18:45:27.0888 4376 \Device\Harddisk3\DR3\TDLFS\subx.dll - copied to quarantine
18:45:27.0896 4376 \Device\Harddisk3\DR3\TDLFS\phd - copied to quarantine
18:45:27.0902 4376 \Device\Harddisk3\DR3\TDLFS\phdx - copied to quarantine
18:45:27.0903 4376 \Device\Harddisk3\DR3\TDLFS\phs - copied to quarantine
18:45:27.0904 4376 \Device\Harddisk3\DR3\TDLFS\phdata - copied to quarantine
18:45:27.0905 4376 \Device\Harddisk3\DR3\TDLFS\phld - copied to quarantine
18:45:27.0907 4376 \Device\Harddisk3\DR3\TDLFS\phln - copied to quarantine
18:45:27.0910 4376 \Device\Harddisk3\DR3\TDLFS\phlx - copied to quarantine
18:45:27.0911 4376 \Device\Harddisk3\DR3\TDLFS\phm - copied to quarantine
18:45:27.0913 4376 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
18:45:27.0913 4376 \Device\Harddisk3\DR3 - ok
18:45:27.0947 4376 \Device\Harddisk3\DR3 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
18:45:27.0948 4376 \Device\Harddisk3\DR3 ( TDSS File System ) - skipped by user
18:45:27.0948 4376 \Device\Harddisk3\DR3 ( TDSS File System ) - User select action: Skip
18:45:38.0493 4580 Deinitialize success

#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:24 PM

Posted 11 March 2012 - 06:22 PM

OK, run the tool again and have it Fix/Cure/Delete whatever remnants it finds - I forget the exact wording of the tool, but you'll figure it out, i'm sure. :) Then, as you have a copy of MalwareBytes AntiMalware, make sure it's updated and then run a full scan and let me have the log that it produces, along with the fresh TDSS log as well.

So long, and thanks for all the fish.

 

 


#7 Reinette

Reinette
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 11 March 2012 - 06:57 PM

It is working much much better. Thanks!

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ashley :: ASHLEY-PC [limited]

Protection: Enabled

3/11/2012 7:43:35 PM
mbam-log-2012-03-11 (19-43-35).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 341056
Time elapsed: 9 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

