Jump to content
professorcrettol

Please Help, My Computer is Sick!

Recommended Posts

Hi!,

I have a fairly serious computer virus. I have run Malwarebytes countless times, and it continuously tells me there is an SVCHOST virus. Malwarebytes tells me that it quarantines and removes the virus each time, but it continues to find it each time it is run. My computer is suffering from slowness, unexpected freezing, when it runs out of battery and reboots I always get a blue screen that says attempting to fix windows and repair computer. I was getting redirected to random sites when searching the internet, but this seemed to be rectified when I switched to google chrome. I also have SuperAnti-Spyware on my computer in addition to Malwarebytes. Thanks so much for helping me with this issue. Here is my DDS Log:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29

Run by Dylan at 17:20:56 on 2011-11-21

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4031.1624 [GMT -6:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

-netsvcs

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=273609109406l0483z166t56j5l492

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=273609109406l0483z166t56j5l492

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=273609109406l0483z166t56j5l492

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [Google Update] "C:\Users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

dRun: [Adobe Update] C:\Users\Dylan\AppData\Local\Adobe\AdobeUpdate\Adobeupdt32.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: C:\ProgramData\Megamedia\Megakey\msadm.dll

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\242756772616B6562737F5745756374713 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\3427564747F6C6 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\6416E6369744F6C6078696E6D27657563747 : DhcpNameServer = 68.87.71.230 68.87.73.246

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\7516C6B65627 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\8445340205F627471626C6560284F6473707F647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{CA076C85-445B-4A2E-B6EE-4118B4164383} : DhcpNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-1-18 23592]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-20 325200]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-7-14 867360]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-20 13336]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-5 144640]

R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-5-20 171040]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-14 2314240]

R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-20 243232]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-5 50432]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-20 366152]

S4 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-16 305520]

.

=============== Created Last 30 ================

.

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-11-19 18:58:39 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3F4080E-A67D-4114-9290-5C5B639F664C}\offreg.dll

2011-11-19 18:58:38 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3F4080E-A67D-4114-9290-5C5B639F664C}\mpengine.dll

2011-11-17 18:57:50 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-17 18:57:50 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-17 18:57:47 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-17 18:57:40 3141120 ----a-w- C:\Windows\System32\win32k.sys

2011-11-07 17:45:25 257024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw72.dll

2011-10-28 02:11:38 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-10-27 03:18:01 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2011-10-27 03:18:00 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

.

==================== Find3M ====================

.

2011-10-11 15:24:44 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

.

============= FINISH: 17:22:32.79 ===============

Share this post


Link to post
Share on other sites

Please reset your internet configuration to remove any proxy server that you did not intentionally set:

http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=166875

Some background information on what we're planning to do can be found HERE

Please read carefully and follow these steps.


  • This is the executable version:
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application, then on Start Scan.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Share this post


Link to post
Share on other sites

Ok so I did what you asked, and here is the TDSSKiller log:

07:24:06.0302 2428 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55

07:24:06.0573 2428 ============================================================

07:24:06.0573 2428 Current date / time: 2011/11/22 07:24:06.0573

07:24:06.0573 2428 SystemInfo:

07:24:06.0573 2428

07:24:06.0573 2428 OS Version: 6.1.7600 ServicePack: 0.0

07:24:06.0573 2428 Product type: Workstation

07:24:06.0573 2428 ComputerName: COOKAAYMONSTER

07:24:06.0573 2428 UserName: Dylan

07:24:06.0573 2428 Windows directory: C:\Windows

07:24:06.0573 2428 System windows directory: C:\Windows

07:24:06.0573 2428 Running under WOW64

07:24:06.0573 2428 Processor architecture: Intel x64

07:24:06.0573 2428 Number of processors: 8

07:24:06.0573 2428 Page size: 0x1000

07:24:06.0573 2428 Boot type: Normal boot

07:24:06.0573 2428 ============================================================

07:24:07.0187 2428 Initialize success

07:24:28.0952 4028 ============================================================

07:24:28.0952 4028 Scan started

07:24:28.0952 4028 Mode: Manual;

