Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

McAfee and Windows Firewall keep shutting off!


  • Please log in to reply
8 replies to this topic

#1 drweird

drweird

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 25 March 2012 - 09:03 PM

Yesterday, I noticed McAfee firewall kept turning off. I downloaded Malwarebytes and bought the full version, and found something in the local temp files that when removed allowed the firewall to turn back on. Today, however, scans have shown nothing even as the firewall keeps turning off, and no amount of uninstalling and reinstalling fixes it - Mcafee shuts off the firewall every time I reinstall it.

http://www.bleepingcomputer.com/forums/topic442175.html/page__p__2593832__hl__firewall+turning+off__fromsearch__1#entry2593832

I referred to this but the FSS won't scan at all, so I'd like some help, please.

Error: 2777 - requested action has failed.

Edited by drweird, 25 March 2012 - 09:12 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:28 PM

Posted 25 March 2012 - 09:14 PM

Lets see if PC is clean

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 drweird

drweird
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 25 March 2012 - 09:41 PM

Here is the log:

19:07:23.0576 3520 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
19:07:25.0588 3520 ============================================================
19:07:25.0588 3520 Current date / time: 2011/11/03 19:07:25.0588
19:07:25.0588 3520 SystemInfo:
19:07:25.0588 3520
19:07:25.0588 3520 OS Version: 6.1.7601 ServicePack: 1.0
19:07:25.0588 3520 Product type: Workstation
19:07:25.0588 3520 ComputerName: ALEX-PC
19:07:25.0588 3520 UserName: Alex
19:07:25.0588 3520 Windows directory: C:\Windows
19:07:25.0588 3520 System windows directory: C:\Windows
19:07:25.0588 3520 Running under WOW64
19:07:25.0588 3520 Processor architecture: Intel x64
19:07:25.0588 3520 Number of processors: 8
19:07:25.0588 3520 Page size: 0x1000
19:07:25.0588 3520 Boot type: Normal boot
19:07:25.0588 3520 ============================================================
19:07:26.0181 3520 Initialize success
19:07:35.0931 5348 ============================================================
19:07:35.0931 5348 Scan started
19:07:35.0931 5348 Mode: Manual;
19:07:35.0931 5348 ============================================================
19:07:36.0508 5348 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:07:36.0570 5348 1394ohci - ok
19:07:36.0680 5348 Acceler (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys
19:07:36.0742 5348 Acceler - ok
19:07:36.0820 5348 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:07:36.0836 5348 ACPI - ok
19:07:36.0867 5348 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:07:36.0929 5348 AcpiPmi - ok
19:07:36.0992 5348 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:07:37.0007 5348 adp94xx - ok
19:07:37.0038 5348 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:07:37.0054 5348 adpahci - ok
19:07:37.0085 5348 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:07:37.0101 5348 adpu320 - ok
19:07:37.0194 5348 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:07:37.0194 5348 AFD - ok
19:07:37.0226 5348 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:07:37.0226 5348 agp440 - ok
19:07:37.0272 5348 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:07:37.0272 5348 aliide - ok
19:07:37.0288 5348 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:07:37.0288 5348 amdide - ok
19:07:37.0304 5348 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:07:37.0304 5348 AmdK8 - ok
19:07:37.0335 5348 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:07:37.0335 5348 AmdPPM - ok
19:07:37.0382 5348 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:07:37.0444 5348 amdsata - ok
19:07:37.0522 5348 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:07:37.0522 5348 amdsbs - ok
19:07:37.0538 5348 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:07:37.0584 5348 amdxata - ok
19:07:37.0647 5348 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:07:37.0678 5348 AppID - ok
19:07:37.0694 5348 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:07:37.0694 5348 arc - ok
19:07:37.0740 5348 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:07:37.0740 5348 arcsas - ok
19:07:37.0772 5348 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:37.0787 5348 AsyncMac - ok
19:07:37.0818 5348 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:07:37.0818 5348 atapi - ok
19:07:37.0865 5348 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:07:37.0881 5348 b06bdrv - ok
19:07:37.0896 5348 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:37.0896 5348 b57nd60a - ok
19:07:38.0021 5348 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:07:38.0084 5348 BCM43XX - ok
19:07:38.0099 5348 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:07:38.0099 5348 Beep - ok
19:07:38.0130 5348 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:07:38.0130 5348 blbdrive - ok
19:07:38.0162 5348 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:07:38.0224 5348 bowser - ok
