Jump to content

PC Tools internet security detects tdss 3 and murlo

Guest BlairWitch

By Guest BlairWitch
in General Chat

 Share

Recommended Posts

Guest BlairWitch

Guest BlairWitch

Posted
Posted

Hello i know this propably wont belong in this forum but i am just trying the trial of pc tools internet security and i did a quick scan or intelli scan or whatever and it detected tdss 3 rootkit and trojan downloader.Murlo, those trojan downloader detections were all in the registry and the tdss detections were some kernel objects.

I have scanned with mbam pro, avast, antivir and bullguard and those programs have not detected any infections. So is there any good tools to at least check if this tdss3 infection really exists and if it does it's not such infection that would constantly spam me with advertising or redirect my searchs. I dont know what else it could be doing then?

Here is a screenshot of the pctools results:

pctools.jpg:thumb_183401.jpg

I'm not sure if i should fix those things that it detects and would my computer then start anymore. I try to check with malwarebytes and see if it detects anything after the latest update...

:o

Link to post
Share on other sites
Guest BlairWitch

Guest BlairWitch

Posted
Posted

Here is the malwarebytes quick scan log:

Malwarebytes Anti-Malware (Kokeiluversio) 1.60.1.1000

www.malwarebytes.org

Tietokantaversio: v2012.02.18.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

esiasennettu :: TIETOKONE [järjestelmänvalvoja]

Suojaus: Käytössä

18.2.2012 12:04:25

mbam-log-2012-02-18 (12-04-25).txt

Tarkistustyyppi: Pikatarkistus

Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos

Käytöstä poistetut tarkistusvalinnat: Vertaisverkko (Peer-to-Peer)

Tarkistettuja kohteita: 187976

Kulunut aika: 14 minuutti(a), 23 sekunti(a)

Epäilyttäviä muistiprosesseja: 0

(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriarvoja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisterikohteita: 0

(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0

(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 0

(Ei haitallisia kohteita)

(loppu)

Here is the gmer log. I stopped the scan before it finished because i was so eager to post the results here.

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2012-02-18 13:12:54

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3120022A rev.8.01

Running: vdo37j35.exe; Driver: C:\DOCUME~1\ESIASE~1\LOCALS~1\Temp\ufryypow.sys

---- System - GMER 1.0.15 ----

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAllocateVirtualMemory [0xB1CE44AA]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAssignProcessToJobObject [0xB1CE3EF4]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwConnectPort [0xB1CE3F3C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateFile [0xB1CE3FF4]

SSDT TfSysMon.sys (ThreatFire System Monitor/PC Tools) ZwCreateKey [0xF72B5290]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcess [0xB1CE4C86]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcessEx [0xB1CE4D12]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateSection [0xB1CE4074]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateThread [0xB1CE4DA2]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDebugActiveProcess [0xB1CE40C4]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteFile [0xB1CE410C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteKey [0xB1CE4154]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteValueKey [0xB1CE419C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDuplicateObject [0xB1CE41E6]

SSDT sptd.sys ZwEnumerateKey [0xF7609FFE]

SSDT sptd.sys ZwEnumerateValueKey [0xF760A38C]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwFsControlFile [0xB1CE4230]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwMapViewOfSection [0xB1CE42F0]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenFile [0xB1CE4338]

SSDT TfSysMon.sys (ThreatFire System Monitor/PC Tools) ZwOpenKey [0xF72B5130]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenThread [0xB1CE4418]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwProtectVirtualMemory [0xB1CE44F8]

SSDT sptd.sys ZwQueryKey [0xF760A464]

SSDT sptd.sys ZwQueryValueKey [0xF760A2E4]

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF745EE16]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwRequestWaitReplyPort [0xB1CE4460]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwResumeThread [0xB1CE458E]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSecureConnectPort [0xB1CE467A]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetInformationFile [0xB1CE45D6]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetSecurityObject [0xB1CE4726]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetValueKey [0xB1CE4626]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSuspendProcess [0xB1CE4770]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwTerminateProcess [0xB1CE4800]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteFile [0xB1CE484E]

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteVirtualMemory [0xB1CE4896]

INT 0x62 ? 86BA4CC8

INT 0x63 ? 862B6CC8

INT 0x63 ? 862B6CC8

INT 0x63 ? 862B6CC8

INT 0x63 ? 862B6CC8

INT 0x63 ? 862B6CC8

INT 0x63 ? 862B6CC8

INT 0x73 ? 86BABCC8

INT 0x82 ? 86BA4CC8

---- Kernel code sections - GMER 1.0.15 ----

.text sptd.sys F759B000 32 Bytes [5E, 67, 6F, 80, 20, 17, 6F, ...]