07:24:28.0952 4028 ============================================================

07:24:29.0683 4028 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

07:24:29.0687 4028 1394ohci - ok

07:24:29.0721 4028 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

07:24:29.0727 4028 ACPI - ok

07:24:29.0822 4028 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

07:24:29.0823 4028 AcpiPmi - ok

07:24:29.0872 4028 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

07:24:29.0880 4028 adp94xx - ok

07:24:29.0971 4028 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

07:24:29.0981 4028 adpahci - ok

07:24:30.0013 4028 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

07:24:30.0016 4028 adpu320 - ok

07:24:30.0143 4028 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

07:24:30.0151 4028 AFD - ok

07:24:30.0246 4028 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

07:24:30.0248 4028 agp440 - ok

07:24:30.0389 4028 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

07:24:30.0391 4028 aliide - ok

07:24:30.0415 4028 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

07:24:30.0416 4028 amdide - ok

07:24:30.0517 4028 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

07:24:30.0519 4028 AmdK8 - ok

07:24:30.0541 4028 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

07:24:30.0543 4028 AmdPPM - ok

07:24:30.0651 4028 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

07:24:30.0653 4028 amdsata - ok

07:24:30.0695 4028 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

07:24:30.0699 4028 amdsbs - ok

07:24:30.0787 4028 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

07:24:30.0789 4028 amdxata - ok

07:24:30.0825 4028 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

07:24:30.0827 4028 AmUStor - ok

07:24:30.0923 4028 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

07:24:30.0925 4028 AppID - ok

07:24:30.0972 4028 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

07:24:30.0975 4028 arc - ok

07:24:31.0069 4028 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

07:24:31.0072 4028 arcsas - ok

07:24:31.0184 4028 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

07:24:31.0186 4028 AsyncMac - ok

07:24:31.0221 4028 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

07:24:31.0222 4028 atapi - ok

07:24:31.0326 4028 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

07:24:31.0328 4028 AthBTPort - ok

07:24:31.0502 4028 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

07:24:31.0537 4028 athr - ok

07:24:31.0685 4028 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

07:24:31.0693 4028 b06bdrv - ok

07:24:31.0798 4028 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

07:24:31.0804 4028 b57nd60a - ok

07:24:32.0021 4028 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

07:24:32.0140 4028 BCM43XX - ok

07:24:32.0247 4028 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

07:24:32.0248 4028 Beep - ok

07:24:32.0374 4028 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

07:24:32.0376 4028 blbdrive - ok

07:24:32.0533 4028 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

07:24:32.0535 4028 bowser - ok

07:24:32.0576 4028 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

07:24:32.0577 4028 BrFiltLo - ok

07:24:32.0652 4028 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

07:24:32.0653 4028 BrFiltUp - ok

07:24:32.0701 4028 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

07:24:32.0707 4028 Brserid - ok

07:24:32.0741 4028 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

07:24:32.0743 4028 BrSerWdm - ok

07:24:32.0840 4028 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

07:24:32.0842 4028 BrUsbMdm - ok

07:24:32.0869 4028 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

07:24:32.0870 4028 BrUsbSer - ok

07:24:32.0976 4028 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

07:24:32.0982 4028 BTATH_A2DP - ok

07:24:33.0023 4028 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

07:24:33.0024 4028 BTATH_BUS - ok

07:24:33.0136 4028 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

07:24:33.0141 4028 BTATH_HCRP - ok

07:24:33.0173 4028 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

07:24:33.0183 4028 BTATH_RCP - ok

07:24:33.0319 4028 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

07:24:33.0321 4028 BthEnum - ok

07:24:33.0370 4028 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

07:24:33.0372 4028 BTHMODEM - ok

07:24:33.0491 4028 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

07:24:33.0494 4028 BthPan - ok

07:24:33.0551 4028 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

07:24:33.0560 4028 BTHPORT - ok

07:24:33.0681 4028 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

07:24:33.0683 4028 BTHUSB - ok

07:24:33.0728 4028 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

07:24:33.0734 4028 btwampfl - ok

07:24:33.0821 4028 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

07:24:33.0824 4028 btwaudio - ok

07:24:33.0872 4028 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

07:24:33.0875 4028 btwavdt - ok

07:24:33.0989 4028 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

07:24:33.0990 4028 btwl2cap - ok

07:24:34.0032 4028 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

07:24:34.0034 4028 btwrchid - ok

07:24:34.0143 4028 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

07:24:34.0146 4028 cdfs - ok

07:24:34.0185 4028 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

07:24:34.0188 4028 cdrom - ok

07:24:34.0308 4028 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

07:24:34.0310 4028 circlass - ok

07:24:34.0354 4028 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

07:24:34.0360 4028 CLFS - ok

07:24:34.0521 4028 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

07:24:34.0522 4028 CmBatt - ok

07:24:34.0544 4028 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

07:24:34.0545 4028 cmdide - ok

07:24:34.0661 4028 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

07:24:34.0669 4028 CNG - ok

07:24:34.0787 4028 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

07:24:34.0788 4028 Compbatt - ok

07:24:34.0901 4028 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

07:24:34.0902 4028 CompositeBus - ok

07:24:34.0947 4028 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

07:24:34.0949 4028 crcdisk - ok

07:24:35.0087 4028 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

07:24:35.0090 4028 DfsC - ok

07:24:35.0144 4028 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

07:24:35.0145 4028 discache - ok

07:24:35.0258 4028 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

07:24:35.0261 4028 Disk - ok

07:24:35.0404 4028 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

07:24:35.0406 4028 drmkaud - ok

07:24:35.0552 4028 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

07:24:35.0568 4028 DXGKrnl - ok

07:24:35.0735 4028 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

07:24:35.0817 4028 ebdrv - ok

07:24:35.0963 4028 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

07:24:35.0972 4028 elxstor - ok

07:24:36.0069 4028 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

07:24:36.0070 4028 ErrDev - ok

07:24:36.0200 4028 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

07:24:36.0204 4028 exfat - ok

07:24:36.0228 4028 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

07:24:36.0233 4028 fastfat - ok

07:24:36.0341 4028 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

07:24:36.0341 4028 fdc - ok

07:24:36.0381 4028 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

07:24:36.0381 4028 FileInfo - ok

07:24:36.0472 4028 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

07:24:36.0480 4028 Filetrace - ok

07:24:36.0508 4028 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

07:24:36.0510 4028 flpydisk - ok

07:24:36.0604 4028 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

07:24:36.0609 4028 FltMgr - ok

07:24:36.0649 4028 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

07:24:36.0651 4028 FsDepends - ok

07:24:36.0724 4028 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

07:24:36.0726 4028 Fs_Rec - ok

07:24:36.0764 4028 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

07:24:36.0767 4028 fvevol - ok

07:24:36.0856 4028 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

07:24:36.0858 4028 gagp30kx - ok

07:24:36.0985 4028 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

07:24:36.0987 4028 hcw85cir - ok

07:24:37.0025 4028 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

07:24:37.0031 4028 HdAudAddService - ok

07:24:37.0055 4028 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

07:24:37.0057 4028 HDAudBus - ok

07:24:37.0151 4028 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

07:24:37.0153 4028 HECIx64 - ok

07:24:37.0188 4028 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

07:24:37.0189 4028 HidBatt - ok

07:24:37.0212 4028 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

07:24:37.0215 4028 HidBth - ok

07:24:37.0314 4028 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

07:24:37.0315 4028 HidIr - ok

07:24:37.0350 4028 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

07:24:37.0352 4028 HidUsb - ok

07:24:37.0388 4028 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

07:24:37.0391 4028 HpSAMD - ok

07:24:37.0525 4028 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

07:24:37.0537 4028 HTTP - ok

07:24:37.0633 4028 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

07:24:37.0633 4028 hwpolicy - ok

07:24:37.0661 4028 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

07:24:37.0664 4028 i8042prt - ok

07:24:37.0689 4028 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

07:24:37.0695 4028 iaStor - ok

07:24:37.0823 4028 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

07:24:37.0830 4028 iaStorV - ok

07:24:37.0860 4028 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

07:24:37.0862 4028 iirsp - ok

07:24:38.0008 4028 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

07:24:38.0029 4028 IntcAzAudAddService - ok

07:24:38.0117 4028 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

07:24:38.0119 4028 intelide - ok

07:24:38.0149 4028 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

07:24:38.0150 4028 intelppm - ok

07:24:38.0184 4028 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:24:38.0186 4028 IpFilterDriver - ok

07:24:38.0279 4028 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

07:24:38.0281 4028 IPMIDRV - ok

07:24:38.0320 4028 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

07:24:38.0323 4028 IPNAT - ok

07:24:38.0404 4028 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

07:24:38.0406 4028 IRENUM - ok

07:24:38.0424 4028 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

07:24:38.0425 4028 isapnp - ok

07:24:38.0446 4028 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

07:24:38.0450 4028 iScsiPrt - ok

07:24:38.0485 4028 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

07:24:38.0485 4028 kbdclass - ok

07:24:38.0564 4028 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

07:24:38.0566 4028 kbdhid - ok

07:24:38.0591 4028 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

07:24:38.0593 4028 KSecDD - ok

07:24:38.0651 4028 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

07:24:38.0654 4028 KSecPkg - ok

07:24:38.0714 4028 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

07:24:38.0716 4028 ksthunk - ok

07:24:38.0797 4028 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

07:24:38.0799 4028 L1C - ok

07:24:38.0884 4028 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

07:24:38.0886 4028 lltdio - ok

07:24:38.0952 4028 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

07:24:38.0955 4028 LSI_FC - ok

07:24:39.0023 4028 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

07:24:39.0025 4028 LSI_SAS - ok

07:24:39.0045 4028 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

07:24:39.0048 4028 LSI_SAS2 - ok

07:24:39.0091 4028 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

07:24:39.0094 4028 LSI_SCSI - ok

07:24:39.0155 4028 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

07:24:39.0158 4028 luafv - ok

07:24:39.0256 4028 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

07:24:39.0257 4028 MBAMProtector - ok

07:24:39.0388 4028 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

07:24:39.0393 4028 mcdbus - ok

07:24:39.0434 4028 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

07:24:39.0435 4028 megasas - ok

07:24:39.0465 4028 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

07:24:39.0470 4028 MegaSR - ok

07:24:39.0581 4028 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

07:24:39.0581 4028 Modem - ok

07:24:39.0591 4028 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

07:24:39.0601 4028 monitor - ok

07:24:39.0680 4028 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

07:24:39.0683 4028 MotioninJoyXFilter - ok

07:24:39.0738 4028 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

07:24:39.0740 4028 mouclass - ok

07:24:39.0803 4028 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

07:24:39.0804 4028 mouhid - ok

07:24:39.0863 4028 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

07:24:39.0865 4028 mountmgr - ok

07:24:39.0941 4028 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

07:24:39.0945 4028 mpio - ok

07:24:39.0975 4028 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

07:24:39.0978 4028 mpsdrv - ok

07:24:40.0035 4028 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

07:24:40.0038 4028 MRxDAV - ok

07:24:40.0116 4028 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

07:24:40.0120 4028 mrxsmb - ok

07:24:40.0186 4028 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:24:40.0191 4028 mrxsmb10 - ok

07:24:40.0267 4028 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:24:40.0270 4028 mrxsmb20 - ok

07:24:40.0316 4028 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

07:24:40.0318 4028 msahci - ok

07:24:40.0388 4028 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

07:24:40.0391 4028 msdsm - ok

07:24:40.0462 4028 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

07:24:40.0463 4028 Msfs - ok

07:24:40.0528 4028 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

07:24:40.0529 4028 mshidkmdf - ok

07:24:40.0565 4028 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

07:24:40.0566 4028 msisadrv - ok

07:24:40.0638 4028 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

07:24:40.0638 4028 MSKSSRV - ok

07:24:40.0680 4028 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

07:24:40.0682 4028 MSPCLOCK - ok

07:24:40.0701 4028 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

07:24:40.0702 4028 MSPQM - ok

07:24:40.0767 4028 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

07:24:40.0774 4028 MsRPC - ok

07:24:40.0812 4028 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

07:24:40.0813 4028 mssmbios - ok

07:24:40.0887 4028 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

07:24:40.0888 4028 MSTEE - ok

07:24:40.0925 4028 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

07:24:40.0926 4028 MTConfig - ok

07:24:40.0995 4028 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

07:24:40.0997 4028 Mup - ok

07:24:41.0049 4028 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

07:24:41.0050 4028 mwlPSDFilter - ok

07:24:41.0111 4028 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

07:24:41.0113 4028 mwlPSDNServ - ok

07:24:41.0150 4028 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

07:24:41.0153 4028 mwlPSDVDisk - ok

07:24:41.0246 4028 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

07:24:41.0252 4028 NativeWifiP - ok

07:24:41.0317 4028 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

07:24:41.0333 4028 NDIS - ok

07:24:41.0418 4028 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

07:24:41.0420 4028 NdisCap - ok

07:24:41.0460 4028 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

07:24:41.0461 4028 NdisTapi - ok

07:24:41.0553 4028 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

07:24:41.0570 4028 Ndisuio - ok

07:24:41.0597 4028 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

07:24:41.0601 4028 NdisWan - ok

07:24:41.0696 4028 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

07:24:41.0696 4028 NDProxy - ok

07:24:41.0727 4028 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

07:24:41.0729 4028 NetBIOS - ok

07:24:41.0757 4028 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

07:24:41.0762 4028 NetBT - ok

07:24:41.0875 4028 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

07:24:41.0877 4028 nfrd960 - ok

07:24:41.0926 4028 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

07:24:41.0928 4028 Npfs - ok

07:24:41.0972 4028 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

07:24:41.0973 4028 nsiproxy - ok

07:24:42.0090 4028 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

07:24:42.0105 4028 Ntfs - ok

07:24:42.0232 4028 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

07:24:42.0234 4028 NTIDrvr - ok

07:24:42.0261 4028 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

07:24:42.0262 4028 Null - ok

07:24:42.0359 4028 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

07:24:42.0361 4028 NVHDA - ok

07:24:42.0623 4028 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

07:24:42.0850 4028 nvlddmkm - ok

07:24:42.0941 4028 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

07:24:42.0944 4028 nvraid - ok

07:24:42.0967 4028 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

07:24:42.0970 4028 nvstor - ok

07:24:43.0077 4028 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

07:24:43.0080 4028 nv_agp - ok

07:24:43.0122 4028 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

07:24:43.0125 4028 ohci1394 - ok

07:24:43.0227 4028 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

07:24:43.0230 4028 Parport - ok

07:24:43.0252 4028 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

07:24:43.0254 4028 partmgr - ok

07:24:43.0283 4028 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

07:24:43.0287 4028 pci - ok

07:24:43.0304 4028 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

07:24:43.0305 4028 pciide - ok

07:24:43.0390 4028 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

07:24:43.0394 4028 pcmcia - ok

07:24:43.0411 4028 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

07:24:43.0413 4028 pcw - ok

07:24:43.0443 4028 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

07:24:43.0454 4028 PEAUTH - ok

07:24:43.0641 4028 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

07:24:43.0643 4028 PptpMiniport - ok

07:24:43.0663 4028 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

07:24:43.0665 4028 Processor - ok

07:24:43.0779 4028 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

07:24:43.0781 4028 Psched - ok

07:24:43.0827 4028 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

07:24:43.0857 4028 ql2300 - ok

07:24:43.0955 4028 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

07:24:43.0958 4028 ql40xx - ok

07:24:43.0982 4028 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

07:24:43.0983 4028 QWAVEdrv - ok

07:24:44.0089 4028 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

07:24:44.0090 4028 RasAcd - ok

07:24:44.0132 4028 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

07:24:44.0134 4028 RasAgileVpn - ok

07:24:44.0215 4028 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

07:24:44.0218 4028 Rasl2tp - ok

07:24:44.0253 4028 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

07:24:44.0255 4028 RasPppoe - ok

07:24:44.0269 4028 Scan interrupted by user!

07:24:44.0269 4028 Scan interrupted by user!

07:24:44.0270 4028 Scan interrupted by user!