19:07:38.0271 5348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:07:38.0286 5348 BrFiltLo - ok
19:07:38.0364 5348 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:07:38.0364 5348 BrFiltUp - ok
19:07:38.0520 5348 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:07:38.0536 5348 Brserid - ok
19:07:38.0567 5348 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:38.0583 5348 BrSerWdm - ok
19:07:38.0614 5348 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:38.0630 5348 BrUsbMdm - ok
19:07:38.0676 5348 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:38.0676 5348 BrUsbSer - ok
19:07:38.0739 5348 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:07:38.0739 5348 BthEnum - ok
19:07:38.0754 5348 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:07:38.0754 5348 BTHMODEM - ok
19:07:38.0801 5348 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:07:38.0801 5348 BthPan - ok
19:07:38.0832 5348 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:07:38.0895 5348 BTHPORT - ok
19:07:38.0957 5348 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:07:39.0004 5348 BTHUSB - ok
19:07:39.0051 5348 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
19:07:39.0113 5348 btwampfl - ok
19:07:39.0160 5348 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
19:07:39.0222 5348 btwavdt - ok
19:07:39.0285 5348 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\drivers\btwrchid.sys
19:07:39.0347 5348 btwrchid - ok
19:07:39.0410 5348 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:07:39.0441 5348 cdfs - ok
19:07:39.0488 5348 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:07:39.0566 5348 cdrom - ok
19:07:39.0644 5348 cfwids (75f91554e5fa6e962b880405fecc97a1) C:\Windows\system32\drivers\cfwids.sys
19:07:39.0737 5348 cfwids - ok
19:07:39.0768 5348 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:07:39.0768 5348 circlass - ok
19:07:39.0800 5348 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:07:39.0800 5348 CLFS - ok
19:07:39.0846 5348 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:07:39.0862 5348 CmBatt - ok
19:07:39.0878 5348 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:07:39.0878 5348 cmdide - ok
19:07:39.0909 5348 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:07:39.0909 5348 CNG - ok
19:07:39.0940 5348 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:07:39.0940 5348 Compbatt - ok
19:07:39.0971 5348 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:07:40.0034 5348 CompositeBus - ok
19:07:40.0096 5348 cpuz135 - ok
19:07:40.0112 5348 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:07:40.0112 5348 crcdisk - ok
19:07:40.0158 5348 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:07:40.0221 5348 CtClsFlt - ok
19:07:40.0283 5348 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:07:40.0283 5348 DfsC - ok
19:07:40.0299 5348 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:07:40.0299 5348 discache - ok
19:07:40.0314 5348 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:07:40.0330 5348 Disk - ok
19:07:40.0361 5348 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:07:40.0377 5348 drmkaud - ok
19:07:40.0408 5348 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:07:40.0424 5348 dtsoftbus01 - ok
19:07:40.0455 5348 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:07:40.0548 5348 DXGKrnl - ok
19:07:40.0626 5348 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:07:40.0736 5348 ebdrv - ok
19:07:40.0814 5348 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:07:40.0814 5348 elxstor - ok
19:07:40.0860 5348 EMSC (e47d9d7e6e53892fc97282482f4ae307) C:\Windows\system32\DRIVERS\EMSC.SYS
19:07:40.0860 5348 EMSC - ok
19:07:40.0876 5348 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:07:40.0876 5348 ErrDev - ok
19:07:40.0907 5348 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:07:40.0907 5348 exfat - ok
19:07:40.0938 5348 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:07:40.0954 5348 fastfat - ok
19:07:40.0970 5348 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:07:40.0970 5348 fdc - ok
19:07:40.0985 5348 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:07:41.0001 5348 FileInfo - ok
19:07:41.0001 5348 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:07:41.0016 5348 Filetrace - ok
19:07:41.0032 5348 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:07:41.0032 5348 flpydisk - ok
19:07:41.0048 5348 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:07:41.0063 5348 FltMgr - ok
19:07:41.0079 5348 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:07:41.0079 5348 FsDepends - ok
19:07:41.0094 5348 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:07:41.0110 5348 Fs_Rec - ok
19:07:41.0157 5348 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:07:41.0157 5348 fvevol - ok
19:07:41.0188 5348 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:07:41.0188 5348 gagp30kx - ok
19:07:41.0204 5348 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:07:41.0219 5348 hcw85cir - ok
19:07:41.0235 5348 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:41.0235 5348 HDAudBus - ok
19:07:41.0266 5348 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:07:41.0266 5348 HidBatt - ok