.text sptd.sys F759B024 4 Bytes [74, DF, 58, F7]

.text sptd.sys F759B02C 424 Bytes [F2, BF, 57, 80, 66, E1, 59, ...]

.text sptd.sys F759B1E4 4 Bytes [79, 62, 73, 4C] {JNS 0x64; JAE 0x50}

.text sptd.sys F759B1EC 1 Byte [02]

.text ...

.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xF7692D38]

? C:\WINDOWS\system32\drivers\sptd.sys Prosessi ei voi käyttää tiedostoa, koska se on toisen prosessin käytössä.

.text USBPORT.SYS!DllUnload F6FA48AC 5 Bytes JMP 862B61D8

init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xF6ECE510]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe[1600] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 0044CD69 C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools Security Component/PC Tools)

.text C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe[1928] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 0044C4B9 C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools Security Component/PC Tools)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86BAB308

IAT \WINDOWS\System32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F759C574] sptd.sys

IAT \WINDOWS\System32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F759C0C0] sptd.sys

IAT \WINDOWS\System32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F759CFE0] sptd.sys

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F759C0C0] sptd.sys

IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F759C362] sptd.sys

IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F759C2A4] sptd.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F759D1BC] sptd.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F759CFE0] sptd.sys

IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 862B6308

IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F75B1312] sptd.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 86BA11F8

Device \FileSystem\Fastfat \FatCdrom 85F4E1F8

Device \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\usbuhci \Device\USBPDO-0 865021F8

Device \Driver\usbuhci \Device\USBPDO-1 865021F8

Device \Driver\usbuhci \Device\USBPDO-2 865021F8

Device \Driver\usbuhci \Device\USBPDO-3 865021F8

Device \Driver\usbehci \Device\USBPDO-4 864EB1F8

Device \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\Cdrom \Device\CdRom0 86508430

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F74F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}

Device \Driver\atapi \Device\Ide\IdePort0 [F74F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}

Device \Driver\atapi \Device\Ide\IdePort1 [F74F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}

Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F74F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}

Device \Driver\NetBT \Device\NetBt_Wins_Export 860431F8

Device \Driver\NetBT \Device\NetbiosSmb 860431F8

Device \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\usbuhci \Device\USBFDO-0 865021F8

Device \Driver\usbuhci \Device\USBFDO-1 865021F8

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8603F1F8

Device \Driver\Tcpip \Device\IPMULTICAST pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

Device \Driver\usbuhci \Device\USBFDO-2 865021F8

Device \FileSystem\MRxSmb \Device\LanmanRedirector 8603F1F8

Device \Driver\usbuhci \Device\USBFDO-3 865021F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{F91CC558-4923-43C9-A6D8-C5316D818247} 860431F8

Device \Driver\usbehci \Device\USBFDO-4 864EB1F8

Device \Driver\viasraid \Device\Scsi\viasraid1 86BA31F8

Device \FileSystem\Fastfat \Fat 85F4E1F8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 85F501F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD5 0xB3 0xD0 0xE2 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD5 0xB3 0xD0 0xE2 ...

---- EOF - GMER 1.0.15 ----

I think it has something to do with this http://forums.malwarebytes.org/index.php?showtopic=106078

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the
General Malwarebytes' Anti-Malware Forum
, you need to start a topic in the

Malware Removal forum

so a qualified helper can help you fix any malware related problems or infections you may have.
  • Please read and follow the directions here, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Follow this topic and choose Instantly,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.


    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
      Or
    • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk at
support@malwarebytes.org
or
here
.

OPTION 3

If you would like to use our
Malwarebytes Premium Consumer Services
partner, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our
Malwarebytes Premium Services
support site.

Please be patient, someone will assist you as soon as possible.

Link to post
Share on other sites
Guest BlairWitch

Guest BlairWitch

Posted
Posted

Well i have tried it. This is the only thing that it can detect and the default action is to do nothing... Here is the tdss killer log file:

20:42:35.0468 1752 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

20:42:37.0468 1752 ============================================================

20:42:37.0468 1752 Current date / time: 2012/02/19 20:42:37.0468

20:42:37.0468 1752 SystemInfo:

20:42:37.0468 1752

20:42:37.0468 1752 OS Version: 5.1.2600 ServicePack: 3.0

20:42:37.0468 1752 Product type: Workstation

20:42:37.0468 1752 ComputerName: TIETOKONE

20:42:37.0468 1752 UserName: esiasennettu

20:42:37.0468 1752 Windows directory: C:\WINDOWS

20:42:37.0468 1752 System windows directory: C:\WINDOWS

20:42:37.0468 1752 Processor architecture: Intel x86

20:42:37.0468 1752 Number of processors: 1

20:42:37.0468 1752 Page size: 0x1000

20:42:37.0468 1752 Boot type: Normal boot

20:42:37.0468 1752 ============================================================

20:42:42.0765 1752 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

20:42:42.0812 1752 \Device\Harddisk0\DR0:

20:42:42.0812 1752 MBR used

20:42:42.0812 1752 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782

20:42:42.0828 1752 Initialize success

20:42:42.0828 1752 ============================================================

20:42:52.0078 4008 ============================================================

20:42:52.0078 4008 Scan started

20:42:52.0078 4008 Mode: Manual; TDLFS;

20:42:52.0078 4008 ============================================================

20:42:52.0500 4008 1UnHooker (d26956eb27d6c4990bc3ddc4cae63ea0) C:\WINDOWS\system32\DRIVERS\1UnHooker.sys

20:42:52.0500 4008 1UnHooker - ok

20:42:52.0562 4008 48280318 - ok

20:42:52.0625 4008 Abiosdsk - ok

20:42:52.0687 4008 abp480n5 - ok

20:42:52.0828 4008 ACPI (86eba3468d103fc807adcf6ae577f203) C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:42:52.0890 4008 ACPI - ok

20:42:52.0984 4008 ACPIEC (9322a12c6362fd4ce1f6adca40edeced) C:\WINDOWS\system32\drivers\ACPIEC.sys

20:42:52.0984 4008 ACPIEC - ok

20:42:53.0046 4008 adpu160m - ok

20:42:53.0156 4008 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

20:42:53.0156 4008 aec - ok

20:42:53.0281 4008 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

20:42:53.0281 4008 AFD - ok

20:42:53.0343 4008 Aha154x - ok

20:42:53.0375 4008 aic78u2 - ok

20:42:53.0421 4008 aic78xx - ok

20:42:53.0531 4008 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS

20:42:53.0546 4008 ALCXSENS - ok

20:42:53.0718 4008 ALCXWDM (bc5c55b49c4bd1fdfaaa128fe21f9fea) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

20:42:53.0796 4008 ALCXWDM - ok

20:42:53.0921 4008 AliIde - ok

20:42:54.0031 4008 AmdK7 (ea31757b0baa08558ca4db1cdb66949b) C:\WINDOWS\system32\DRIVERS\amdk7.sys

20:42:54.0031 4008 AmdK7 - ok

20:42:54.0125 4008 amsint - ok

20:42:54.0218 4008 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

20:42:54.0218 4008 Arp1394 - ok

20:42:54.0328 4008 asc - ok

20:42:54.0375 4008 asc3350p - ok

20:42:54.0437 4008 asc3550 - ok

20:42:54.0625 4008 aswArKrn - ok

20:42:54.0734 4008 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:42:54.0734 4008 AsyncMac - ok

20:42:54.0875 4008 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

20:42:54.0875 4008 atapi - ok

20:42:54.0984 4008 Atdisk - ok

20:42:55.0140 4008 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

20:42:55.0390 4008 ati2mtag - ok

20:42:55.0531 4008 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:42:55.0546 4008 Atmarpc - ok

20:42:55.0718 4008 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

20:42:55.0718 4008 audstub - ok

20:42:56.0000 4008 basic2 (1b9c81ab9a456eabd9f8335f04b5f495) C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

20:42:56.0000 4008 basic2 - ok

20:42:56.0125 4008 BC (8964a8f677a76a68609c67320dda6bc9) C:\WINDOWS\system32\Drivers\BC.sys

20:42:56.0125 4008 BC - ok

20:42:56.0187 4008 BCASPROT - ok

20:42:56.0312 4008 BdSpy (42175a3b56922a8c9a294fa6f0b18344) C:\WINDOWS\system32\DRIVERS\BdSpy.sys

20:42:56.0312 4008 BdSpy - ok

20:42:56.0437 4008 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

20:42:56.0484 4008 Beep - ok

20:42:56.0687 4008 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

20:42:56.0703 4008 cbidf2k - ok

20:42:56.0828 4008 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

20:42:56.0828 4008 CCDECODE - ok

20:42:56.0906 4008 cd20xrnt - ok

20:42:57.0015 4008 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

20:42:57.0125 4008 Cdaudio - ok

20:42:57.0250 4008 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

20:42:57.0265 4008 Cdfs - ok

20:42:57.0375 4008 Cdr4_xp (c3e76b0c05ebf7261abfb08d9e75822e) C:\WINDOWS\system32\drivers\Cdr4_xp.sys

