Jump to content

Google Redirect Virus


Recommended Posts

Hello xknightx and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictlya and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

In your next post, please include:

  • TDSSKiller log
  • ComboFix log

Link to post
Share on other sites

ComboFix 12-03-07.05 - WONTON 03/07/2012 16:50:50.1.1 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.595 [GMT -5:00]

Running from: c:\users\WONTON\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\root

c:\users\WONTON\AppData\Roaming\2K Sports\2K Sports\xiuzb.dll

c:\windows\security\Database\tmp.edb

.

.

((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))))

.

.

2012-03-07 17:17 . 2012-03-07 17:17 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2012-03-07 04:47 . 2012-03-07 04:47 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0C23402-23B9-446E-821F-C28ADBABD8A9}\offreg.dll

2012-03-06 14:15 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0C23402-23B9-446E-821F-C28ADBABD8A9}\mpengine.dll

2012-02-29 21:39 . 2012-02-29 21:39 -------- d-----w- c:\users\WONTON\AppData\Roaming\Red Kawa

2012-02-26 13:20 . 2012-02-26 13:20 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll

2012-02-26 13:20 . 2012-02-26 13:20 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll

2012-02-26 13:20 . 2012-02-26 13:20 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll

2012-02-26 13:20 . 2012-02-26 13:20 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll

2012-02-16 19:17 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-16 19:17 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-16 19:17 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-16 19:17 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-16 19:17 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-16 19:17 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-16 19:17 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-16 19:17 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-07 17:16 . 2011-05-30 16:04 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-02-23 14:18 . 2011-05-30 16:08 279656 ------w- c:\windows\system32\MpSigStub.exe

2011-12-14 18:48 . 2011-12-14 18:48 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-12-14 18:48 . 2011-12-14 18:48 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-12-10 20:24 . 2011-07-19 14:08 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-14 137536]

"Akamai NetSession Interface"="c:\users\WONTON\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe"

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]

R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]

R3 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]

R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2010-02-05 98208]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-12 19968]

S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacom\amd64\novacomd.exe [2010-01-12 46080]

S2 SCManager;SafeConnect Manager;c:\program files (x86)\SafeConnect\scManager.sys servicestart [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Contents of the 'Scheduled Tasks' folder

.

2012-03-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1631037071-2651441403-472913841-1002Core.job

- c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-14 00:10]

.

2012-03-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1631037071-2651441403-472913841-1002UA.job

- c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-14 00:10]

.

2012-02-22 c:\windows\Tasks\HPCeeScheduleForWONTON.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 21:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-05-30 6489704]

"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2010-02-05 995840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

uDefault_Search_URL = hxxp://www.google.com/ie

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = 127.0.0.1:9421

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

FF - ProfilePath - c:\users\WONTON\AppData\Roaming\Mozilla\Firefox\Profiles\gqwtsqxc.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-HP webOS® Doctor Build Sprint.275.271, webOS 1.4.5 - c:\windows\system32\javaws.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

c:\program files (x86)\SafeConnect\scManager.sys

.

**************************************************************************

.

Completion time: 2012-03-07 17:16:58 - machine was rebooted

ComboFix-quarantined-files.txt 2012-03-07 22:16

.

Pre-Run: 80,117,207,040 bytes free

Post-Run: 80,828,416,000 bytes free

.