19:56:18.0632 1604 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
19:56:19.0044 1604 ============================================================
19:56:19.0044 1604 Current date / time: 2012/03/11 19:56:19.0044
19:56:19.0044 1604 SystemInfo:
19:56:19.0044 1604
19:56:19.0045 1604 OS Version: 6.1.7601 ServicePack: 1.0
19:56:19.0045 1604 Product type: Workstation
19:56:19.0045 1604 ComputerName: ASHLEY-PC
19:56:19.0045 1604 UserName: Ashley
19:56:19.0045 1604 Windows directory: C:\Windows
19:56:19.0045 1604 System windows directory: C:\Windows
19:56:19.0045 1604 Running under WOW64
19:56:19.0045 1604 Processor architecture: Intel x64
19:56:19.0045 1604 Number of processors: 4
19:56:19.0045 1604 Page size: 0x1000
19:56:19.0045 1604 Boot type: Normal boot
19:56:19.0045 1604 ============================================================
19:56:19.0249 1604 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:19.0250 1604 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:19.0271 1604 Drive \Device\Harddisk3\DR3 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:19.0329 1604 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:19.0359 1604 \Device\Harddisk2\DR2:
19:56:19.0359 1604 MBR used
19:56:19.0359 1604 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:56:19.0359 1604 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
19:56:19.0359 1604 \Device\Harddisk0\DR0:
19:56:19.0359 1604 MBR used
19:56:19.0359 1604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E000
19:56:19.0359 1604 \Device\Harddisk3\DR3:
19:56:19.0359 1604 MBR used
19:56:19.0359 1604 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
19:56:19.0359 1604 \Device\Harddisk1\DR1:
19:56:19.0360 1604 MBR used
19:56:19.0360 1604 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:56:19.0419 1604 Initialize success
19:56:19.0419 1604 ============================================================
19:56:23.0732 4260 ============================================================
19:56:23.0732 4260 Scan started
19:56:23.0732 4260 Mode: Manual; SigCheck; TDLFS;
19:56:23.0732 4260 ============================================================
19:56:24.0343 4260 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
19:56:24.0430 4260 1394ohci - ok
19:56:24.0447 4260 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:56:24.0462 4260 ACPI - ok
19:56:24.0477 4260 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:56:24.0500 4260 AcpiPmi - ok
19:56:24.0521 4260 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:56:24.0539 4260 adp94xx - ok
19:56:24.0557 4260 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:56:24.0570 4260 adpahci - ok
19:56:24.0587 4260 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:56:24.0598 4260 adpu320 - ok
19:56:24.0622 4260 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:56:24.0639 4260 AFD - ok
19:56:24.0654 4260 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:56:24.0663 4260 agp440 - ok
19:56:24.0679 4260 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:56:24.0687 4260 aliide - ok
19:56:24.0703 4260 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:56:24.0711 4260 amdide - ok
19:56:24.0726 4260 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:56:24.0739 4260 AmdK8 - ok
19:56:24.0754 4260 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:56:24.0766 4260 AmdPPM - ok
19:56:24.0781 4260 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:56:24.0791 4260 amdsata - ok
19:56:24.0806 4260 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:56:24.0818 4260 amdsbs - ok
19:56:24.0833 4260 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:56:24.0841 4260 amdxata - ok
19:56:24.0858 4260 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:56:24.0925 4260 AppID - ok
19:56:24.0946 4260 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:56:24.0956 4260 arc - ok
19:56:24.0971 4260 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:56:24.0982 4260 arcsas - ok
19:56:24.0997 4260 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys
19:56:25.0047 4260 aswFsBlk - ok
19:56:25.0063 4260 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys
19:56:25.0072 4260 aswMonFlt - ok
19:56:25.0086 4260 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys
19:56:25.0094 4260 aswRdr - ok
19:56:25.0114 4260 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys
19:56:25.0134 4260 aswSnx - ok
19:56:25.0151 4260 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys
19:56:25.0164 4260 aswSP - ok
19:56:25.0179 4260 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys
19:56:25.0188 4260 aswTdi - ok
19:56:25.0203 4260 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:25.0255 4260 AsyncMac - ok
19:56:25.0269 4260 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:56:25.0278 4260 atapi - ok
19:56:25.0303 4260 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:56:25.0323 4260 b06bdrv - ok
19:56:25.0341 4260 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:25.0357 4260 b57nd60a - ok
19:56:25.0412 4260 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:56:25.0488 4260 BCM43XX - ok
19:56:25.0504 4260 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:56:25.0534 4260 Beep - ok
19:56:25.0552 4260 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:25.0564 4260 blbdrive - ok
19:56:25.0582 4260 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:56:25.0594 4260 bowser - ok