20:42:57.0375 4008 Cdr4_xp - ok

20:42:57.0468 4008 Cdralw2k (17590dfe29e02842a6e3a463e443d1b9) C:\WINDOWS\system32\drivers\Cdralw2k.sys

20:42:57.0468 4008 Cdralw2k - ok

20:42:57.0625 4008 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:42:57.0625 4008 Cdrom - ok

20:42:57.0750 4008 Changer - ok

20:42:57.0843 4008 CmdIde - ok

20:42:57.0937 4008 Cpqarray - ok

20:42:57.0984 4008 dac2w2k - ok

20:42:58.0031 4008 dac960nt - ok

20:42:58.0140 4008 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

20:42:58.0140 4008 Disk - ok

20:42:58.0296 4008 dmboot (a94bf38d74a8b8cdc4609c5b5546c9a1) C:\WINDOWS\system32\drivers\dmboot.sys

20:42:58.0328 4008 dmboot - ok

20:42:58.0453 4008 dmio (dc6e20600717b7be7709f6bbeb5f1e35) C:\WINDOWS\system32\drivers\dmio.sys

20:42:58.0468 4008 dmio - ok

20:42:58.0578 4008 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

20:42:58.0593 4008 dmload - ok

20:42:58.0718 4008 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

20:42:58.0734 4008 DMusic - ok

20:42:58.0843 4008 dpti2o - ok

20:42:58.0953 4008 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

20:42:58.0953 4008 drmkaud - ok

20:42:59.0046 4008 dwshd - ok

20:42:59.0140 4008 ENTECH (bdd170fecb0e496a914318009d85b819) C:\WINDOWS\System32\DRIVERS\ENTECH.SYS

20:42:59.0140 4008 ENTECH - ok

20:42:59.0328 4008 Fallback (c823debe2548656549f84a875d65237b) C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys

20:42:59.0343 4008 Fallback - ok

20:42:59.0500 4008 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

20:42:59.0546 4008 Fastfat - ok

20:42:59.0687 4008 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

20:42:59.0687 4008 Fdc - ok

20:42:59.0781 4008 FilterService - ok

20:42:59.0890 4008 Fips (fbafbfbacc14405393edbaa5ac3a41eb) C:\WINDOWS\system32\drivers\Fips.sys

20:42:59.0890 4008 Fips - ok

20:43:00.0000 4008 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

20:43:00.0000 4008 Flpydisk - ok

20:43:00.0109 4008 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

20:43:00.0125 4008 FltMgr - ok

20:43:00.0234 4008 Fsks (6483414841d4cab6c3b4db2ac6edd70b) C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys

20:43:00.0234 4008 Fsks - ok

20:43:00.0343 4008 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:43:00.0375 4008 Fs_Rec - ok

20:43:00.0437 4008 Ftdisk (30e0982506281508703c99115cee520c) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:43:00.0453 4008 Ftdisk - ok

20:43:00.0546 4008 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

20:43:00.0546 4008 gameenum - ok

20:43:00.0687 4008 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:43:00.0687 4008 Gpc - ok

20:43:00.0843 4008 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

20:43:00.0843 4008 HidUsb - ok

20:43:00.0921 4008 hpn - ok

20:43:01.0109 4008 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys

20:43:01.0125 4008 HSFHWBS2 - ok

20:43:01.0265 4008 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys

20:43:01.0328 4008 HSF_DP - ok

20:43:01.0468 4008 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys

20:43:01.0593 4008 hsf_msft - ok

20:43:01.0734 4008 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

20:43:01.0796 4008 HTTP - ok

20:43:01.0890 4008 i2omgmt - ok

20:43:01.0968 4008 i2omp - ok

20:43:02.0078 4008 i8042prt (328779b03d621cd6d0c13a2dde5477f5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:43:02.0093 4008 i8042prt - ok

20:43:02.0250 4008 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

20:43:02.0250 4008 Imapi - ok

20:43:02.0343 4008 ini910u - ok

20:43:02.0406 4008 IntelIde - ok

20:43:02.0515 4008 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

20:43:02.0531 4008 Ip6Fw - ok

20:43:02.0656 4008 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:43:02.0656 4008 IpFilterDriver - ok

20:43:02.0781 4008 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:43:02.0781 4008 IpInIp - ok

20:43:02.0921 4008 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:43:02.0937 4008 IpNat - ok