19:07:41.0282 5348 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:07:41.0297 5348 HidBth - ok
19:07:41.0313 5348 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:07:41.0313 5348 HidIr - ok
19:07:41.0360 5348 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:07:41.0406 5348 HidUsb - ok
19:07:41.0438 5348 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:07:41.0500 5348 HpSAMD - ok
19:07:41.0531 5348 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:07:41.0562 5348 HTTP - ok
19:07:41.0578 5348 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:07:41.0578 5348 hwpolicy - ok
19:07:41.0609 5348 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:41.0609 5348 i8042prt - ok
19:07:41.0656 5348 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
19:07:41.0656 5348 iaStor - ok
19:07:41.0718 5348 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:07:41.0781 5348 iaStorV - ok
19:07:41.0999 5348 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:07:42.0280 5348 igfx - ok
19:07:42.0327 5348 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:07:42.0342 5348 iirsp - ok
19:07:42.0374 5348 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
19:07:42.0452 5348 Impcd - ok
19:07:42.0514 5348 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:07:42.0623 5348 IntcDAud - ok
19:07:42.0670 5348 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:07:42.0670 5348 intelide - ok
19:07:42.0701 5348 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:07:42.0701 5348 intelppm - ok
19:07:42.0732 5348 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:42.0732 5348 IpFilterDriver - ok
19:07:42.0748 5348 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:07:42.0779 5348 IPMIDRV - ok
19:07:42.0826 5348 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:07:42.0826 5348 IPNAT - ok
19:07:42.0857 5348 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:07:42.0857 5348 IRENUM - ok
19:07:42.0873 5348 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:07:42.0888 5348 isapnp - ok
19:07:42.0920 5348 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:07:42.0966 5348 iScsiPrt - ok
19:07:43.0013 5348 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:43.0013 5348 kbdclass - ok
19:07:43.0029 5348 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:07:43.0091 5348 kbdhid - ok
19:07:43.0122 5348 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:07:43.0169 5348 KSecDD - ok
19:07:43.0200 5348 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:07:43.0263 5348 KSecPkg - ok
19:07:43.0294 5348 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:07:43.0294 5348 ksthunk - ok
19:07:43.0325 5348 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:07:43.0434 5348 L1C - ok
19:07:43.0497 5348 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:07:43.0497 5348 lltdio - ok
19:07:43.0528 5348 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:07:43.0528 5348 LSI_FC - ok
19:07:43.0544 5348 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:07:43.0559 5348 LSI_SAS - ok
19:07:43.0559 5348 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:07:43.0559 5348 LSI_SAS2 - ok
19:07:43.0606 5348 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:07:43.0606 5348 LSI_SCSI - ok
19:07:43.0622 5348 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:07:43.0637 5348 luafv - ok
19:07:43.0684 5348 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
19:07:43.0684 5348 MBAMProtector - ok
19:07:43.0762 5348 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:07:43.0778 5348 megasas - ok
19:07:43.0809 5348 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:07:43.0809 5348 MegaSR - ok
19:07:43.0856 5348 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
19:07:43.0918 5348 MEIx64 - ok
19:07:43.0980 5348 mfeapfk (eac376dd77ec9e95d38108a27c261dca) C:\Windows\system32\drivers\mfeapfk.sys
19:07:44.0043 5348 mfeapfk - ok
19:07:44.0121 5348 mfeavfk (f55f50b11d635658f346db0457bb2b79) C:\Windows\system32\drivers\mfeavfk.sys
19:07:44.0214 5348 mfeavfk - ok
19:07:44.0261 5348 mfeavfk01 - ok
19:07:44.0292 5348 mfefirek (33b8e35c5839a83d6700aab3e464553b) C:\Windows\system32\drivers\mfefirek.sys
19:07:44.0386 5348 mfefirek - ok
19:07:44.0464 5348 mfehidk (ada8c105c8f9a61284c75157c170585b) C:\Windows\system32\drivers\mfehidk.sys
19:07:44.0542 5348 mfehidk - ok
19:07:44.0589 5348 mfenlfk (c52ee6d1e1e5a69c989acc478051964e) C:\Windows\system32\DRIVERS\mfenlfk.sys
19:07:44.0636 5348 mfenlfk - ok
19:07:44.0682 5348 mferkdet (b000720e19ef733f938a6269d630f5dd) C:\Windows\system32\drivers\mferkdet.sys
19:07:44.0698 5348 mferkdet - ok
19:07:44.0714 5348 mfewfpk (62717ab68b38efee54678b85e19b0538) C:\Windows\system32\drivers\mfewfpk.sys
19:07:44.0792 5348 mfewfpk - ok
19:07:44.0838 5348 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:07:44.0838 5348 Modem - ok
19:07:44.0854 5348 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:07:44.0854 5348 monitor - ok
19:07:44.0885 5348 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:07:44.0901 5348 mouclass - ok