19:56:25.0609 4260 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:56:25.0622 4260 BrFiltLo - ok
19:56:25.0636 4260 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:56:25.0650 4260 BrFiltUp - ok
19:56:25.0664 4260 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:56:25.0694 4260 Bridge - ok
19:56:25.0697 4260 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:56:25.0727 4260 BridgeMP - ok
19:56:25.0745 4260 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:56:25.0763 4260 Brserid - ok
19:56:25.0778 4260 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:25.0792 4260 BrSerWdm - ok
19:56:25.0808 4260 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:25.0822 4260 BrUsbMdm - ok
19:56:25.0835 4260 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:25.0846 4260 BrUsbSer - ok
19:56:25.0861 4260 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:56:25.0875 4260 BTHMODEM - ok
19:56:25.0881 4260 catchme - ok
19:56:25.0897 4260 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:56:25.0928 4260 cdfs - ok
19:56:25.0943 4260 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:56:25.0957 4260 cdrom - ok
19:56:25.0974 4260 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:56:25.0988 4260 circlass - ok
19:56:26.0004 4260 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:56:26.0018 4260 CLFS - ok
19:56:26.0037 4260 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:56:26.0048 4260 CmBatt - ok
19:56:26.0063 4260 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:56:26.0072 4260 cmdide - ok
19:56:26.0092 4260 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:56:26.0110 4260 CNG - ok
19:56:26.0125 4260 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:56:26.0134 4260 Compbatt - ok
19:56:26.0149 4260 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:56:26.0163 4260 CompositeBus - ok
19:56:26.0176 4260 cpuio (907966b70662669ea1892281f85689ff) C:\Windows\SysWOW64\Drivers\cpuiox64.sys
19:56:26.0183 4260 cpuio - ok
19:56:26.0197 4260 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:56:26.0206 4260 crcdisk - ok
19:56:26.0228 4260 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:56:26.0244 4260 CSC - ok
19:56:26.0264 4260 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:56:26.0294 4260 DfsC - ok
19:56:26.0310 4260 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:56:26.0339 4260 discache - ok
19:56:26.0355 4260 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:56:26.0364 4260 Disk - ok
19:56:26.0379 4260 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
19:56:26.0391 4260 dmvsc - ok
19:56:26.0409 4260 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:56:26.0422 4260 drmkaud - ok
19:56:26.0446 4260 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:56:26.0465 4260 DXGKrnl - ok
19:56:26.0482 4260 e1cexpress (5db7ceb8fb44abf01614e33bad2056e0) C:\Windows\system32\DRIVERS\e1c62x64.sys
19:56:26.0495 4260 e1cexpress - ok
19:56:26.0541 4260 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:56:26.0592 4260 ebdrv - ok
19:56:26.0618 4260 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:56:26.0635 4260 elxstor - ok
19:56:26.0649 4260 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:56:26.0660 4260 ErrDev - ok
19:56:26.0679 4260 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:56:26.0711 4260 exfat - ok
19:56:26.0727 4260 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:56:26.0760 4260 fastfat - ok
19:56:26.0775 4260 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:56:26.0786 4260 fdc - ok
19:56:26.0804 4260 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:56:26.0813 4260 FileInfo - ok
19:56:26.0828 4260 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:56:26.0858 4260 Filetrace - ok
19:56:26.0873 4260 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:56:26.0884 4260 flpydisk - ok
19:56:26.0901 4260 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:56:26.0914 4260 FltMgr - ok
19:56:26.0932 4260 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:56:26.0941 4260 FsDepends - ok
19:56:26.0955 4260 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:56:26.0963 4260 Fs_Rec - ok
19:56:26.0979 4260 FTDIBUS (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys
19:56:26.0987 4260 FTDIBUS - ok
19:56:27.0003 4260 FTSER2K (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys
19:56:27.0010 4260 FTSER2K - ok
19:56:27.0027 4260 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:56:27.0040 4260 fvevol - ok
19:56:27.0055 4260 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:56:27.0065 4260 gagp30kx - ok
19:56:27.0079 4260 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:27.0086 4260 GEARAspiWDM - ok
19:56:27.0103 4260 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:56:27.0115 4260 hcw85cir - ok
19:56:27.0133 4260 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:56:27.0150 4260 HdAudAddService - ok
19:56:27.0167 4260 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:27.0181 4260 HDAudBus - ok
19:56:27.0196 4260 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:56:27.0207 4260 HidBatt - ok
19:56:27.0222 4260 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:56:27.0236 4260 HidBth - ok
19:56:27.0252 4260 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:56:27.0265 4260 HidIr - ok
19:56:27.0282 4260 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:56:27.0294 4260 HidUsb - ok