20:43:03.0000 4008 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:43:03.0000 4008 IPSec - ok

20:43:03.0093 4008 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

20:43:03.0093 4008 IRENUM - ok

20:43:03.0187 4008 isapnp (48c2901a6a32e30fadf1d883b2969cf1) C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:43:03.0187 4008 isapnp - ok

20:43:03.0328 4008 K56 (9c5e3fdbfcc30cf71a49ca178b9ad442) C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys

20:43:03.0359 4008 K56 - ok

20:43:03.0515 4008 Kbdclass (2aa4d6f99f0b25c0c25def5ae25b4d31) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:43:03.0515 4008 Kbdclass - ok

20:43:03.0687 4008 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

20:43:03.0687 4008 kmixer - ok

20:43:03.0828 4008 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

20:43:03.0859 4008 KSecDD - ok

20:43:03.0937 4008 lbrtfdc - ok

20:43:04.0015 4008 LVcKap - ok

20:43:04.0062 4008 LVMVDrv - ok

20:43:04.0109 4008 lvpopflt - ok

20:43:04.0171 4008 LVPr2Mon - ok

20:43:04.0218 4008 lvselsus - ok

20:43:04.0281 4008 LVUSBSta - ok

20:43:04.0312 4008 LVUVC - ok

20:43:04.0421 4008 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

20:43:04.0421 4008 MBAMProtector - ok

20:43:04.0578 4008 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

20:43:04.0593 4008 mdmxsdk - ok

20:43:04.0734 4008 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

20:43:04.0750 4008 mnmdd - ok

20:43:04.0906 4008 Modem (35837340d4c14a27988195dd67398c85) C:\WINDOWS\system32\drivers\Modem.sys

20:43:04.0906 4008 Modem - ok

20:43:05.0046 4008 Mouclass (e9fc0706d6973c9777bdee2147ef87e8) C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:43:05.0046 4008 Mouclass - ok

20:43:05.0140 4008 mouhid (cecbfa0343e2a9c7cfef3b999e7ba52c) C:\WINDOWS\system32\DRIVERS\mouhid.sys

20:43:05.0140 4008 mouhid - ok

20:43:05.0265 4008 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

20:43:05.0296 4008 MountMgr - ok

20:43:05.0406 4008 MpKsl792a8e28 - ok

20:43:05.0500 4008 mraid35x - ok

20:43:05.0609 4008 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:43:05.0609 4008 MRxDAV - ok

20:43:05.0765 4008 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:43:05.0781 4008 MRxSmb - ok

20:43:05.0937 4008 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

20:43:05.0968 4008 Msfs - ok

20:43:06.0062 4008 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:43:06.0062 4008 MSKSSRV - ok

20:43:06.0171 4008 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:43:06.0187 4008 MSPCLOCK - ok

20:43:06.0281 4008 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

20:43:06.0296 4008 MSPQM - ok

20:43:06.0406 4008 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:43:06.0406 4008 mssmbios - ok

20:43:06.0500 4008 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

20:43:06.0500 4008 MSTEE - ok

20:43:06.0625 4008 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

20:43:06.0656 4008 Mup - ok

20:43:06.0765 4008 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

20:43:06.0765 4008 NABTSFEC - ok

20:43:06.0906 4008 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

20:43:06.0968 4008 NDIS - ok

20:43:07.0078 4008 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

20:43:07.0078 4008 NdisIP - ok

20:43:07.0187 4008 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:43:07.0203 4008 NdisTapi - ok

20:43:07.0296 4008 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:43:07.0296 4008 Ndisuio - ok

20:43:07.0406 4008 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:43:07.0406 4008 NdisWan - ok

20:43:07.0515 4008 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

20:43:07.0531 4008 NDProxy - ok

20:43:07.0640 4008 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

20:43:07.0640 4008 NetBIOS - ok

20:43:07.0765 4008 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

20:43:07.0781 4008 NetBT - ok

20:43:07.0937 4008 netrcacm (b128ccc0e4586628d5d6f6a8f1d0778d) C:\WINDOWS\system32\DRIVERS\netrcacm.sys

20:43:07.0937 4008 netrcacm - ok

20:43:08.0046 4008 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

20:43:08.0062 4008 NIC1394 - ok

20:43:08.0234 4008 nokia_cs1x_cdc_acm (73b59d848ed1990c2b057a2a67009477) C:\WINDOWS\system32\DRIVERS\nokia_cs1x_cdc_acm.sys