07:24:44.0270 4028 ============================================================

07:24:44.0270 4028 Scan finished

07:24:44.0270 4028 ============================================================

07:24:44.0281 6860 Detected object count: 0

07:24:44.0281 6860 Actual detected object count: 0

07:25:13.0253 6852 ============================================================

07:25:13.0253 6852 Scan started

07:25:13.0253 6852 Mode: Manual; SigCheck;

07:25:13.0253 6852 ============================================================

07:25:13.0475 6852 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

07:25:13.0585 6852 1394ohci - ok

07:25:13.0695 6852 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

07:25:13.0715 6852 ACPI - ok

07:25:13.0736 6852 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

07:25:13.0829 6852 AcpiPmi - ok

07:25:13.0942 6852 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

07:25:13.0975 6852 adp94xx - ok

07:25:14.0059 6852 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

07:25:14.0083 6852 adpahci - ok

07:25:14.0104 6852 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

07:25:14.0124 6852 adpu320 - ok

07:25:14.0176 6852 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

07:25:14.0240 6852 AFD - ok

07:25:14.0327 6852 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

07:25:14.0347 6852 agp440 - ok

07:25:14.0370 6852 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

07:25:14.0379 6852 aliide - ok

07:25:14.0396 6852 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

07:25:14.0404 6852 amdide - ok

07:25:14.0487 6852 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

07:25:14.0522 6852 AmdK8 - ok

07:25:14.0544 6852 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

07:25:14.0597 6852 AmdPPM - ok

07:25:14.0698 6852 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

07:25:14.0715 6852 amdsata - ok

07:25:14.0741 6852 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

07:25:14.0741 6852 amdsbs - ok

07:25:14.0834 6852 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

07:25:14.0851 6852 amdxata - ok

07:25:14.0852 6852 Scan interrupted by user!

07:25:14.0852 6852 Scan interrupted by user!

07:25:14.0852 6852 Scan interrupted by user!

07:25:14.0852 6852 ============================================================

07:25:14.0852 6852 Scan finished

07:25:14.0853 6852 ============================================================

07:25:14.0864 8052 Detected object count: 0

07:25:14.0864 8052 Actual detected object count: 0

07:25:20.0901 3676 ============================================================

07:25:20.0901 3676 Scan started

07:25:20.0901 3676 Mode: Manual; SigCheck; TDLFS;

07:25:20.0901 3676 ============================================================

07:25:21.0051 3676 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

07:25:21.0070 3676 1394ohci - ok

07:25:21.0180 3676 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

07:25:21.0209 3676 ACPI - ok

07:25:21.0236 3676 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

07:25:21.0247 3676 AcpiPmi - ok

07:25:21.0295 3676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

07:25:21.0307 3676 adp94xx - ok

07:25:21.0425 3676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

07:25:21.0451 3676 adpahci - ok

07:25:21.0493 3676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

07:25:21.0503 3676 adpu320 - ok

07:25:21.0557 3676 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

07:25:21.0586 3676 AFD - ok

07:25:21.0671 3676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

07:25:21.0687 3676 agp440 - ok

07:25:21.0715 3676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

07:25:21.0730 3676 aliide - ok

07:25:21.0751 3676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

07:25:21.0766 3676 amdide - ok

07:25:21.0853 3676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

07:25:21.0876 3676 AmdK8 - ok

07:25:21.0888 3676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

07:25:21.0908 3676 AmdPPM - ok

07:25:21.0942 3676 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

07:25:21.0960 3676 amdsata - ok

07:25:22.0053 3676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

07:25:22.0077 3676 amdsbs - ok

07:25:22.0101 3676 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

07:25:22.0109 3676 amdxata - ok

07:25:22.0140 3676 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

07:25:22.0193 3676 AmUStor - ok

07:25:22.0281 3676 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

07:25:22.0407 3676 AppID - ok

07:25:22.0498 3676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

07:25:22.0519 3676 arc - ok

07:25:22.0539 3676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

07:25:22.0548 3676 arcsas - ok

07:25:22.0565 3676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

07:25:22.0716 3676 AsyncMac - ok

07:25:22.0814 3676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

07:25:22.0833 3676 atapi - ok

07:25:22.0864 3676 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

07:25:22.0901 3676 AthBTPort - ok

07:25:22.0985 3676 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

07:25:23.0056 3676 athr - ok

07:25:23.0156 3676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

07:25:23.0226 3676 b06bdrv - ok

07:25:23.0315 3676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

07:25:23.0387 3676 b57nd60a - ok

07:25:23.0575 3676 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

07:25:23.0636 3676 BCM43XX - ok

07:25:23.0729 3676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

07:25:23.0804 3676 Beep - ok

07:25:23.0845 3676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

07:25:23.0880 3676 blbdrive - ok

07:25:23.0993 3676 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

07:25:24.0064 3676 bowser - ok

07:25:24.0102 3676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

07:25:24.0143 3676 BrFiltLo - ok

07:25:24.0245 3676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

07:25:24.0271 3676 BrFiltUp - ok

07:25:24.0293 3676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

07:25:24.0351 3676 Brserid - ok

07:25:24.0434 3676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

07:25:24.0487 3676 BrSerWdm - ok

07:25:24.0511 3676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

07:25:24.0575 3676 BrUsbMdm - ok

07:25:24.0678 3676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

07:25:24.0725 3676 BrUsbSer - ok

07:25:24.0769 3676 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

07:25:24.0790 3676 BTATH_A2DP - ok

07:25:24.0896 3676 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

07:25:24.0907 3676 BTATH_BUS - ok

07:25:24.0952 3676 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

07:25:24.0970 3676 BTATH_HCRP - ok

07:25:24.0997 3676 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

07:25:25.0007 3676 BTATH_RCP - ok

07:25:25.0090 3676 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

07:25:25.0154 3676 BthEnum - ok

07:25:25.0185 3676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

07:25:25.0231 3676 BTHMODEM - ok

07:25:25.0329 3676 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

07:25:25.0379 3676 BthPan - ok

07:25:25.0418 3676 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

07:25:25.0448 3676 BTHPORT - ok

07:25:25.0551 3676 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

07:25:25.0586 3676 BTHUSB - ok

07:25:25.0630 3676 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

07:25:25.0643 3676 btwampfl - ok

07:25:25.0703 3676 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

07:25:25.0709 3676 btwaudio - ok

07:25:25.0731 3676 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

07:25:25.0738 3676 btwavdt - ok

07:25:25.0770 3676 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

07:25:25.0777 3676 btwl2cap - ok

07:25:25.0803 3676 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

07:25:25.0809 3676 btwrchid - ok

07:25:25.0892 3676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

07:25:25.0961 3676 cdfs - ok

07:25:25.0988 3676 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

07:25:26.0025 3676 cdrom - ok

07:25:26.0134 3676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

07:25:26.0174 3676 circlass - ok

07:25:26.0225 3676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

07:25:26.0251 3676 CLFS - ok

07:25:26.0347 3676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

07:25:26.0387 3676 CmBatt - ok

07:25:26.0415 3676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

07:25:26.0431 3676 cmdide - ok

07:25:26.0525 3676 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

07:25:26.0559 3676 CNG - ok

07:25:26.0647 3676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

07:25:26.0666 3676 Compbatt - ok

07:25:26.0683 3676 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

07:25:26.0730 3676 CompositeBus - ok

07:25:26.0829 3676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

07:25:26.0848 3676 crcdisk - ok

07:25:26.0913 3676 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

07:25:26.0970 3676 DfsC - ok

07:25:27.0043 3676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

07:25:27.0124 3676 discache - ok

07:25:27.0151 3676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

07:25:27.0159 3676 Disk - ok

07:25:27.0175 3676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

07:25:27.0210 3676 drmkaud - ok

07:25:27.0340 3676 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

07:25:27.0359 3676 DXGKrnl - ok

07:25:27.0534 3676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

07:25:27.0581 3676 ebdrv - ok

07:25:27.0712 3676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

07:25:27.0746 3676 elxstor - ok

07:25:27.0851 3676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

07:25:27.0903 3676 ErrDev - ok

07:25:28.0026 3676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

07:25:28.0091 3676 exfat - ok

07:25:28.0120 3676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

07:25:28.0149 3676 fastfat - ok

07:25:28.0234 3676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

07:25:28.0332 3676 fdc - ok

07:25:28.0358 3676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

07:25:28.0367 3676 FileInfo - ok

07:25:28.0443 3676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

07:25:28.0574 3676 Filetrace - ok

07:25:28.0608 3676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

07:25:28.0648 3676 flpydisk - ok

07:25:28.0764 3676 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

07:25:28.0788 3676 FltMgr - ok

07:25:28.0808 3676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

07:25:28.0817 3676 FsDepends - ok

07:25:28.0829 3676 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

07:25:28.0837 3676 Fs_Rec - ok

07:25:28.0924 3676 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

07:25:28.0951 3676 fvevol - ok

07:25:28.0971 3676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

07:25:28.0980 3676 gagp30kx - ok

07:25:29.0000 3676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

07:25:29.0054 3676 hcw85cir - ok

07:25:29.0128 3676 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

07:25:29.0170 3676 HdAudAddService - ok

07:25:29.0203 3676 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

07:25:29.0248 3676 HDAudBus - ok

07:25:29.0289 3676 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

07:25:29.0304 3676 HECIx64 - ok

07:25:29.0392 3676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

07:25:29.0416 3676 HidBatt - ok

07:25:29.0438 3676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

07:25:29.0475 3676 HidBth - ok

07:25:29.0507 3676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

07:25:29.0549 3676 HidIr - ok

07:25:29.0655 3676 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

07:25:29.0685 3676 HidUsb - ok

07:25:29.0725 3676 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

07:25:29.0742 3676 HpSAMD - ok

07:25:29.0772 3676 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

07:25:29.0831 3676 HTTP - ok

07:25:29.0937 3676 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

07:25:29.0955 3676 hwpolicy - ok

07:25:29.0976 3676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

07:25:29.0993 3676 i8042prt - ok

07:25:30.0061 3676 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

07:25:30.0089 3676 iaStor - ok

07:25:30.0160 3676 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

07:25:30.0181 3676 iaStorV - ok

07:25:30.0231 3676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

07:25:30.0244 3676 iirsp - ok

07:25:30.0359 3676 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

07:25:30.0400 3676 IntcAzAudAddService - ok

07:25:30.0466 3676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

07:25:30.0483 3676 intelide - ok

07:25:30.0497 3676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

07:25:30.0540 3676 intelppm - ok

07:25:30.0577 3676 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:25:30.0630 3676 IpFilterDriver - ok