- - End Of File - - 12D568554FC1A0CFE11A5D5DA5C49920

Link to post
Share on other sites

16:39:57.0877 4884 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39

16:39:58.0235 4884 ============================================================

16:39:58.0235 4884 Current date / time: 2012/03/07 16:39:58.0235

16:39:58.0235 4884 SystemInfo:

16:39:58.0235 4884

16:39:58.0235 4884 OS Version: 6.1.7601 ServicePack: 1.0

16:39:58.0235 4884 Product type: Workstation

16:39:58.0235 4884 ComputerName: JUANBRIONES-PC

16:39:58.0235 4884 UserName: WONTON

16:39:58.0235 4884 Windows directory: C:\Windows

16:39:58.0235 4884 System windows directory: C:\Windows

16:39:58.0235 4884 Running under WOW64

16:39:58.0235 4884 Processor architecture: Intel x64

16:39:58.0235 4884 Number of processors: 1

16:39:58.0235 4884 Page size: 0x1000

16:39:58.0235 4884 Boot type: Normal boot

16:39:58.0235 4884 ============================================================

16:40:00.0622 4884 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:40:00.0622 4884 \Device\Harddisk0\DR0:

16:40:00.0622 4884 MBR used

16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B608000

16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B66C000, BlocksNum 0x1B25800

16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970

16:40:00.0716 4884 Initialize success

16:40:00.0716 4884 ============================================================

16:40:14.0725 2840 ============================================================

16:40:14.0725 2840 Scan started

16:40:14.0725 2840 Mode: Manual; SigCheck; TDLFS;

16:40:14.0725 2840 ============================================================

16:40:16.0503 2840 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:40:16.0675 2840 1394ohci - ok

16:40:16.0815 2840 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:40:16.0831 2840 ACPI - ok

16:40:16.0893 2840 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:40:16.0987 2840 AcpiPmi - ok

16:40:17.0111 2840 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:40:17.0143 2840 adp94xx - ok

16:40:17.0174 2840 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:40:17.0189 2840 adpahci - ok

16:40:17.0236 2840 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:40:17.0252 2840 adpu320 - ok

16:40:17.0408 2840 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:40:17.0486 2840 AFD - ok

16:40:17.0595 2840 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:40:17.0611 2840 agp440 - ok

16:40:18.0001 2840 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:40:18.0016 2840 aliide - ok

16:40:18.0157 2840 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:40:18.0157 2840 amdide - ok

16:40:18.0219 2840 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:40:18.0297 2840 AmdK8 - ok

16:40:18.0578 2840 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys

16:40:18.0890 2840 amdkmdag - ok

16:40:19.0030 2840 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys

16:40:19.0093 2840 amdkmdap - ok

16:40:19.0155 2840 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:40:19.0202 2840 AmdPPM - ok

16:40:19.0311 2840 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys

16:40:19.0342 2840 amdsata - ok

16:40:19.0405 2840 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:40:19.0420 2840 amdsbs - ok

16:40:19.0451 2840 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys

16:40:19.0467 2840 amdxata - ok

16:40:19.0545 2840 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:40:19.0748 2840 AppID - ok

16:40:19.0873 2840 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:40:19.0888 2840 arc - ok

16:40:19.0935 2840 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:40:19.0951 2840 arcsas - ok

16:40:20.0060 2840 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys

16:40:20.0075 2840 aswFsBlk - ok

16:40:20.0200 2840 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys

16:40:20.0216 2840 aswMonFlt - ok

16:40:20.0231 2840 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys

16:40:20.0247 2840 aswRdr - ok

16:40:20.0278 2840 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys

16:40:20.0294 2840 aswSnx - ok

16:40:20.0325 2840 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys

16:40:20.0341 2840 aswSP - ok

16:40:20.0372 2840 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys

16:40:20.0387 2840 aswTdi - ok

16:40:20.0434 2840 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:40:20.0606 2840 AsyncMac - ok

16:40:20.0715 2840 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:40:20.0731 2840 atapi - ok

16:40:20.0855 2840 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys

16:40:20.0980 2840 athr - ok

16:40:21.0089 2840 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys

16:40:21.0105 2840 AtiPcie - ok

16:40:21.0245 2840 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:40:21.0292 2840 b06bdrv - ok

16:40:21.0417 2840 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:40:21.0495 2840 b57nd60a - ok

16:40:21.0542 2840 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:40:21.0620 2840 Beep - ok