20:43:08.0250 4008 nokia_cs1x_cdc_acm - ok

20:43:08.0359 4008 nokia_cs1x_cpo (c505061912383af9e987c81ecdbd27aa) C:\WINDOWS\system32\DRIVERS\nokia_cs1x_cpo.sys

20:43:08.0359 4008 nokia_cs1x_cpo - ok

20:43:08.0468 4008 nokia_cs1x_dc_enum (559aa470a6efa48caba5c5bf6a0f46fb) C:\WINDOWS\system32\DRIVERS\nokia_cs1x_dc_enum.sys

20:43:08.0468 4008 nokia_cs1x_dc_enum - ok

20:43:08.0625 4008 NovaShieldFilterDriver (cb9751585223a77785b915b0591d71f0) C:\WINDOWS\system32\DRIVERS\NSKernel.sys

20:43:08.0671 4008 NovaShieldFilterDriver - ok

20:43:08.0781 4008 NovaShieldTDIDriver (ed6af59b384a092e1c42df79b483b952) C:\WINDOWS\system32\DRIVERS\NSNetmon.sys

20:43:08.0781 4008 NovaShieldTDIDriver - ok

20:43:08.0906 4008 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

20:43:08.0921 4008 Npfs - ok

20:43:09.0093 4008 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

20:43:09.0125 4008 Ntfs - ok

20:43:09.0296 4008 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

20:43:09.0312 4008 Null - ok

20:43:09.0406 4008 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:43:09.0406 4008 NwlnkFlt - ok

20:43:09.0546 4008 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

20:43:09.0546 4008 NwlnkFwd - ok

20:43:09.0687 4008 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

20:43:09.0703 4008 ohci1394 - ok

20:43:09.0890 4008 Parport (a28a0c29a02a5fa2f75fa229e70e64b7) C:\WINDOWS\system32\DRIVERS\parport.sys

20:43:09.0890 4008 Parport - ok

20:43:10.0000 4008 Partizan - ok

20:43:10.0078 4008 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

20:43:10.0109 4008 PartMgr - ok

20:43:10.0250 4008 ParVdm (4eadd72430fffe9046353e9b5c733871) C:\WINDOWS\system32\drivers\ParVdm.sys

20:43:10.0250 4008 ParVdm - ok

20:43:10.0312 4008 pccsmcfd - ok

20:43:10.0406 4008 PCI (feb531dc1d3c5d1fe9ca7d144fc8cc22) C:\WINDOWS\system32\DRIVERS\pci.sys

20:43:10.0421 4008 PCI - ok

20:43:10.0515 4008 PCIDump - ok

20:43:10.0562 4008 PCIIde - ok

20:43:10.0656 4008 Pcmcia (6c0558ae897715dd67a2cbca290306c3) C:\WINDOWS\system32\drivers\Pcmcia.sys

20:43:10.0656 4008 Pcmcia - ok

20:43:10.0750 4008 PDCOMP - ok

20:43:10.0812 4008 PDFRAME - ok

20:43:10.0906 4008 PDRELI - ok

20:43:10.0984 4008 PDRFRAME - ok

20:43:11.0078 4008 perc2 - ok

20:43:11.0156 4008 perc2hib - ok

20:43:11.0312 4008 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:43:11.0312 4008 PptpMiniport - ok

20:43:11.0421 4008 Processor (4a1b365371ba3c24de657fb72ea08fb2) C:\WINDOWS\system32\DRIVERS\processr.sys

20:43:11.0421 4008 Processor - ok

20:43:11.0546 4008 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

20:43:11.0546 4008 Ptilink - ok

20:43:11.0687 4008 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

20:43:11.0687 4008 PxHelp20 - ok

20:43:11.0796 4008 ql1080 - ok

20:43:11.0843 4008 Ql10wnt - ok

20:43:11.0906 4008 ql12160 - ok

20:43:11.0937 4008 ql1240 - ok

20:43:12.0000 4008 ql1280 - ok

20:43:12.0046 4008 raeehd - ok

20:43:12.0156 4008 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:43:12.0156 4008 RasAcd - ok

20:43:12.0265 4008 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:43:12.0265 4008 Rasl2tp - ok

20:43:12.0421 4008 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:43:12.0421 4008 RasPppoe - ok

20:43:12.0578 4008 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

20:43:12.0578 4008 Raspti - ok

20:43:12.0671 4008 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:43:12.0687 4008 Rdbss - ok

20:43:12.0843 4008 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

20:43:12.0843 4008 RDPCDD - ok

20:43:12.0984 4008 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

20:43:13.0015 4008 RDPWD - ok

20:43:13.0171 4008 redbook (91b5ec87d728940ff72fcd21e582cee9) C:\WINDOWS\system32\DRIVERS\redbook.sys