07:25:30.0705 3676 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

07:25:30.0751 3676 IPMIDRV - ok

07:25:30.0802 3676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

07:25:30.0876 3676 IPNAT - ok

07:25:30.0975 3676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

07:25:31.0048 3676 IRENUM - ok

07:25:31.0128 3676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

07:25:31.0147 3676 isapnp - ok

07:25:31.0173 3676 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

07:25:31.0198 3676 iScsiPrt - ok

07:25:31.0214 3676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

07:25:31.0223 3676 kbdclass - ok

07:25:31.0235 3676 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

07:25:31.0260 3676 kbdhid - ok

07:25:31.0351 3676 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

07:25:31.0372 3676 KSecDD - ok

07:25:31.0411 3676 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

07:25:31.0434 3676 KSecPkg - ok

07:25:31.0463 3676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

07:25:31.0516 3676 ksthunk - ok

07:25:31.0668 3676 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

07:25:31.0681 3676 L1C - ok

07:25:31.0733 3676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

07:25:31.0785 3676 lltdio - ok

07:25:31.0858 3676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

07:25:31.0889 3676 LSI_FC - ok

07:25:31.0971 3676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

07:25:31.0987 3676 LSI_SAS - ok

07:25:32.0005 3676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

07:25:32.0020 3676 LSI_SAS2 - ok

07:25:32.0095 3676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

07:25:32.0109 3676 LSI_SCSI - ok

07:25:32.0137 3676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

07:25:32.0198 3676 luafv - ok

07:25:32.0272 3676 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

07:25:32.0285 3676 MBAMProtector - ok

07:25:32.0336 3676 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

07:25:32.0362 3676 mcdbus - ok

07:25:32.0438 3676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

07:25:32.0457 3676 megasas - ok

07:25:32.0502 3676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

07:25:32.0521 3676 MegaSR - ok

07:25:32.0541 3676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

07:25:32.0613 3676 Modem - ok

07:25:32.0693 3676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

07:25:32.0722 3676 monitor - ok

07:25:32.0773 3676 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

07:25:32.0801 3676 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

07:25:32.0801 3676 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

07:25:32.0885 3676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

07:25:32.0895 3676 mouclass - ok

07:25:32.0925 3676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

07:25:32.0967 3676 mouhid - ok

07:25:33.0034 3676 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

07:25:33.0055 3676 mountmgr - ok

07:25:33.0078 3676 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

07:25:33.0088 3676 mpio - ok

07:25:33.0101 3676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

07:25:33.0149 3676 mpsdrv - ok

07:25:33.0227 3676 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

07:25:33.0279 3676 MRxDAV - ok

07:25:33.0342 3676 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

07:25:33.0392 3676 mrxsmb - ok

07:25:33.0479 3676 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:25:33.0519 3676 mrxsmb10 - ok

07:25:33.0582 3676 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:25:33.0619 3676 mrxsmb20 - ok