19:07:44.0916 5348 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:07:44.0916 5348 mouhid - ok
19:07:44.0948 5348 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:07:44.0948 5348 mountmgr - ok
19:07:44.0979 5348 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:07:45.0026 5348 mpio - ok
19:07:45.0057 5348 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:07:45.0057 5348 mpsdrv - ok
19:07:45.0072 5348 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:07:45.0150 5348 MRxDAV - ok
19:07:45.0197 5348 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:45.0197 5348 mrxsmb - ok
19:07:45.0244 5348 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:45.0322 5348 mrxsmb10 - ok
19:07:45.0353 5348 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:45.0400 5348 mrxsmb20 - ok
19:07:45.0447 5348 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:07:45.0509 5348 msahci - ok
19:07:45.0556 5348 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:07:45.0634 5348 msdsm - ok
19:07:45.0665 5348 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:07:45.0665 5348 Msfs - ok
19:07:45.0696 5348 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:07:45.0696 5348 mshidkmdf - ok
19:07:45.0728 5348 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:07:45.0728 5348 msisadrv - ok
19:07:45.0774 5348 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:07:45.0774 5348 MSKSSRV - ok
19:07:45.0790 5348 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:45.0806 5348 MSPCLOCK - ok
19:07:45.0821 5348 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:07:45.0837 5348 MSPQM - ok
19:07:45.0852 5348 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:07:45.0884 5348 MsRPC - ok
19:07:45.0899 5348 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:07:45.0915 5348 mssmbios - ok
19:07:45.0930 5348 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:07:45.0930 5348 MSTEE - ok
19:07:45.0930 5348 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:07:45.0930 5348 MTConfig - ok
19:07:45.0962 5348 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:07:45.0962 5348 Mup - ok
19:07:46.0008 5348 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:07:46.0008 5348 NativeWifiP - ok
19:07:46.0055 5348 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:07:46.0086 5348 NDIS - ok
19:07:46.0118 5348 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:46.0133 5348 NdisCap - ok
19:07:46.0149 5348 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:46.0149 5348 NdisTapi - ok
19:07:46.0180 5348 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:46.0274 5348 Ndisuio - ok
19:07:46.0289 5348 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:46.0305 5348 NdisWan - ok
19:07:46.0336 5348 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:07:46.0336 5348 NDProxy - ok
19:07:46.0336 5348 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:07:46.0352 5348 NetBIOS - ok
19:07:46.0367 5348 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:07:46.0367 5348 NetBT - ok
19:07:46.0430 5348 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:07:46.0430 5348 nfrd960 - ok
19:07:46.0461 5348 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:07:46.0461 5348 Npfs - ok
19:07:46.0476 5348 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:07:46.0476 5348 nsiproxy - ok
19:07:46.0539 5348 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:07:46.0648 5348 Ntfs - ok
19:07:46.0664 5348 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:07:46.0664 5348 Null - ok
19:07:46.0695 5348 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:07:46.0757 5348 nusb3hub - ok
19:07:46.0788 5348 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:07:46.0851 5348 nusb3xhc - ok
19:07:47.0069 5348 nvlddmkm (99674f4fba8c07eafa9ca8d192977562) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:07:47.0366 5348 nvlddmkm - ok
19:07:47.0381 5348 nvpciflt (408da881029f8c7d59d3ae6f2826eeae) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:07:47.0459 5348 nvpciflt - ok
19:07:47.0506 5348 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:07:47.0537 5348 nvraid - ok
19:07:47.0584 5348 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:07:47.0631 5348 nvstor - ok
19:07:47.0693 5348 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:07:47.0709 5348 nv_agp - ok
19:07:47.0724 5348 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:07:47.0724 5348 ohci1394 - ok
19:07:47.0740 5348 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:07:47.0756 5348 Parport - ok
19:07:47.0771 5348 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:07:47.0771 5348 partmgr - ok
19:07:47.0802 5348 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:07:47.0802 5348 pci - ok
19:07:47.0834 5348 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:07:47.0834 5348 pciide - ok
19:07:47.0849 5348 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:07:47.0865 5348 pcmcia - ok
19:07:47.0880 5348 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:07:47.0880 5348 pcw - ok
19:07:47.0912 5348 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:07:47.0927 5348 PEAUTH - ok