19:56:27.0313 4260 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:56:27.0323 4260 HpSAMD - ok
19:56:27.0345 4260 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:56:27.0381 4260 HTTP - ok
19:56:27.0396 4260 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:56:27.0405 4260 hwpolicy - ok
19:56:27.0420 4260 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:56:27.0431 4260 i8042prt - ok
19:56:27.0452 4260 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:56:27.0468 4260 iaStorV - ok
19:56:27.0600 4260 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:56:27.0769 4260 igfx - ok
19:56:27.0785 4260 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:56:27.0794 4260 iirsp - ok
19:56:27.0856 4260 IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
19:56:27.0937 4260 IntcAzAudAddService - ok
19:56:27.0957 4260 IntcDAud (ae594cc17c33ac146739494615e14851) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:56:27.0970 4260 IntcDAud - ok
19:56:27.0988 4260 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:56:27.0996 4260 intelide - ok
19:56:28.0012 4260 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:56:28.0024 4260 intelppm - ok
19:56:28.0040 4260 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:28.0068 4260 IpFilterDriver - ok
19:56:28.0085 4260 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:56:28.0097 4260 IPMIDRV - ok
19:56:28.0114 4260 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:56:28.0143 4260 IPNAT - ok
19:56:28.0161 4260 irda (05360b1ea5a2abf620d1d96ebd8bd8f1) C:\Windows\system32\DRIVERS\irda.sys
19:56:28.0184 4260 irda - ok
19:56:28.0199 4260 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:56:28.0213 4260 IRENUM - ok
19:56:28.0229 4260 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
19:56:28.0240 4260 irsir - ok
19:56:28.0255 4260 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:56:28.0263 4260 isapnp - ok
19:56:28.0281 4260 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:56:28.0293 4260 iScsiPrt - ok
19:56:28.0308 4260 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:28.0317 4260 kbdclass - ok
19:56:28.0332 4260 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:28.0343 4260 kbdhid - ok
19:56:28.0362 4260 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:56:28.0371 4260 KSecDD - ok
19:56:28.0387 4260 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:56:28.0396 4260 KSecPkg - ok
19:56:28.0412 4260 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:56:28.0440 4260 ksthunk - ok
19:56:28.0459 4260 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
19:56:28.0467 4260 LGBusEnum - ok
19:56:28.0481 4260 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
19:56:28.0488 4260 LGVirHid - ok
19:56:28.0513 4260 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:56:28.0542 4260 lltdio - ok
19:56:28.0563 4260 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:56:28.0572 4260 LSI_FC - ok
19:56:28.0588 4260 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:56:28.0598 4260 LSI_SAS - ok
19:56:28.0613 4260 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:56:28.0622 4260 LSI_SAS2 - ok
19:56:28.0639 4260 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:56:28.0649 4260 LSI_SCSI - ok
19:56:28.0664 4260 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:56:28.0694 4260 luafv - ok
19:56:28.0709 4260 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:56:28.0718 4260 MBAMProtector - ok
19:56:28.0735 4260 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:56:28.0743 4260 megasas - ok
19:56:28.0760 4260 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:56:28.0773 4260 MegaSR - ok
19:56:28.0788 4260 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:56:28.0796 4260 MEIx64 - ok
19:56:28.0814 4260 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:56:28.0842 4260 Modem - ok
19:56:28.0858 4260 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:56:28.0871 4260 monitor - ok
19:56:28.0887 4260 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:56:28.0896 4260 mouclass - ok
19:56:28.0911 4260 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:56:28.0923 4260 mouhid - ok
19:56:28.0939 4260 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:56:28.0948 4260 mountmgr - ok
19:56:28.0964 4260 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:56:28.0975 4260 mpio - ok
19:56:28.0989 4260 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:56:29.0019 4260 mpsdrv - ok
19:56:29.0037 4260 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:56:29.0053 4260 MRxDAV - ok
19:56:29.0069 4260 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:29.0082 4260 mrxsmb - ok
19:56:29.0100 4260 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:29.0113 4260 mrxsmb10 - ok
19:56:29.0128 4260 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:29.0139 4260 mrxsmb20 - ok
19:56:29.0155 4260 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:56:29.0163 4260 msahci - ok
19:56:29.0179 4260 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:56:29.0189 4260 msdsm - ok
19:56:29.0208 4260 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:56:29.0236 4260 Msfs - ok
19:56:29.0252 4260 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:56:29.0280 4260 mshidkmdf - ok
19:56:29.0295 4260 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:56:29.0303 4260 msisadrv - ok