07:25:33.0698 3676 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

07:25:33.0716 3676 msahci - ok

07:25:33.0746 3676 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

07:25:33.0767 3676 msdsm - ok

07:25:33.0799 3676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

07:25:33.0851 3676 Msfs - ok

07:25:33.0921 3676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

07:25:33.0991 3676 mshidkmdf - ok

07:25:34.0024 3676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

07:25:34.0033 3676 msisadrv - ok

07:25:34.0112 3676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

07:25:34.0164 3676 MSKSSRV - ok

07:25:34.0184 3676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

07:25:34.0237 3676 MSPCLOCK - ok

07:25:34.0316 3676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

07:25:34.0389 3676 MSPQM - ok

07:25:34.0414 3676 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

07:25:34.0426 3676 MsRPC - ok

07:25:34.0450 3676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

07:25:34.0458 3676 mssmbios - ok

07:25:34.0469 3676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

07:25:34.0518 3676 MSTEE - ok

07:25:34.0607 3676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

07:25:34.0654 3676 MTConfig - ok

07:25:34.0688 3676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

07:25:34.0708 3676 Mup - ok

07:25:34.0742 3676 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

07:25:34.0751 3676 mwlPSDFilter - ok

07:25:34.0838 3676 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

07:25:34.0850 3676 mwlPSDNServ - ok

07:25:34.0866 3676 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

07:25:34.0879 3676 mwlPSDVDisk - ok

07:25:34.0916 3676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

07:25:34.0969 3676 NativeWifiP - ok

07:25:35.0086 3676 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

07:25:35.0111 3676 NDIS - ok

07:25:35.0178 3676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

07:25:35.0253 3676 NdisCap - ok

07:25:35.0275 3676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

07:25:35.0328 3676 NdisTapi - ok

07:25:35.0424 3676 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

07:25:35.0498 3676 Ndisuio - ok

07:25:35.0523 3676 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

07:25:35.0573 3676 NdisWan - ok

07:25:35.0668 3676 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

07:25:35.0732 3676 NDProxy - ok

07:25:35.0754 3676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

07:25:35.0784 3676 NetBIOS - ok

07:25:35.0805 3676 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

07:25:35.0859 3676 NetBT - ok

07:25:35.0946 3676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

07:25:35.0967 3676 nfrd960 - ok

07:25:35.0986 3676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

07:25:36.0036 3676 Npfs - ok

07:25:36.0065 3676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

07:25:36.0115 3676 nsiproxy - ok

07:25:36.0254 3676 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

07:25:36.0290 3676 Ntfs - ok

07:25:36.0381 3676 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

07:25:36.0393 3676 NTIDrvr - ok

07:25:36.0420 3676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

07:25:36.0488 3676 Null - ok

07:25:36.0574 3676 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

07:25:36.0589 3676 NVHDA - ok

07:25:36.0812 3676 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

07:25:36.0955 3676 nvlddmkm - ok

07:25:37.0100 3676 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

07:25:37.0122 3676 nvraid - ok

07:25:37.0139 3676 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

07:25:37.0151 3676 nvstor - ok

07:25:37.0191 3676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

07:25:37.0209 3676 nv_agp - ok

07:25:37.0282 3676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

07:25:37.0322 3676 ohci1394 - ok

07:25:37.0365 3676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

07:25:37.0376 3676 Parport - ok

07:25:37.0400 3676 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

07:25:37.0410 3676 partmgr - ok

07:25:37.0476 3676 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

07:25:37.0499 3676 pci - ok

07:25:37.0519 3676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

07:25:37.0528 3676 pciide - ok

07:25:37.0548 3676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

07:25:37.0558 3676 pcmcia - ok

07:25:37.0593 3676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

07:25:37.0601 3676 pcw - ok

07:25:37.0682 3676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

07:25:37.0756 3676 PEAUTH - ok

07:25:37.0878 3676 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

07:25:37.0953 3676 PptpMiniport - ok

07:25:37.0978 3676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

07:25:38.0011 3676 Processor - ok

07:25:38.0116 3676 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

07:25:38.0197 3676 Psched - ok

07:25:38.0238 3676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

07:25:38.0280 3676 ql2300 - ok

07:25:38.0359 3676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

07:25:38.0382 3676 ql40xx - ok

07:25:38.0408 3676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

07:25:38.0435 3676 QWAVEdrv - ok

07:25:38.0459 3676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

07:25:38.0525 3676 RasAcd - ok

07:25:38.0614 3676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

07:25:38.0658 3676 RasAgileVpn - ok

07:25:38.0674 3676 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

07:25:38.0724 3676 Rasl2tp - ok

07:25:38.0813 3676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

07:25:38.0878 3676 RasPppoe - ok

07:25:38.0903 3676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

07:25:38.0950 3676 RasSstp - ok

07:25:39.0054 3676 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

07:25:39.0147 3676 rdbss - ok

07:25:39.0178 3676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

07:25:39.0213 3676 rdpbus - ok

07:25:39.0304 3676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

07:25:39.0373 3676 RDPCDD - ok

07:25:39.0402 3676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

07:25:39.0483 3676 RDPENCDD - ok

07:25:39.0568 3676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

07:25:39.0614 3676 RDPREFMP - ok

07:25:39.0637 3676 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

07:25:39.0705 3676 RDPWD - ok

07:25:39.0787 3676 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

07:25:39.0811 3676 rdyboost - ok

07:25:39.0869 3676 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

07:25:39.0898 3676 RFCOMM - ok

07:25:40.0007 3676 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

07:25:40.0039 3676 RimUsb - ok

07:25:40.0094 3676 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

07:25:40.0155 3676 RMCAST - ok

07:25:40.0250 3676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

07:25:40.0329 3676 rspndr - ok

07:25:40.0423 3676 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

07:25:40.0435 3676 SASDIFSV - ok

07:25:40.0466 3676 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

07:25:40.0478 3676 SASKUTIL - ok

07:25:40.0564 3676 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

07:25:40.0586 3676 sbp2port - ok

07:25:40.0602 3676 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

07:25:40.0653 3676 scfilter - ok

07:25:40.0758 3676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

07:25:40.0818 3676 secdrv - ok

07:25:40.0847 3676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

07:25:40.0886 3676 Serenum - ok

07:25:40.0983 3676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

07:25:41.0032 3676 Serial - ok

07:25:41.0067 3676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

07:25:41.0124 3676 sermouse - ok

07:25:41.0209 3676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

07:25:41.0248 3676 sffdisk - ok

07:25:41.0277 3676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

07:25:41.0321 3676 sffp_mmc - ok

07:25:41.0409 3676 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

07:25:41.0464 3676 sffp_sd - ok

07:25:41.0474 3676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

07:25:41.0494 3676 sfloppy - ok

07:25:41.0599 3676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

07:25:41.0614 3676 SiSRaid2 - ok

07:25:41.0635 3676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

07:25:41.0651 3676 SiSRaid4 - ok

07:25:41.0683 3676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

07:25:41.0740 3676 Smb - ok

07:25:41.0853 3676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

07:25:41.0873 3676 spldr - ok

07:25:41.0921 3676 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

07:25:41.0971 3676 srv - ok

07:25:42.0070 3676 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

07:25:42.0130 3676 srv2 - ok

07:25:42.0259 3676 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

07:25:42.0304 3676 srvnet - ok

07:25:42.0356 3676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

07:25:42.0375 3676 stexstor - ok

07:25:42.0464 3676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

07:25:42.0475 3676 swenum - ok

07:25:42.0525 3676 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

07:25:42.0552 3676 SynTP - ok

07:25:42.0707 3676 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

07:25:42.0746 3676 Tcpip - ok

07:25:42.0886 3676 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

07:25:42.0922 3676 TCPIP6 - ok

07:25:43.0008 3676 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

07:25:43.0080 3676 tcpipreg - ok

07:25:43.0106 3676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

07:25:43.0184 3676 TDPIPE - ok

07:25:43.0280 3676 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

07:25:43.0354 3676 TDTCP - ok

07:25:43.0389 3676 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

07:25:43.0455 3676 tdx - ok

07:25:43.0539 3676 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

07:25:43.0551 3676 TermDD - ok

07:25:43.0611 3676 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

07:25:43.0678 3676 tssecsrv - ok

07:25:43.0789 3676 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

07:25:43.0864 3676 tunnel - ok

07:25:43.0891 3676 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

07:25:43.0898 3676 TurboB - ok

07:25:43.0966 3676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

07:25:43.0985 3676 uagp35 - ok

07:25:44.0017 3676 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

07:25:44.0026 3676 UBHelper - ok

07:25:44.0045 3676 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

07:25:44.0114 3676 udfs - ok

07:25:44.0235 3676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

07:25:44.0255 3676 uliagpkx - ok

07:25:44.0285 3676 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

07:25:44.0327 3676 umbus - ok

07:25:44.0411 3676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

07:25:44.0454 3676 UmPass - ok

07:25:44.0524 3676 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

07:25:44.0543 3676 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

07:25:44.0543 3676 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

07:25:44.0638 3676 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

07:25:44.0705 3676 usbccgp - ok

07:25:44.0807 3676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

07:25:44.0859 3676 usbcir - ok

07:25:44.0889 3676 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

07:25:44.0931 3676 usbehci - ok

07:25:45.0030 3676 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

07:25:45.0074 3676 usbhub - ok

07:25:45.0115 3676 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

07:25:45.0154 3676 usbohci - ok

07:25:45.0261 3676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

07:25:45.0319 3676 usbprint - ok

07:25:45.0363 3676 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

07:25:45.0409 3676 usbscan - ok

07:25:45.0511 3676 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

07:25:45.0573 3676 USBSTOR - ok

07:25:45.0659 3676 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

07:25:45.0680 3676 usbuhci - ok

07:25:45.0740 3676 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

07:25:45.0801 3676 usbvideo - ok

07:25:45.0903 3676 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

07:25:45.0927 3676 usb_rndisx - ok

07:25:45.0985 3676 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

07:25:46.0015 3676 VClone - ok

07:25:46.0100 3676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

07:25:46.0121 3676 vdrvroot - ok

07:25:46.0143 3676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

07:25:46.0174 3676 vga - ok

07:25:46.0201 3676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

07:25:46.0272 3676 VgaSave - ok

07:25:46.0379 3676 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

07:25:46.0405 3676 vhdmp - ok

07:25:46.0425 3676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

07:25:46.0434 3676 viaide - ok

07:25:46.0449 3676 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

07:25:46.0460 3676 volmgr - ok

07:25:46.0547 3676 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

07:25:46.0578 3676 volmgrx - ok

07:25:46.0610 3676 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

07:25:46.0637 3676 volsnap - ok

07:25:46.0664 3676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

07:25:46.0675 3676 vsmraid - ok

07:25:46.0761 3676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

07:25:46.0807 3676 vwifibus - ok

07:25:46.0846 3676 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

07:25:46.0889 3676 vwififlt - ok

07:25:47.0000 3676 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

07:25:47.0025 3676 vwifimp - ok

07:25:47.0054 3676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

07:25:47.0097 3676 WacomPen - ok

07:25:47.0217 3676 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

07:25:47.0265 3676 WANARP - ok

07:25:47.0278 3676 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

07:25:47.0310 3676 Wanarpv6 - ok

07:25:47.0415 3676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

07:25:47.0432 3676 Wd - ok

07:25:47.0468 3676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

07:25:47.0492 3676 Wdf01000 - ok

07:25:47.0612 3676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

07:25:47.0657 3676 WfpLwf - ok

07:25:47.0684 3676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

07:25:47.0692 3676 WIMMount - ok

07:25:47.0808 3676 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

07:25:47.0848 3676 WINUSB - ok

07:25:47.0910 3676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

07:25:47.0951 3676 WmiAcpi - ok

07:25:48.0052 3676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

07:25:48.0124 3676 ws2ifsl - ok

07:25:48.0168 3676 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

07:25:48.0240 3676 WudfPf - ok

07:25:48.0349 3676 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

07:25:48.0402 3676 WUDFRd - ok

07:25:48.0490 3676 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

07:25:48.0508 3676 xusb21 - ok

07:25:48.0563 3676 MBR (0x1B8) (950dcd2e3db597e6b62b2b7124557fec) \Device\Harddisk0\DR0

07:25:48.0564 3676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

07:25:48.0564 3676 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

07:25:48.0627 3676 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

07:25:48.0627 3676 \Device\Harddisk0\DR0 - detected TDSS File System (1)

07:25:48.0664 3676 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

07:25:48.0666 3676 \Device\Harddisk0\DR0\Partition0 - ok

07:25:48.0673 3676 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

07:25:48.0674 3676 \Device\Harddisk0\DR0\Partition1 - ok

07:25:48.0675 3676 ============================================================

07:25:48.0675 3676 Scan finished

07:25:48.0675 3676 ============================================================

07:25:48.0685 5828 Detected object count: 4

07:25:48.0685 5828 Actual detected object count: 4

07:27:19.0561 5828 C:\Windows\system32\DRIVERS\MijXfilt.sys - copied to quarantine

07:27:19.0561 5828 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

07:27:19.0602 5828 C:\Windows\system32\Drivers\usbaapl64.sys - copied to quarantine

07:27:19.0603 5828 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

07:27:19.0632 5828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

07:27:19.0633 5828 \Device\Harddisk0\DR0 - ok

07:27:19.0635 5828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

07:27:19.0639 5828 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

07:27:19.0641 5828 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

07:27:19.0643 5828 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

07:27:19.0646 5828 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

07:27:19.0649 5828 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

07:27:19.0710 5828 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

07:27:19.0722 5828 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

07:27:19.0735 5828 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

07:27:19.0739 5828 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

07:27:19.0740 5828 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

07:27:19.0741 5828 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

07:27:29.0738 9108 Deinitialize success

Thanks and I look forward to hearing from you!

Share this post


Link to post
Share on other sites

TDSSKiller detected four suspect drivers that it quarantined and it also detected and fixed a Master Boot Record rootkit. I'd like you to run TDSSKiller again, to verify that these problems have been fixed and post that log.

Please let me know if your infection symptoms are gone - ie. are you still getting redirected searches, etc?

Share this post


Link to post
Share on other sites

Here is the report from the TDSS scan I just ran:

15:55:37.0448 3252 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55

15:55:37.0714 3252 ============================================================

15:55:37.0714 3252 Current date / time: 2011/11/22 15:55:37.0714

15:55:37.0714 3252 SystemInfo:

15:55:37.0714 3252

15:55:37.0714 3252 OS Version: 6.1.7600 ServicePack: 0.0

15:55:37.0714 3252 Product type: Workstation

15:55:37.0714 3252 ComputerName: COOKAAYMONSTER

15:55:37.0714 3252 UserName: Dylan

15:55:37.0714 3252 Windows directory: C:\Windows

15:55:37.0714 3252 System windows directory: C:\Windows

15:55:37.0714 3252 Running under WOW64

15:55:37.0714 3252 Processor architecture: Intel x64

15:55:37.0714 3252 Number of processors: 8

15:55:37.0714 3252 Page size: 0x1000

15:55:37.0714 3252 Boot type: Normal boot

15:55:37.0714 3252 ============================================================

15:55:38.0260 3252 Initialize success

15:55:49.0070 3212 ============================================================

15:55:49.0070 3212 Scan started

15:55:49.0070 3212 Mode: Manual; SigCheck; TDLFS;

15:55:49.0070 3212 ============================================================

15:55:50.0116 3212 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

15:55:50.0178 3212 1394ohci - ok

15:55:50.0209 3212 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

15:55:50.0225 3212 ACPI - ok

15:55:50.0303 3212 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

15:55:50.0334 3212 AcpiPmi - ok

15:55:50.0381 3212 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:55:50.0412 3212 adp94xx - ok

15:55:50.0490 3212 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:55:50.0521 3212 adpahci - ok

15:55:50.0552 3212 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:55:50.0552 3212 adpu320 - ok

15:55:50.0662 3212 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

15:55:50.0693 3212 AFD - ok

15:55:50.0802 3212 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

15:55:50.0818 3212 agp440 - ok

15:55:50.0942 3212 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

15:55:50.0974 3212 aliide - ok

15:55:51.0005 3212 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

15:55:51.0020 3212 amdide - ok

15:55:51.0067 3212 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:55:51.0098 3212 AmdK8 - ok

15:55:51.0208 3212 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:55:51.0223 3212 AmdPPM - ok

15:55:51.0317 3212 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

15:55:51.0348 3212 amdsata - ok

15:55:51.0457 3212 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:55:51.0473 3212 amdsbs - ok

15:55:51.0504 3212 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

15:55:51.0504 3212 amdxata - ok

15:55:51.0613 3212 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

15:55:51.0629 3212 AmUStor - ok

15:55:51.0676 3212 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:55:51.0691 3212 AppID - ok

15:55:51.0785 3212 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:55:51.0800 3212 arc - ok

15:55:51.0816 3212 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:55:51.0832 3212 arcsas - ok