19:07:47.0990 5348 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:07:48.0052 5348 PptpMiniport - ok
19:07:48.0083 5348 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:07:48.0099 5348 Processor - ok
19:07:48.0130 5348 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:07:48.0130 5348 Psched - ok
19:07:48.0161 5348 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:07:48.0161 5348 PxHlpa64 - ok
19:07:48.0208 5348 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:07:48.0239 5348 ql2300 - ok
19:07:48.0255 5348 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:07:48.0255 5348 ql40xx - ok
19:07:48.0270 5348 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:07:48.0286 5348 QWAVEdrv - ok
19:07:48.0302 5348 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:07:48.0302 5348 RasAcd - ok
19:07:48.0333 5348 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:48.0333 5348 RasAgileVpn - ok
19:07:48.0364 5348 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:48.0411 5348 Rasl2tp - ok
19:07:48.0458 5348 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:48.0473 5348 RasPppoe - ok
19:07:48.0489 5348 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:07:48.0504 5348 RasSstp - ok
19:07:48.0520 5348 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:07:48.0520 5348 rdbss - ok
19:07:48.0536 5348 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:07:48.0551 5348 rdpbus - ok
19:07:48.0567 5348 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:48.0567 5348 RDPCDD - ok
19:07:48.0582 5348 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:07:48.0582 5348 RDPENCDD - ok
19:07:48.0598 5348 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:07:48.0598 5348 RDPREFMP - ok
19:07:48.0629 5348 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:07:48.0660 5348 RDPWD - ok
19:07:48.0692 5348 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:07:48.0692 5348 rdyboost - ok
19:07:48.0738 5348 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:07:48.0738 5348 RFCOMM - ok
19:07:48.0785 5348 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:07:48.0863 5348 RSPCIESTOR - ok
19:07:48.0894 5348 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:07:48.0910 5348 rspndr - ok
19:07:48.0926 5348 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:07:49.0004 5348 sbp2port - ok
19:07:49.0035 5348 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:07:49.0097 5348 scfilter - ok
19:07:49.0144 5348 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:07:49.0206 5348 sdbus - ok
19:07:49.0238 5348 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:07:49.0253 5348 secdrv - ok
19:07:49.0300 5348 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:07:49.0300 5348 Serenum - ok
19:07:49.0316 5348 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:07:49.0316 5348 Serial - ok
19:07:49.0331 5348 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:07:49.0331 5348 sermouse - ok
19:07:49.0347 5348 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:07:49.0347 5348 sffdisk - ok
19:07:49.0362 5348 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:07:49.0362 5348 sffp_mmc - ok
19:07:49.0362 5348 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:07:49.0394 5348 sffp_sd - ok
19:07:49.0409 5348 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:07:49.0409 5348 sfloppy - ok
19:07:49.0440 5348 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:07:49.0440 5348 SiSRaid2 - ok
19:07:49.0440 5348 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:07:49.0456 5348 SiSRaid4 - ok
19:07:49.0472 5348 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:07:49.0472 5348 Smb - ok
19:07:49.0503 5348 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:07:49.0503 5348 spldr - ok
19:07:49.0565 5348 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:07:49.0565 5348 srv - ok
19:07:49.0596 5348 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:07:49.0643 5348 srv2 - ok
19:07:49.0674 5348 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:07:49.0674 5348 srvnet - ok
19:07:49.0737 5348 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
19:07:49.0784 5348 stdcfltn - ok
19:07:49.0862 5348 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:07:49.0862 5348 stexstor - ok
19:07:49.0893 5348 STHDA (3ad0ed8b19cd76d2254de5fb298e3c26) C:\Windows\system32\DRIVERS\stwrt64.sys
19:07:49.0940 5348 STHDA - ok
19:07:49.0955 5348 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:07:49.0955 5348 swenum - ok
19:07:50.0018 5348 SynTP (d8205430cfd64fdb7d691d3bb74fd18f) C:\Windows\system32\DRIVERS\SynTP.sys
19:07:50.0080 5348 SynTP - ok
19:07:50.0158 5348 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
19:07:50.0189 5348 Tcpip - ok
19:07:50.0220 5348 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
19:07:50.0236 5348 TCPIP6 - ok
19:07:50.0267 5348 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:07:50.0330 5348 tcpipreg - ok
19:07:50.0345 5348 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:07:50.0361 5348 TDPIPE - ok
19:07:50.0376 5348 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:07:50.0376 5348 TDTCP - ok