19:56:29.0319 4260 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:56:29.0347 4260 MSKSSRV - ok
19:56:29.0360 4260 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:29.0389 4260 MSPCLOCK - ok
19:56:29.0403 4260 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:56:29.0430 4260 MSPQM - ok
19:56:29.0447 4260 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:56:29.0458 4260 MsRPC - ok
19:56:29.0474 4260 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:29.0483 4260 mssmbios - ok
19:56:29.0497 4260 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:56:29.0526 4260 MSTEE - ok
19:56:29.0540 4260 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:56:29.0551 4260 MTConfig - ok
19:56:29.0565 4260 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:56:29.0573 4260 Mup - ok
19:56:29.0592 4260 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:56:29.0609 4260 NativeWifiP - ok
19:56:29.0631 4260 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:56:29.0650 4260 NDIS - ok
19:56:29.0664 4260 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:29.0693 4260 NdisCap - ok
19:56:29.0707 4260 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:29.0736 4260 NdisTapi - ok
19:56:29.0751 4260 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:29.0779 4260 Ndisuio - ok
19:56:29.0794 4260 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:29.0825 4260 NdisWan - ok
19:56:29.0839 4260 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:56:29.0867 4260 NDProxy - ok
19:56:29.0882 4260 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:56:29.0911 4260 NetBIOS - ok
19:56:29.0927 4260 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:56:29.0955 4260 NetBT - ok
19:56:29.0974 4260 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:56:29.0983 4260 nfrd960 - ok
19:56:29.0998 4260 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:56:30.0027 4260 Npfs - ok
19:56:30.0042 4260 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:56:30.0071 4260 nsiproxy - ok
19:56:30.0103 4260 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:56:30.0130 4260 Ntfs - ok
19:56:30.0175 4260 NTG43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\WN311B64.sys
19:56:30.0228 4260 NTG43XX - ok
19:56:30.0243 4260 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:56:30.0271 4260 Null - ok
19:56:30.0289 4260 nusb3hub (b227e75ad10a142dd326b4cc8d73a6d9) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:56:30.0300 4260 nusb3hub - ok
19:56:30.0317 4260 nusb3xhc (55959db860e4e484681586824d09e52c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:56:30.0331 4260 nusb3xhc - ok
19:56:30.0464 4260 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:56:30.0677 4260 nvlddmkm - ok
19:56:30.0695 4260 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:56:30.0705 4260 nvraid - ok
19:56:30.0722 4260 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:56:30.0734 4260 nvstor - ok
19:56:30.0753 4260 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:56:30.0764 4260 nv_agp - ok
19:56:30.0779 4260 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:56:30.0791 4260 ohci1394 - ok
19:56:30.0814 4260 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:56:30.0827 4260 Parport - ok
19:56:30.0842 4260 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:56:30.0850 4260 partmgr - ok
19:56:30.0855 4260 pbfilter (7c0582921913d00180ec2b8518ba135c) C:\Program Files\PeerBlock\pbfilter.sys
19:56:30.0865 4260 pbfilter - ok
19:56:30.0884 4260 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:56:30.0894 4260 pci - ok
19:56:30.0909 4260 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:56:30.0918 4260 pciide - ok
19:56:30.0935 4260 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:56:30.0947 4260 pcmcia - ok
19:56:30.0963 4260 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:56:30.0972 4260 pcw - ok
19:56:30.0993 4260 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:56:31.0025 4260 PEAUTH - ok
19:56:31.0054 4260 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:56:31.0062 4260 Point64 - ok
19:56:31.0082 4260 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:56:31.0110 4260 PptpMiniport - ok
19:56:31.0124 4260 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:56:31.0137 4260 Processor - ok
19:56:31.0157 4260 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:56:31.0186 4260 Psched - ok
19:56:31.0216 4260 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:56:31.0248 4260 ql2300 - ok
19:56:31.0265 4260 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:56:31.0276 4260 ql40xx - ok
19:56:31.0293 4260 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:56:31.0308 4260 QWAVEdrv - ok
19:56:31.0324 4260 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:56:31.0354 4260 RasAcd - ok
19:56:31.0369 4260 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:31.0398 4260 RasAgileVpn - ok
19:56:31.0416 4260 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:31.0446 4260 Rasl2tp - ok
19:56:31.0464 4260 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:31.0494 4260 RasPppoe - ok
19:56:31.0511 4260 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:56:31.0540 4260 RasSstp - ok
19:56:31.0559 4260 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:56:31.0589 4260 rdbss - ok
19:56:31.0604 4260 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:31.0618 4260 rdpbus - ok