20:43:13.0171 4008 redbook - ok

20:43:13.0265 4008 Rksample (bb7549bd94d1aac3599c7606c50c48a0) C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys

20:43:13.0281 4008 Rksample - ok

20:43:13.0406 4008 rspSanity (42954897224a218d4345e3d65715590a) C:\WINDOWS\system32\DRIVERS\rspSanity32.sys

20:43:13.0406 4008 rspSanity - ok

20:43:13.0531 4008 RTL8023 (29f9879a1fd386f7251ae9fdadb2cbf1) C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys

20:43:13.0546 4008 RTL8023 - ok

20:43:13.0640 4008 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

20:43:13.0656 4008 rtl8139 - ok

20:43:13.0828 4008 SABKUTIL - ok

20:43:14.0000 4008 SBRE (0505da5d357f18a5d42fc5dede6bc9a0) C:\WINDOWS\system32\drivers\SBREdrv.sys

20:43:14.0000 4008 SBRE - ok

20:43:14.0140 4008 SCR33X USB Smart Card Reader (e96730a19bab0346bebbdc604350920c) C:\WINDOWS\system32\DRIVERS\SCR33X2K.sys

20:43:14.0156 4008 SCR33X USB Smart Card Reader - ok

20:43:14.0343 4008 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

20:43:14.0343 4008 Secdrv - ok

20:43:14.0515 4008 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

20:43:14.0515 4008 serenum - ok

20:43:14.0625 4008 Serial (e6c01d131904fe42580c4f9d19c7d292) C:\WINDOWS\system32\DRIVERS\serial.sys

20:43:14.0625 4008 Serial - ok

20:43:14.0796 4008 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

20:43:14.0796 4008 Sfloppy - ok

20:43:14.0906 4008 Simbad - ok

20:43:14.0968 4008 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

20:43:14.0984 4008 SLIP - ok

20:43:15.0109 4008 SoftFax (d9e8e0ce154a2f6430d9efabdf730867) C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys

20:43:15.0109 4008 SoftFax - ok

20:43:15.0187 4008 Sparrow - ok

20:43:15.0281 4008 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

20:43:15.0296 4008 splitter - ok

20:43:15.0468 4008 sptd (a199171385be17973fd800fa91f8f78a) C:\WINDOWS\system32\Drivers\sptd.sys

20:43:15.0468 4008 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a199171385be17973fd800fa91f8f78a

20:43:15.0484 4008 sptd ( LockedFile.Multi.Generic ) - warning

20:43:15.0484 4008 sptd - detected LockedFile.Multi.Generic (1)

20:43:15.0625 4008 sr (fed2cba52dea63891c1e22ec3c72ed47) C:\WINDOWS\system32\DRIVERS\sr.sys

20:43:15.0640 4008 sr - ok

20:43:15.0781 4008 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

20:43:15.0796 4008 Srv - ok

20:43:15.0953 4008 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

20:43:15.0953 4008 streamip - ok

20:43:16.0046 4008 su7thunq (04f76bc3aff4dd42a0ff860c8e70acc8) C:\WINDOWS\system32\drivers\su7thunq.sys

20:43:16.0046 4008 su7thunq - ok

20:43:16.0171 4008 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

20:43:16.0171 4008 swenum - ok

20:43:16.0312 4008 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

20:43:16.0312 4008 swmidi - ok

20:43:16.0390 4008 symc810 - ok

20:43:16.0453 4008 symc8xx - ok

20:43:16.0500 4008 sym_hi - ok

20:43:16.0593 4008 sym_u3 - ok

20:43:16.0734 4008 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

20:43:16.0734 4008 sysaudio - ok

20:43:16.0890 4008 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:43:16.0953 4008 Tcpip - ok

20:43:17.0093 4008 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

20:43:17.0109 4008 TDPIPE - ok

20:43:17.0234 4008 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

20:43:17.0250 4008 TDTCP - ok

20:43:17.0375 4008 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

20:43:17.0390 4008 TermDD - ok

20:43:17.0484 4008 TfFsMon (a56ec942ecabfb7849bfa76060f929fb) C:\WINDOWS\system32\drivers\TfFsMon.sys

20:43:17.0515 4008 TfFsMon - ok

20:43:17.0671 4008 TfNetMon (917ef522563f6047685486efa486fb3c) C:\WINDOWS\system32\drivers\TfNetMon.sys