19:07:50.0408 5348 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:07:50.0439 5348 tdx - ok
19:07:50.0470 5348 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:07:50.0486 5348 TermDD - ok
19:07:50.0517 5348 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:50.0564 5348 tssecsrv - ok
19:07:50.0595 5348 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:07:50.0657 5348 TsUsbFlt - ok
19:07:50.0657 5348 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:07:50.0688 5348 TsUsbGD - ok
19:07:50.0735 5348 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:07:50.0735 5348 tunnel - ok
19:07:50.0751 5348 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:07:50.0766 5348 uagp35 - ok
19:07:50.0782 5348 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:07:50.0782 5348 udfs - ok
19:07:50.0813 5348 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:07:50.0813 5348 uliagpkx - ok
19:07:50.0829 5348 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:07:50.0860 5348 umbus - ok
19:07:50.0876 5348 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:07:50.0876 5348 UmPass - ok
19:07:50.0922 5348 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:50.0985 5348 usbccgp - ok
19:07:51.0016 5348 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:07:51.0016 5348 usbcir - ok
19:07:51.0032 5348 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:07:51.0094 5348 usbehci - ok
19:07:51.0141 5348 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
19:07:51.0219 5348 usbhub - ok
19:07:51.0250 5348 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:07:51.0328 5348 usbohci - ok
19:07:51.0375 5348 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:07:51.0375 5348 usbprint - ok
19:07:51.0422 5348 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:51.0468 5348 USBSTOR - ok
19:07:51.0515 5348 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:07:51.0578 5348 usbuhci - ok
19:07:51.0640 5348 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:07:51.0687 5348 usbvideo - ok
19:07:51.0718 5348 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:07:51.0718 5348 vdrvroot - ok
19:07:51.0749 5348 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:51.0749 5348 vga - ok
19:07:51.0765 5348 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:07:51.0780 5348 VgaSave - ok
19:07:51.0796 5348 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:07:51.0843 5348 vhdmp - ok
19:07:51.0858 5348 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:07:51.0858 5348 viaide - ok
19:07:51.0905 5348 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:07:51.0952 5348 volmgr - ok
19:07:51.0999 5348 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:07:51.0999 5348 volmgrx - ok
19:07:52.0014 5348 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:07:52.0014 5348 volsnap - ok
19:07:52.0046 5348 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:07:52.0046 5348 vsmraid - ok
19:07:52.0061 5348 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:07:52.0061 5348 vwifibus - ok
19:07:52.0092 5348 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:07:52.0092 5348 vwififlt - ok
19:07:52.0124 5348 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:07:52.0124 5348 WacomPen - ok
19:07:52.0155 5348 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:52.0233 5348 WANARP - ok
19:07:52.0280 5348 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:52.0311 5348 Wanarpv6 - ok
19:07:52.0358 5348 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:07:52.0358 5348 Wd - ok
19:07:52.0389 5348 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:07:52.0420 5348 Wdf01000 - ok
19:07:52.0436 5348 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:07:52.0451 5348 WfpLwf - ok
19:07:52.0482 5348 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:07:52.0514 5348 WimFltr - ok
19:07:52.0545 5348 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:07:52.0545 5348 WIMMount - ok
19:07:52.0592 5348 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:07:52.0607 5348 WmiAcpi - ok
19:07:52.0638 5348 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:07:52.0638 5348 ws2ifsl - ok
19:07:52.0685 5348 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:07:52.0748 5348 WudfPf - ok
19:07:52.0794 5348 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:52.0857 5348 WUDFRd - ok
19:07:52.0904 5348 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:07:52.0919 5348 \Device\Harddisk0\DR0 - ok
19:07:52.0919 5348 Boot (0x1200) (457d4ad2c5782ca98a91d5310b3d2c03) \Device\Harddisk0\DR0\Partition0
19:07:52.0919 5348 \Device\Harddisk0\DR0\Partition0 - ok
19:07:52.0935 5348 Boot (0x1200) (980c4201e794471ea93e775baec987fe) \Device\Harddisk0\DR0\Partition1
19:07:52.0935 5348 \Device\Harddisk0\DR0\Partition1 - ok
19:07:52.0935 5348 ============================================================
19:07:52.0935 5348 Scan finished
19:07:52.0935 5348 ============================================================
19:07:52.0950 0924 Detected object count: 0
19:07:52.0950 0924 Actual detected object count: 0
19:07:56.0367 6508 Deinitialize success