15:55:51.0941 3212 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:55:51.0988 3212 AsyncMac - ok

15:55:52.0003 3212 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

15:55:52.0003 3212 atapi - ok

15:55:52.0112 3212 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

15:55:52.0144 3212 AthBTPort - ok

15:55:52.0222 3212 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

15:55:52.0253 3212 athr - ok

15:55:52.0378 3212 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:55:52.0409 3212 b06bdrv - ok

15:55:52.0502 3212 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:55:52.0534 3212 b57nd60a - ok

15:55:52.0721 3212 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

15:55:52.0783 3212 BCM43XX - ok

15:55:52.0877 3212 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:55:52.0924 3212 Beep - ok

15:55:53.0064 3212 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:55:53.0080 3212 blbdrive - ok

15:55:53.0220 3212 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

15:55:53.0236 3212 bowser - ok

15:55:53.0267 3212 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:55:53.0282 3212 BrFiltLo - ok

15:55:53.0345 3212 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:55:53.0376 3212 BrFiltUp - ok

15:55:53.0423 3212 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:55:53.0438 3212 Brserid - ok

15:55:53.0470 3212 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:55:53.0485 3212 BrSerWdm - ok

15:55:53.0548 3212 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:55:53.0579 3212 BrUsbMdm - ok

15:55:53.0594 3212 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:55:53.0610 3212 BrUsbSer - ok

15:55:53.0657 3212 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

15:55:53.0672 3212 BTATH_A2DP - ok

15:55:53.0782 3212 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

15:55:53.0797 3212 BTATH_BUS - ok

15:55:53.0828 3212 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

15:55:53.0844 3212 BTATH_HCRP - ok

15:55:53.0953 3212 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

15:55:53.0969 3212 BTATH_RCP - ok

15:55:54.0094 3212 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:55:54.0125 3212 BthEnum - ok

15:55:54.0156 3212 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:55:54.0187 3212 BTHMODEM - ok

15:55:54.0281 3212 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:55:54.0312 3212 BthPan - ok

15:55:54.0390 3212 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

15:55:54.0421 3212 BTHPORT - ok

15:55:54.0530 3212 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

15:55:54.0562 3212 BTHUSB - ok

15:55:54.0593 3212 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

15:55:54.0624 3212 btwampfl - ok

15:55:54.0686 3212 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

15:55:54.0702 3212 btwaudio - ok

15:55:54.0749 3212 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

15:55:54.0764 3212 btwavdt - ok

15:55:54.0889 3212 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

15:55:54.0889 3212 btwl2cap - ok

15:55:54.0936 3212 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

15:55:54.0952 3212 btwrchid - ok

15:55:55.0061 3212 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:55:55.0108 3212 cdfs - ok

15:55:55.0217 3212 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:55:55.0232 3212 cdrom - ok

15:55:55.0357 3212 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:55:55.0388 3212 circlass - ok

15:55:55.0420 3212 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:55:55.0451 3212 CLFS - ok

15:55:55.0607 3212 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:55:55.0622 3212 CmBatt - ok

15:55:55.0654 3212 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

15:55:55.0669 3212 cmdide - ok

15:55:55.0778 3212 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

15:55:55.0810 3212 CNG - ok

15:55:55.0903 3212 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:55:55.0919 3212 Compbatt - ok

15:55:55.0966 3212 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:55:55.0981 3212 CompositeBus - ok

15:55:56.0075 3212 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:55:56.0090 3212 crcdisk - ok

15:55:56.0231 3212 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

15:55:56.0246 3212 DfsC - ok

15:55:56.0309 3212 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:55:56.0356 3212 discache - ok

15:55:56.0434 3212 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:55:56.0449 3212 Disk - ok

15:55:56.0558 3212 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:55:56.0590 3212 drmkaud - ok

15:55:56.0746 3212 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

15:55:56.0792 3212 DXGKrnl - ok

15:55:56.0948 3212 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:55:56.0980 3212 ebdrv - ok

15:55:57.0120 3212 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:55:57.0151 3212 elxstor - ok

15:55:57.0245 3212 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

15:55:57.0260 3212 ErrDev - ok

15:55:57.0323 3212 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:55:57.0370 3212 exfat - ok

15:55:57.0463 3212 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:55:57.0510 3212 fastfat - ok

15:55:57.0541 3212 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:55:57.0557 3212 fdc - ok

15:55:57.0650 3212 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:55:57.0666 3212 FileInfo - ok

15:55:57.0682 3212 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:55:57.0728 3212 Filetrace - ok

15:55:57.0744 3212 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:55:57.0775 3212 flpydisk - ok

15:55:57.0884 3212 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:55:57.0916 3212 FltMgr - ok

15:55:58.0025 3212 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:55:58.0056 3212 FsDepends - ok

15:55:58.0072 3212 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:55:58.0087 3212 Fs_Rec - ok

15:55:58.0165 3212 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:55:58.0196 3212 fvevol - ok

15:55:58.0212 3212 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:55:58.0228 3212 gagp30kx - ok

15:55:58.0352 3212 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:55:58.0384 3212 hcw85cir - ok

15:55:58.0430 3212 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:55:58.0462 3212 HdAudAddService - ok

15:55:58.0571 3212 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:55:58.0602 3212 HDAudBus - ok

15:55:58.0633 3212 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

15:55:58.0633 3212 HECIx64 - ok

15:55:58.0664 3212 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:55:58.0680 3212 HidBatt - ok

15:55:58.0758 3212 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:55:58.0789 3212 HidBth - ok

15:55:58.0820 3212 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:55:58.0836 3212 HidIr - ok

15:55:58.0930 3212 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:55:58.0961 3212 HidUsb - ok

15:55:58.0992 3212 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

15:55:59.0008 3212 HpSAMD - ok

15:55:59.0101 3212 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:55:59.0148 3212 HTTP - ok

15:55:59.0226 3212 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:55:59.0242 3212 hwpolicy - ok

15:55:59.0288 3212 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:55:59.0320 3212 i8042prt - ok

15:55:59.0398 3212 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

15:55:59.0413 3212 iaStor - ok

15:55:59.0538 3212 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

15:55:59.0569 3212 iaStorV - ok

15:55:59.0600 3212 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:55:59.0600 3212 iirsp - ok

15:55:59.0788 3212 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

15:55:59.0819 3212 IntcAzAudAddService - ok

15:55:59.0897 3212 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

15:55:59.0912 3212 intelide - ok

15:55:59.0959 3212 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:55:59.0975 3212 intelppm - ok

15:56:00.0084 3212 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:56:00.0131 3212 IpFilterDriver - ok

15:56:00.0162 3212 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:56:00.0178 3212 IPMIDRV - ok

15:56:00.0240 3212 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:56:00.0302 3212 IPNAT - ok

15:56:00.0334 3212 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:56:00.0349 3212 IRENUM - ok

15:56:00.0412 3212 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

15:56:00.0443 3212 isapnp - ok

15:56:00.0458 3212 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

15:56:00.0474 3212 iScsiPrt - ok

15:56:00.0521 3212 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:56:00.0536 3212 kbdclass - ok

15:56:00.0630 3212 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:56:00.0646 3212 kbdhid - ok

15:56:00.0677 3212 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

15:56:00.0677 3212 KSecDD - ok

15:56:00.0724 3212 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

15:56:00.0739 3212 KSecPkg - ok

15:56:00.0833 3212 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:56:00.0880 3212 ksthunk - ok

15:56:00.0926 3212 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

15:56:00.0926 3212 L1C - ok

15:56:01.0036 3212 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:56:01.0082 3212 lltdio - ok

15:56:01.0129 3212 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:56:01.0145 3212 LSI_FC - ok

15:56:01.0207 3212 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:56:01.0223 3212 LSI_SAS - ok

15:56:01.0254 3212 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:56:01.0254 3212 LSI_SAS2 - ok

15:56:01.0301 3212 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:56:01.0332 3212 LSI_SCSI - ok

15:56:01.0410 3212 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:56:01.0457 3212 luafv - ok

15:56:01.0566 3212 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

15:56:01.0566 3212 MBAMProtector - ok

15:56:01.0706 3212 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

15:56:01.0738 3212 mcdbus - ok

15:56:01.0753 3212 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:56:01.0769 3212 megasas - ok

15:56:01.0862 3212 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:56:01.0878 3212 MegaSR - ok

15:56:01.0940 3212 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:56:01.0987 3212 Modem - ok

15:56:02.0065 3212 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:56:02.0096 3212 monitor - ok

15:56:02.0128 3212 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

15:56:02.0143 3212 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

15:56:02.0143 3212 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

15:56:02.0206 3212 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:56:02.0237 3212 mouclass - ok

15:56:02.0268 3212 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:56:02.0284 3212 mouhid - ok

15:56:02.0362 3212 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:56:02.0393 3212 mountmgr - ok

15:56:02.0408 3212 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

15:56:02.0424 3212 mpio - ok

15:56:02.0440 3212 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:56:02.0471 3212 mpsdrv - ok

15:56:02.0486 3212 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:56:02.0502 3212 MRxDAV - ok

15:56:02.0580 3212 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:56:02.0611 3212 mrxsmb - ok

15:56:02.0674 3212 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:56:02.0705 3212 mrxsmb10 - ok

15:56:02.0736 3212 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:56:02.0752 3212 mrxsmb20 - ok

15:56:02.0814 3212 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

15:56:02.0845 3212 msahci - ok

15:56:02.0876 3212 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

15:56:02.0876 3212 msdsm - ok

15:56:02.0939 3212 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:56:02.0986 3212 Msfs - ok

15:56:03.0048 3212 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:56:03.0095 3212 mshidkmdf - ok

15:56:03.0110 3212 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

15:56:03.0126 3212 msisadrv - ok

15:56:03.0157 3212 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:56:03.0188 3212 MSKSSRV - ok

15:56:03.0266 3212 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:56:03.0313 3212 MSPCLOCK - ok

15:56:03.0344 3212 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:56:03.0376 3212 MSPQM - ok

15:56:03.0391 3212 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:56:03.0407 3212 MsRPC - ok

15:56:03.0485 3212 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:56:03.0500 3212 mssmbios - ok