20:43:17.0687 4008 TfNetMon - ok

20:43:17.0828 4008 TfSysMon (57edbb5fe7ff09bb21121d13bb950ba5) C:\WINDOWS\system32\drivers\TfSysMon.sys

20:43:17.0828 4008 TfSysMon - ok

20:43:17.0984 4008 Tones (8021a499db46b2961c285168671cb9af) C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys

20:43:17.0984 4008 Tones - ok

20:43:18.0093 4008 TosIde - ok

20:43:18.0187 4008 Trufos (b1f9b01f90f08ed91af5a7d3ed66148c) C:\WINDOWS\system32\DRIVERS\Trufos.sys

20:43:18.0203 4008 Trufos - ok

20:43:18.0328 4008 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

20:43:18.0359 4008 Udfs - ok

20:43:18.0437 4008 ultra - ok

20:43:18.0531 4008 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

20:43:18.0562 4008 Update - ok

20:43:18.0718 4008 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

20:43:18.0718 4008 usbaudio - ok

20:43:18.0859 4008 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:43:18.0859 4008 usbccgp - ok

20:43:19.0000 4008 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

20:43:19.0000 4008 usbehci - ok

20:43:19.0156 4008 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:43:19.0156 4008 usbhub - ok

20:43:19.0328 4008 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:43:19.0343 4008 usbprint - ok

20:43:19.0484 4008 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:43:19.0484 4008 usbscan - ok

20:43:19.0578 4008 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

20:43:19.0593 4008 usbser - ok

20:43:19.0703 4008 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:43:19.0718 4008 USBSTOR - ok

20:43:19.0843 4008 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:43:19.0843 4008 usbuhci - ok

20:43:19.0953 4008 uzqwnzm2 (d565ad44c6c4d934afad3ca4196b09aa) C:\WINDOWS\system32\Drivers\uzqwnzm2.sys

20:43:19.0953 4008 uzqwnzm2 - ok

20:43:20.0078 4008 V124 (269c0ade94b90029b12497747be408cb) C:\WINDOWS\system32\DRIVERS\HSF_V124.sys

20:43:20.0093 4008 V124 - ok

20:43:20.0234 4008 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

20:43:20.0250 4008 VgaSave - ok

20:43:20.0343 4008 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys

20:43:20.0343 4008 viaagp1 - ok

20:43:20.0484 4008 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

20:43:20.0500 4008 ViaIde - ok

20:43:20.0640 4008 viasraid (1493f351e5a4b915fb5bbb735c14004b) C:\WINDOWS\system32\drivers\viasraid.sys

20:43:20.0640 4008 viasraid - ok

20:43:20.0750 4008 VolSnap (ae449a0f2fde17a61390049d30849c8d) C:\WINDOWS\system32\drivers\VolSnap.sys

20:43:20.0750 4008 VolSnap - ok

20:43:20.0906 4008 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:43:20.0906 4008 Wanarp - ok

20:43:21.0062 4008 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

20:43:21.0125 4008 Wdf01000 - ok

20:43:21.0234 4008 WDICA - ok

20:43:21.0343 4008 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

20:43:21.0343 4008 wdmaud - ok

20:43:21.0484 4008 winachsf (1225ebea76aac3c84df6c54fe5e5d8be) C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys

20:43:21.0515 4008 winachsf - ok

20:43:21.0734 4008 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

20:43:21.0734 4008 WpdUsb - ok

20:43:21.0875 4008 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

20:43:21.0890 4008 WS2IFSL - ok

20:43:22.0000 4008 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

20:43:22.0000 4008 WSTCODEC - ok

20:43:22.0125 4008 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

20:43:22.0140 4008 WudfPf - ok

20:43:22.0281 4008 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

20:43:22.0281 4008 WudfRd - ok

20:43:22.0375 4008 MBR (0x1B8) (6573d157a3dffd65292c07911ac353a2) \Device\Harddisk0\DR0

20:43:22.0609 4008 \Device\Harddisk0\DR0 - ok

20:43:22.0640 4008 Boot (0x1200) (4a7440256efabef6e7042997f43617bb) \Device\Harddisk0\DR0\Partition0

20:43:22.0640 4008 \Device\Harddisk0\DR0\Partition0 - ok

20:43:22.0640 4008 ============================================================

20:43:22.0640 4008 Scan finished

20:43:22.0640 4008 ============================================================

20:43:22.0687 3600 Detected object count: 1

20:43:22.0687 3600 Actual detected object count: 1

20:43:27.0765 3600 sptd ( LockedFile.Multi.Generic ) - skipped by user

20:43:27.0765 3600 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

20:43:30.0578 3248 Deinitialize success

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.