----

My system is 64-bit, so it can't run the second file, sorry.

----

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 22:24:57
-----------------------------
22:24:57.322 OS Version: Windows x64 6.1.7601 Service Pack 1
22:24:57.322 Number of processors: 8 586 0x2A07
22:24:57.322 ComputerName: ALEX-PC UserName: Alex
22:24:58.695 Initialize success
22:34:38.540 AVAST engine defs: 12032501
22:36:12.905 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:12.905 Disk 0 Vendor: ST320LT0 0001 Size: 305245MB BusType: 8
22:36:12.967 Disk 0 MBR read successfully
22:36:12.983 Disk 0 MBR scan
22:36:12.983 Disk 0 Windows VISTA default MBR code
22:36:12.983 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
22:36:12.983 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10468 MB offset 81920
22:36:12.999 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 294736 MB offset 21520384
22:36:13.030 Disk 0 scanning C:\Windows\system32\drivers
22:36:21.766 Service scanning
22:36:36.430 Modules scanning
22:36:36.430 Disk 0 trace - called modules:
22:36:36.445 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
22:36:36.445 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800690c790]
22:36:36.445 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8006825cb0]
22:36:36.445 5 stdcfltn.sys[fffff88001b32c52] -> nt!IofCallDriver -> [0xfffffa8004b3be40]
22:36:36.445 7 ACPI.sys[fffff88000f6f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b3e050]
22:36:40.704 AVAST engine scan C:\Windows
22:36:42.295 AVAST engine scan C:\Windows\system32
22:39:02.992 AVAST engine scan C:\Windows\system32\drivers
22:39:13.038 AVAST engine scan C:\Users\Alex
22:40:36.311 Disk 0 MBR has been saved successfully to "C:\Users\Alex\Desktop\MBR.dat"
22:40:36.311 The log file has been saved successfully to "C:\Users\Alex\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:28 PM

Posted 25 March 2012 - 09:44 PM

19:07:23.0576 3520 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49

Please download the latest version and run the scan

good luck

#5 drweird

drweird
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 25 March 2012 - 10:17 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-25 23:16:30
Windows 6.1.7601 Service Pack 1
Running: csm01mx5.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\d0df9a3cd34f
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\d0df9a3cd34f (not active ControlSet)

---- EOF - GMER 1.0.15 ----






anybody still online to help? Thanks for getting me started.

Edited by drweird, 25 March 2012 - 10:45 PM.


#6 drweird

drweird
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 26 March 2012 - 12:14 AM

Sorry to double post, but the third mediafire link on the other page is gone.

C:\Users\Alex\Desktop\mod\gb3-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined

Edited by drweird, 26 March 2012 - 12:15 AM.


#7 drweird

drweird
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 26 March 2012 - 02:39 AM

There's a problem now - .txt files try to open in regedit, and it grays out the 'always open with' box when I try to select otherwise.

#8 TheForgottenGod

TheForgottenGod

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:28 PM

Posted 26 March 2012 - 02:43 AM

When you click on txt files it bring up a open file with dialog box?

If so your file extensions could of got messed up

Default_TXT.reg file would fix that issue but can't remember where I found the file online

Edited by TheForgottenGod, 26 March 2012 - 02:48 AM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:28 PM

Posted 26 March 2012 - 03:50 AM

19:07:23.0576 3520 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49

You're using a old version of TDSSkiller to run a scan.Download latest from link given before and scan it,post the log

Regarding txt issue

Click on startmenu and type

default programs
and press ENTER

Click on associate a filetype with a program

Select .txt file and click on change program

Browse to C:/windows/system32/notepad.exe and select it

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users