15:56:03.0532 3212 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:56:03.0578 3212 MSTEE - ok

15:56:03.0578 3212 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:56:03.0594 3212 MTConfig - ok

15:56:03.0625 3212 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:56:03.0641 3212 Mup - ok

15:56:03.0734 3212 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

15:56:03.0750 3212 mwlPSDFilter - ok

15:56:03.0766 3212 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

15:56:03.0766 3212 mwlPSDNServ - ok

15:56:03.0781 3212 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

15:56:03.0797 3212 mwlPSDVDisk - ok

15:56:03.0922 3212 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:56:03.0953 3212 NativeWifiP - ok

15:56:04.0015 3212 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:56:04.0031 3212 NDIS - ok

15:56:04.0124 3212 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:56:04.0171 3212 NdisCap - ok

15:56:04.0202 3212 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:56:04.0218 3212 NdisTapi - ok

15:56:04.0312 3212 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:56:04.0358 3212 Ndisuio - ok

15:56:04.0374 3212 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:56:04.0405 3212 NdisWan - ok

15:56:04.0436 3212 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:56:04.0468 3212 NDProxy - ok

15:56:04.0546 3212 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:56:04.0592 3212 NetBIOS - ok

15:56:04.0608 3212 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:56:04.0639 3212 NetBT - ok

15:56:04.0717 3212 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:56:04.0748 3212 nfrd960 - ok

15:56:04.0764 3212 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:56:04.0811 3212 Npfs - ok

15:56:04.0826 3212 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:56:04.0858 3212 nsiproxy - ok

15:56:04.0936 3212 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

15:56:04.0967 3212 Ntfs - ok

15:56:05.0045 3212 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

15:56:05.0060 3212 NTIDrvr - ok

15:56:05.0092 3212 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:56:05.0138 3212 Null - ok

15:56:05.0232 3212 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

15:56:05.0248 3212 NVHDA - ok

15:56:05.0482 3212 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:56:05.0622 3212 nvlddmkm - ok

15:56:05.0731 3212 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

15:56:05.0762 3212 nvraid - ok

15:56:05.0778 3212 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

15:56:05.0778 3212 nvstor - ok

15:56:05.0856 3212 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

15:56:05.0887 3212 nv_agp - ok

15:56:05.0918 3212 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

15:56:05.0934 3212 ohci1394 - ok

15:56:06.0028 3212 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:56:06.0059 3212 Parport - ok

15:56:06.0074 3212 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

15:56:06.0106 3212 partmgr - ok

15:56:06.0121 3212 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

15:56:06.0137 3212 pci - ok

15:56:06.0152 3212 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

15:56:06.0168 3212 pciide - ok

15:56:06.0246 3212 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:56:06.0262 3212 pcmcia - ok

15:56:06.0277 3212 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:56:06.0293 3212 pcw - ok

15:56:06.0324 3212 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:56:06.0355 3212 PEAUTH - ok

15:56:06.0480 3212 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:56:06.0542 3212 PptpMiniport - ok

15:56:06.0558 3212 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:56:06.0574 3212 Processor - ok

15:56:06.0667 3212 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:56:06.0714 3212 Psched - ok

15:56:06.0761 3212 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:56:06.0776 3212 ql2300 - ok

15:56:06.0854 3212 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:56:06.0886 3212 ql40xx - ok

15:56:06.0917 3212 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:56:06.0917 3212 QWAVEdrv - ok

15:56:07.0026 3212 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:56:07.0073 3212 RasAcd - ok

15:56:07.0120 3212 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:56:07.0151 3212 RasAgileVpn - ok

15:56:07.0182 3212 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:56:07.0198 3212 Rasl2tp - ok

15:56:07.0276 3212 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:56:07.0322 3212 RasPppoe - ok

15:56:07.0354 3212 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:56:07.0385 3212 RasSstp - ok

15:56:07.0416 3212 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:56:07.0432 3212 rdbss - ok

15:56:07.0510 3212 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:56:07.0541 3212 rdpbus - ok

15:56:07.0572 3212 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:56:07.0634 3212 RDPCDD - ok

15:56:07.0634 3212 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:56:07.0666 3212 RDPENCDD - ok

15:56:07.0681 3212 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:56:07.0697 3212 RDPREFMP - ok

15:56:07.0728 3212 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

15:56:07.0759 3212 RDPWD - ok

15:56:07.0837 3212 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

15:56:07.0853 3212 rdyboost - ok

15:56:07.0915 3212 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:56:07.0931 3212 RFCOMM - ok

15:56:08.0024 3212 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

15:56:08.0040 3212 RimUsb - ok

15:56:08.0087 3212 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

15:56:08.0134 3212 RMCAST - ok

15:56:08.0212 3212 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:56:08.0274 3212 rspndr - ok

15:56:08.0336 3212 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

15:56:08.0352 3212 SASDIFSV - ok

15:56:08.0383 3212 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

15:56:08.0383 3212 SASKUTIL - ok

15:56:08.0461 3212 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

15:56:08.0492 3212 sbp2port - ok

15:56:08.0508 3212 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:56:08.0555 3212 scfilter - ok

15:56:08.0586 3212 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:56:08.0617 3212 secdrv - ok

15:56:08.0711 3212 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:56:08.0726 3212 Serenum - ok

15:56:08.0758 3212 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:56:08.0773 3212 Serial - ok

15:56:08.0820 3212 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:56:08.0836 3212 sermouse - ok

15:56:08.0914 3212 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

15:56:08.0945 3212 sffdisk - ok

15:56:08.0960 3212 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:56:08.0960 3212 sffp_mmc - ok

15:56:08.0976 3212 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

15:56:08.0992 3212 sffp_sd - ok

15:56:09.0007 3212 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:56:09.0007 3212 sfloppy - ok

15:56:09.0038 3212 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:56:09.0038 3212 SiSRaid2 - ok

15:56:09.0116 3212 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:56:09.0132 3212 SiSRaid4 - ok

15:56:09.0179 3212 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:56:09.0226 3212 Smb - ok

15:56:09.0319 3212 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:56:09.0335 3212 spldr - ok

15:56:09.0397 3212 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

15:56:09.0428 3212 srv - ok

15:56:09.0522 3212 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

15:56:09.0553 3212 srv2 - ok

15:56:09.0584 3212 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

15:56:09.0616 3212 srvnet - ok

15:56:09.0709 3212 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:56:09.0725 3212 stexstor - ok

15:56:09.0772 3212 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:56:09.0787 3212 swenum - ok

15:56:09.0912 3212 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

15:56:09.0928 3212 SynTP - ok

15:56:10.0021 3212 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

15:56:10.0068 3212 Tcpip - ok

15:56:10.0193 3212 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

15:56:10.0224 3212 TCPIP6 - ok

15:56:10.0302 3212 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:56:10.0349 3212 tcpipreg - ok

15:56:10.0380 3212 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:56:10.0396 3212 TDPIPE - ok

15:56:10.0411 3212 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:56:10.0442 3212 TDTCP - ok

15:56:10.0474 3212 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:56:10.0505 3212 tdx - ok

15:56:10.0583 3212 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

15:56:10.0598 3212 TermDD - ok

15:56:10.0661 3212 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:56:10.0708 3212 tssecsrv - ok

15:56:10.0786 3212 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:56:10.0832 3212 tunnel - ok

15:56:10.0864 3212 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

15:56:10.0879 3212 TurboB - ok

15:56:10.0895 3212 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:56:10.0895 3212 uagp35 - ok

15:56:10.0926 3212 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

15:56:10.0926 3212 UBHelper - ok

15:56:11.0020 3212 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

15:56:11.0082 3212 udfs - ok

15:56:11.0098 3212 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

15:56:11.0113 3212 uliagpkx - ok

15:56:11.0129 3212 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:56:11.0144 3212 umbus - ok

15:56:11.0160 3212 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:56:11.0160 3212 UmPass - ok

15:56:11.0285 3212 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

15:56:11.0285 3212 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

15:56:11.0285 3212 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

15:56:11.0316 3212 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

15:56:11.0332 3212 usbccgp - ok

15:56:11.0378 3212 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

15:56:11.0410 3212 usbcir - ok

15:56:11.0488 3212 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

15:56:11.0519 3212 usbehci - ok

15:56:11.0550 3212 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

15:56:11.0581 3212 usbhub - ok

15:56:11.0597 3212 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

15:56:11.0612 3212 usbohci - ok

15:56:11.0690 3212 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:56:11.0722 3212 usbprint - ok

15:56:11.0768 3212 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:56:11.0800 3212 usbscan - ok

15:56:11.0815 3212 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:56:11.0815 3212 USBSTOR - ok

15:56:11.0893 3212 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

15:56:11.0909 3212 usbuhci - ok

15:56:11.0971 3212 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

15:56:12.0002 3212 usbvideo - ok

15:56:12.0096 3212 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

15:56:12.0127 3212 usb_rndisx - ok

15:56:12.0190 3212 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

15:56:12.0221 3212 VClone - ok

15:56:12.0314 3212 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

15:56:12.0330 3212 vdrvroot - ok

15:56:12.0361 3212 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:56:12.0392 3212 vga - ok

15:56:12.0408 3212 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:56:12.0455 3212 VgaSave - ok

15:56:12.0548 3212 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

15:56:12.0564 3212 vhdmp - ok

15:56:12.0595 3212 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

15:56:12.0595 3212 viaide - ok

15:56:12.0626 3212 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

15:56:12.0642 3212 volmgr - ok

15:56:12.0720 3212 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:56:12.0736 3212 volmgrx - ok

15:56:12.0767 3212 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

15:56:12.0782 3212 volsnap - ok

15:56:12.0798 3212 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:56:12.0814 3212 vsmraid - ok

15:56:12.0892 3212 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:56:12.0923 3212 vwifibus - ok

15:56:12.0954 3212 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:56:12.0970 3212 vwififlt - ok

15:56:13.0079 3212 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

15:56:13.0110 3212 vwifimp - ok

15:56:13.0141 3212 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:56:13.0172 3212 WacomPen - ok

15:56:13.0266 3212 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:56:13.0313 3212 WANARP - ok