19:56:31.0631 4260 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:31.0660 4260 RDPCDD - ok
19:56:31.0676 4260 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:56:31.0688 4260 RDPDR - ok
19:56:31.0702 4260 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:56:31.0730 4260 RDPENCDD - ok
19:56:31.0746 4260 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:56:31.0773 4260 RDPREFMP - ok
19:56:31.0789 4260 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:56:31.0818 4260 RDPWD - ok
19:56:31.0834 4260 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:56:31.0844 4260 rdyboost - ok
19:56:31.0861 4260 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:56:31.0870 4260 RimUsb - ok
19:56:31.0889 4260 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:56:31.0919 4260 rspndr - ok
19:56:31.0936 4260 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:56:31.0949 4260 RTL8167 - ok
19:56:31.0971 4260 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
19:56:31.0989 4260 RTL8192su - ok
19:56:32.0003 4260 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:56:32.0014 4260 s3cap - ok
19:56:32.0030 4260 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:56:32.0039 4260 sbp2port - ok
19:56:32.0055 4260 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:56:32.0082 4260 scfilter - ok
19:56:32.0100 4260 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:56:32.0128 4260 secdrv - ok
19:56:32.0146 4260 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:56:32.0157 4260 Serenum - ok
19:56:32.0172 4260 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:56:32.0184 4260 Serial - ok
19:56:32.0199 4260 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:56:32.0211 4260 sermouse - ok
19:56:32.0231 4260 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:56:32.0245 4260 sffdisk - ok
19:56:32.0260 4260 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:56:32.0273 4260 sffp_mmc - ok
19:56:32.0288 4260 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:56:32.0301 4260 sffp_sd - ok
19:56:32.0316 4260 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:56:32.0328 4260 sfloppy - ok
19:56:32.0346 4260 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:56:32.0355 4260 SiSRaid2 - ok
19:56:32.0371 4260 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:56:32.0381 4260 SiSRaid4 - ok
19:56:32.0397 4260 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:56:32.0427 4260 Smb - ok
19:56:32.0443 4260 smbusp (3da591bbab178a3152b8685dc43b20cd) C:\Windows\system32\DRIVERS\intelsmb.sys
19:56:32.0453 4260 smbusp - ok
19:56:32.0458 4260 speedfan - ok
19:56:32.0477 4260 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:56:32.0485 4260 spldr - ok
19:56:32.0510 4260 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:56:32.0525 4260 srv - ok
19:56:32.0545 4260 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:56:32.0559 4260 srv2 - ok
19:56:32.0576 4260 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:56:32.0588 4260 srvnet - ok
19:56:32.0609 4260 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:56:32.0618 4260 stexstor - ok
19:56:32.0635 4260 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:56:32.0644 4260 storflt - ok
19:56:32.0661 4260 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:56:32.0670 4260 storvsc - ok
19:56:32.0684 4260 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:56:32.0693 4260 swenum - ok
19:56:32.0732 4260 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:56:32.0763 4260 Tcpip - ok
19:56:32.0796 4260 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:56:32.0825 4260 TCPIP6 - ok
19:56:32.0841 4260 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:56:32.0869 4260 tcpipreg - ok
19:56:32.0885 4260 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:56:32.0914 4260 TDPIPE - ok
19:56:32.0929 4260 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:56:32.0957 4260 TDTCP - ok
19:56:32.0972 4260 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:56:33.0001 4260 tdx - ok
19:56:33.0018 4260 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:56:33.0027 4260 TermDD - ok
19:56:33.0051 4260 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:33.0079 4260 tssecsrv - ok
19:56:33.0093 4260 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:56:33.0104 4260 TsUsbFlt - ok
19:56:33.0118 4260 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:56:33.0128 4260 TsUsbGD - ok
19:56:33.0144 4260 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:56:33.0172 4260 tunnel - ok
19:56:33.0186 4260 TwBus (7d918d1b87719d4f063dccc2615dce36) C:\Windows\system32\DRIVERS\TwBus.sys
19:56:33.0197 4260 TwBus - ok
19:56:33.0215 4260 TwTouch (f0901a250797760536d55ce46a5f4c37) C:\Windows\system32\DRIVERS\TwTouch.sys
19:56:33.0228 4260 TwTouch - ok
19:56:33.0242 4260 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:56:33.0251 4260 uagp35 - ok
19:56:33.0269 4260 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:56:33.0298 4260 udfs - ok
19:56:33.0317 4260 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:56:33.0325 4260 uliagpkx - ok
19:56:33.0340 4260 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:56:33.0351 4260 umbus - ok
19:56:33.0365 4260 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:56:33.0377 4260 UmPass - ok
19:56:33.0394 4260 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:56:33.0409 4260 usbaudio - ok
19:56:33.0423 4260 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:33.0436 4260 usbccgp - ok
19:56:33.0451 4260 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:56:33.0466 4260 usbcir - ok
19:56:33.0480 4260 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:56:33.0492 4260 usbehci - ok
19:56:33.0509 4260 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:56:33.0524 4260 usbhub - ok
19:56:33.0538 4260 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:56:33.0549 4260 usbohci - ok
19:56:33.0574 4260 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:56:33.0587 4260 usbprint - ok
19:56:33.0601 4260 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:33.0614 4260 USBSTOR - ok
19:56:33.0628 4260 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:33.0639 4260 usbuhci - ok
19:56:33.0656 4260 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:56:33.0671 4260 usbvideo - ok
19:56:33.0689 4260 V0640Vid (34af631f8d8bdbe77e7fbd99ff147d3f) C:\Windows\system32\DRIVERS\V0640Vid.sys
19:56:33.0703 4260 V0640Vid - ok
19:56:33.0719 4260 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:56:33.0728 4260 vdrvroot - ok
19:56:33.0744 4260 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:33.0757 4260 vga - ok
19:56:33.0773 4260 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:56:33.0802 4260 VgaSave - ok
19:56:33.0820 4260 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:56:33.0831 4260 vhdmp - ok
19:56:33.0846 4260 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:56:33.0855 4260 viaide - ok
19:56:33.0871 4260 VirtuWDDM (ae6afc99525d6ad4a450ab3c0ebc9eea) C:\Windows\system32\DRIVERS\VirtuWDDM.sys
19:56:33.0880 4260 VirtuWDDM - ok
19:56:33.0896 4260 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:56:33.0908 4260 vmbus - ok
19:56:33.0924 4260 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:56:33.0936 4260 VMBusHID - ok
19:56:33.0952 4260 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:56:33.0961 4260 volmgr - ok
19:56:33.0980 4260 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:56:33.0994 4260 volmgrx - ok
19:56:34.0013 4260 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:56:34.0026 4260 volsnap - ok
19:56:34.0043 4260 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:56:34.0054 4260 vsmraid - ok
19:56:34.0070 4260 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:34.0083 4260 vwifibus - ok
19:56:34.0100 4260 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:34.0115 4260 vwififlt - ok
19:56:34.0133 4260 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:56:34.0148 4260 vwifimp - ok
19:56:34.0175 4260 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:56:34.0186 4260 WacomPen - ok
19:56:34.0203 4260 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:56:34.0230 4260 WANARP - ok
19:56:34.0234 4260 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:56:34.0262 4260 Wanarpv6 - ok
19:56:34.0284 4260 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:56:34.0293 4260 Wd - ok
19:56:34.0315 4260 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:56:34.0330 4260 Wdf01000 - ok
19:56:34.0356 4260 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:34.0384 4260 WfpLwf - ok
19:56:34.0400 4260 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:56:34.0408 4260 WIMMount - ok
19:56:34.0436 4260 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:34.0451 4260 WinUsb - ok
19:56:34.0468 4260 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:56:34.0479 4260 WmiAcpi - ok
19:56:34.0503 4260 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:56:34.0532 4260 ws2ifsl - ok
19:56:34.0555 4260 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:56:34.0584 4260 WudfPf - ok
19:56:34.0602 4260 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:34.0632 4260 WUDFRd - ok
19:56:34.0645 4260 __FOX__FOXONE_DRIVER__ - ok
19:56:34.0666 4260 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
19:56:34.0694 4260 \Device\Harddisk2\DR2 - ok
19:56:34.0696 4260 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:56:34.0718 4260 \Device\Harddisk0\DR0 - ok
19:56:34.0720 4260 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk3\DR3
19:56:34.0779 4260 \Device\Harddisk3\DR3 - ok
19:56:34.0805 4260 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:56:34.0870 4260 \Device\Harddisk1\DR1 - ok
19:56:34.0872 4260 Boot (0x1200) (5980f7335d10ef55e93c0694e279194d) \Device\Harddisk2\DR2\Partition0
19:56:34.0873 4260 \Device\Harddisk2\DR2\Partition0 - ok
19:56:34.0874 4260 Boot (0x1200) (7945a0f0f3ff7fadde06c2f495e60c9b) \Device\Harddisk2\DR2\Partition1
19:56:34.0875 4260 \Device\Harddisk2\DR2\Partition1 - ok
19:56:34.0877 4260 Boot (0x1200) (bc2cd11a1b88dd7e6b5f165915d9b23f) \Device\Harddisk0\DR0\Partition0
19:56:34.0878 4260 \Device\Harddisk0\DR0\Partition0 - ok
19:56:34.0880 4260 Boot (0x1200) (f3d6a88930720ea1059f8dbd3d247912) \Device\Harddisk3\DR3\Partition0
19:56:34.0881 4260 \Device\Harddisk3\DR3\Partition0 - ok
19:56:34.0914 4260 Boot (0x1200) (c98561df38e4391e8db588aa3fa3474d) \Device\Harddisk1\DR1\Partition0
19:56:34.0915 4260 \Device\Harddisk1\DR1\Partition0 - ok
19:56:34.0915 4260 ============================================================
19:56:34.0915 4260 Scan finished
19:56:34.0915 4260 ============================================================
19:56:34.0922 5232 Detected object count: 0
19:56:34.0922 5232 Actual detected object count: 0
19:56:38.0093 0756 Deinitialize success