15:56:13.0328 3212 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:56:13.0344 3212 Wanarpv6 - ok

15:56:13.0453 3212 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:56:13.0469 3212 Wd - ok

15:56:13.0500 3212 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:56:13.0531 3212 Wdf01000 - ok

15:56:13.0625 3212 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:56:13.0672 3212 WfpLwf - ok

15:56:13.0687 3212 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:56:13.0687 3212 WIMMount - ok

15:56:13.0828 3212 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

15:56:13.0843 3212 WINUSB - ok

15:56:13.0874 3212 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:56:13.0890 3212 WmiAcpi - ok

15:56:13.0984 3212 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:56:14.0046 3212 ws2ifsl - ok

15:56:14.0062 3212 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:56:14.0093 3212 WudfPf - ok

15:56:14.0202 3212 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:56:14.0249 3212 WUDFRd - ok

15:56:14.0296 3212 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

15:56:14.0311 3212 xusb21 - ok

15:56:14.0358 3212 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:56:14.0452 3212 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

15:56:14.0452 3212 \Device\Harddisk0\DR0 - detected TDSS File System (1)

15:56:14.0452 3212 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

15:56:14.0452 3212 \Device\Harddisk0\DR0\Partition0 - ok

15:56:14.0498 3212 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

15:56:14.0498 3212 \Device\Harddisk0\DR0\Partition1 - ok

15:56:14.0498 3212 ============================================================

15:56:14.0498 3212 Scan finished

15:56:14.0498 3212 ============================================================

15:56:14.0514 4712 Detected object count: 3

15:56:14.0514 4712 Actual detected object count: 3

15:56:41.0533 4712 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - skipped by user

15:56:41.0533 4712 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:56:41.0533 4712 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

15:56:41.0533 4712 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:56:41.0533 4712 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:56:41.0533 4712 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Was I correct when I skipped these medium threats? What is a TDSS File? Shouldn't the TDSS killer be getting rid of it?

Share this post


Link to post
Share on other sites

Also I know the problem is not fixed I just ran Malwarebytes again on my computer, and it still registers an SCVHOST Virus here is the log from my scan:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8210

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

11/22/2011 4:06:30 PM

mbam-log-2011-11-22 (16-06-30).txt

Scan type: Quick scan

Objects scanned: 184479

Time elapsed: 6 minute(s), 10 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Share this post


Link to post
Share on other sites
Was I correct when I skipped these medium threats?

The first is a driver for an Apple Device, possibly an iphone and the other "threat", MijXfilt.sys is the "MotioninJoy Virtual Xinput device Filter Driver" ( a driver for a joystick, possibly). Does that sound familiar?

C:\Windows\system32\Drivers\usbaapl64.sys

C:\Windows\system32\DRIVERS\MijXfilt.sys

These are third party (non-Windows), unsigned device drivers - so TDSSKiller is targeting them.

You can upload the two suspect drivers at VirusTotal to have all their scanners cast their verdict. To do that:

  • Go HERE:
    http://www.virustotal.com/
  • Select the "Upload a File" Tab.
  • Click the "Browse" button and a Windows Explorer-type interface will open that enables you to navigate through your file system.
  • Locate the file you want analyzed for it's threat potential, left-click that file, and click "Send File" to upload it to VirusTotal.
  • If the file was previously scanned VirusTotal will display a message to that effect.
  • If you want to rescan rather than accept the previous results, select "Reanalyze".
  • Wait for it to be scanned and post back the url (copy/paste the link to the scan result page from your browser's address bar) if any of the scanners determine the file to be a threat.
  • Repeat this same procedure for each of the two files listed above.

What is a TDSS File? Shouldn't the TDSS killer be getting rid of it?

This TDSS is a very prevalent MBR rootkit (hidden) threat that inserts its own TDSS file system on your hard drive. TDSSKiller is able to remove it in most cases but you most likely have a variant that it cannot remove.

Let's try this:

Download aswMBR.exe ( 1870KB ) to your DESKTOP.

http://public.avast.com/~gmerek/aswMBR.htm

Double click aswMBR.exe to run it

When the scan finishes, click the "Save log" button, and two files will be saved to your desktop:

1. aswmbr.log - copy and paste this into your next reply

2. mbr.dat - zip this file up and attach it to your post

Please do not attempt to fix anything!!!

Share this post


Link to post
Share on other sites

Ok so I ran it, and I believe this is the log you are looking for?

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software

Run date: 2011-11-22 16:41:32

-----------------------------

16:41:32.071 OS Version: Windows x64 6.1.7600

16:41:32.071 Number of processors: 8 586 0x1E05

16:41:32.072 ComputerName: COOKAAYMONSTER UserName: Dylan

16:41:34.144 Initialize success

16:42:15.290 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

16:42:15.296 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3

16:42:15.313 Disk 0 MBR read successfully

16:42:15.319 Disk 0 MBR scan

16:42:15.324 Disk 0 Windows 7 default MBR code

16:42:15.331 Service scanning

16:42:16.642 Modules scanning

16:42:16.651 Disk 0 trace - called modules:

16:42:16.679 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

16:42:16.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dfb060]

16:42:16.696 3 CLASSPNP.SYS[fffff88001a8e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b0c050]

16:42:16.704 Scan finished successfully

16:42:49.102 Disk 0 MBR has been saved successfully to "C:\Users\Dylan\Downloads\MBR.dat"

16:42:49.103 The log file has been saved successfully to "C:\Users\Dylan\Downloads\aswMBR.txt"

And I hopefully I attached the right file? I couldn't find a MBR.bin, also I couldn't figure out how to zip the file...

Share this post


Link to post
Share on other sites

This is the file I want you to zip and attach please:

C:\Users\Dylan\Downloads\MBR.dat

To zip the file -

Download 7-Zip installer (the 64 bit msi for Windows):

http://www.7-zip.org/download.html

Navigate to and Right-click this file:

C:\Users\Dylan\Downloads\MBR.dat

Select 7-Zip and then "Add to MBR.zip"

The file C:\Users\Dylan\Downloads\MBR.zip will be created.

Please attach that to your next post

Share this post


Link to post
Share on other sites

Click Start and type cmd into the Start Search box

In the search results, Under Programs, right-click cmd.exe and select "Run as Administrator" from the context menu.

Once at the Command Prompt (a window with this line displayed)

C:\Windows\system32

Type diskpart

Hit Enter

Type list disk

Hit Enter

Right-click the command window with the results, left click "Select All" (the window will change color) and right-click within the command window so its original color returns

Open Notepad

Select Edit -> Paste

Save the file as listdisk.txt

Paste the contents into your next reply

You should get something like this:

Microsoft Windows [Version 6.0.6002]

Copyright © 2006 Microsoft Corporation. All rights reserved.

C:\Windows\system32>diskpart

Microsoft DiskPart version 6.0.6002

Copyright © 1999-2007 Microsoft Corporation.

On computer: NEGSTER22-PC

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 112 GB 0 B

Share this post


Link to post
Share on other sites

Here we go:

Microsoft Windows [Version 6.1.7600]

Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>diskpart

Microsoft DiskPart version 6.1.7600

Copyright © 1999-2008 Microsoft Corporation.

On computer: COOKAAYMONSTER

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 465 GB 0 B

DISKPART>

Share this post


Link to post
Share on other sites

Good now, open diskpart again by doing the following:

Click Start and type cmd into the Start Search box

In the search results, Under Programs, right-click cmd.exe and select "Run as Administrator" from the context menu.

Once at the Command Prompt (a window with this line displayed)

C:\Windows\system32

Type diskpart

Hit Enter

Type list disk

Hit Enter

Type Select disk 0

Hit Enter

Type list partition

Right-click the command window with the results, left click "Select All" (the window will change color) and right-click within the command window so its original color returns

Open Notepad

Select Edit -> Paste

Save the file as listpart.txt

Paste the contents into your next reply

You should get something like this:

Microsoft Windows [Version 6.0.6002]

Copyright © 2006 Microsoft Corporation. All rights reserved.

C:\Windows\system32>diskpart

Microsoft DiskPart version 6.0.6002

Copyright © 1999-2007 Microsoft Corporation.

On computer: NEGSTER22-PC

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 112 GB 0 B

DISKPART> select disk 0

Disk 0 is now the selected disk.

DISKPART> list partition

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 55 MB 32 KB

Partition 2 Primary 10 GB 55 MB

Partition 3 Primary 100 GB 10 GB

Partition 0 Extended 2048 MB 110 GB

Partition 4 Logical 2047 MB 110 GB

DISKPART>

Share this post


Link to post
Share on other sites

GOT IT!

Microsoft Windows [Version 6.1.7600]

Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>diskpart

Microsoft DiskPart version 6.1.7600

Copyright © 1999-2008 Microsoft Corporation.

On computer: COOKAAYMONSTER

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 465 GB 0 B

DISKPART> Select disk 0

Disk 0 is now the selected disk.

DISKPART> list partition

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Recovery 13 GB 1024 KB

Partition 2 Primary 100 MB 13 GB

Partition 3 Primary 452 GB 13 GB

DISKPART>

Share this post


Link to post
Share on other sites

Click start -> right-click "Computer" and select "Manage"

When the Computer Management Console opens:

Under Storage, Select "Disk Management"

Take a screen shot of the current window:

Hit the (Alt + Fn + Prnt Scrn) keys simultaneously to copy the screen image to the Windows Clipboard

Open paint (Click start -> type paint in the Start Search box, and select "Paint" under programs

After Paint pens, Click "Paste"

Save the picture as disk.jpg

Attach the image disk.jpg to your next post

Note: If you prefer to use the Windows 7 snipping tool to take the screenshot - by all means,use that.

Share this post


Link to post
Share on other sites
On a side note, I grew up in Westchester County, and I'll be there for Thanksgiving!

COOL!!! I hope your computer is clean by then!!

I am getting some conflicting results in your disk output comparison, which is not surprising since you are infected.

Do you have a CD R/W drive and a blank CD?

Share this post


Link to post
Share on other sites

But I think I'm going to call it a night, if you leave me instructions to follow, I'll do them when I wake up, round 9ish. Thanks so much for all your help. I really appreciate it, and so does my computer!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.