#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:24 PM

Posted 12 March 2012 - 03:29 PM

Good evening. :)

Run the PC for a day or two, making sure to reboot at least once, and then work through the following:

Pay a visit to the ESET Online Scanner.

  • Click the ESET Online Scanner button and a new window will open - you may need to maximise it.
  • Click the Run ESET Online Scanner button in the new window.
  • If you are using any other browser than IE, you will be prompted to download and run esetsmartinstaller_enu.exe and the scan will run from within the window that the executable opens.
  • Regardless of which browser you are using, you will be shown some terms and conditions and you will need to accept these to continue.
  • If you are running IE for this scan you will then be prompted to allow an ActiveX component to be downloaded, unless you already have it installed, and the scan will run inside IE.
  • When you see the Computer Scan Settings window, you will need to make the following changes:

    • UNCHECK Remove found threats - this is important.
    • Check Scan archives
    • Click on Advanced settings
    • Check Scan for potentially unsafe applications
  • Once ready, click Start to begin - not a surprise really!
  • The anti-virus definitions will now be downloaded, so don't forget to allow them through your firewall if prompted.
  • The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
  • Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
  • Click List of found threats and then Export to text file... and save the log somewhere convenient.
  • You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
  • Please post the contents of this file in your next reply, or let me know that nothing was identified.

Will you also throw in a fresh DDS log and let me know how the PC is behaving.

A quick tidy-up, if there are any leftovers onboard, and you'll be on your way shortly thereafter.

So long, and thanks for all the fish.

 

 


#9 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:12:24 PM

Posted 17 March 2012 - 04:13 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users