16:40:21.0807 2840 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:40:21.0838 2840 blbdrive - ok

16:40:21.0901 2840 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:40:21.0979 2840 bowser - ok

16:40:22.0103 2840 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:40:22.0181 2840 BrFiltLo - ok

16:40:22.0291 2840 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:40:22.0306 2840 BrFiltUp - ok

16:40:22.0337 2840 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:40:22.0400 2840 Brserid - ok

16:40:22.0493 2840 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:40:22.0540 2840 BrSerWdm - ok

16:40:22.0587 2840 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:40:22.0618 2840 BrUsbMdm - ok

16:40:22.0649 2840 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:40:22.0681 2840 BrUsbSer - ok

16:40:22.0743 2840 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:40:22.0774 2840 BTHMODEM - ok

16:40:22.0915 2840 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:40:22.0977 2840 cdfs - ok

16:40:23.0164 2840 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:40:23.0227 2840 cdrom - ok

16:40:23.0383 2840 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:40:23.0429 2840 circlass - ok

16:40:23.0476 2840 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:40:23.0507 2840 CLFS - ok

16:40:23.0601 2840 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:40:23.0632 2840 CmBatt - ok

16:40:23.0726 2840 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:40:23.0741 2840 cmdide - ok

16:40:23.0804 2840 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:40:23.0835 2840 CNG - ok

16:40:23.0975 2840 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:40:23.0991 2840 Compbatt - ok

16:40:24.0053 2840 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

16:40:24.0100 2840 CompositeBus - ok

16:40:24.0241 2840 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:40:24.0256 2840 crcdisk - ok

16:40:24.0397 2840 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:40:24.0459 2840 DfsC - ok

16:40:24.0490 2840 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:40:24.0553 2840 discache - ok

16:40:24.0693 2840 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:40:24.0709 2840 Disk - ok

16:40:24.0802 2840 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:40:24.0833 2840 drmkaud - ok

16:40:25.0099 2840 dump_wmimmc - ok

16:40:25.0239 2840 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:40:25.0270 2840 DXGKrnl - ok

16:40:25.0379 2840 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:40:25.0504 2840 ebdrv - ok

16:40:25.0660 2840 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:40:25.0691 2840 elxstor - ok

16:40:25.0738 2840 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:40:25.0785 2840 ErrDev - ok

16:40:25.0941 2840 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:40:26.0003 2840 exfat - ok

16:40:26.0035 2840 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:40:26.0113 2840 fastfat - ok

16:40:26.0253 2840 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:40:26.0300 2840 fdc - ok

16:40:26.0425 2840 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:40:26.0440 2840 FileInfo - ok

16:40:26.0456 2840 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:40:26.0534 2840 Filetrace - ok

16:40:26.0659 2840 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:40:26.0674 2840 flpydisk - ok

16:40:26.0752 2840 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:40:26.0768 2840 FltMgr - ok

16:40:26.0846 2840 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:40:26.0846 2840 FsDepends - ok

16:40:26.0877 2840 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:40:26.0877 2840 Fs_Rec - ok

16:40:26.0955 2840 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:40:26.0971 2840 fvevol - ok

16:40:27.0111 2840 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:40:27.0111 2840 gagp30kx - ok

16:40:27.0220 2840 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:40:27.0283 2840 hcw85cir - ok

16:40:27.0423 2840 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:40:27.0439 2840 HdAudAddService - ok

16:40:27.0470 2840 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

16:40:27.0517 2840 HDAudBus - ok

16:40:27.0563 2840 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:40:27.0595 2840 HidBatt - ok

16:40:27.0626 2840 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:40:27.0688 2840 HidBth - ok

16:40:27.0735 2840 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:40:27.0782 2840 HidIr - ok

16:40:27.0907 2840 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:40:27.0969 2840 HidUsb - ok

16:40:28.0187 2840 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:40:28.0203 2840 HpSAMD - ok

16:40:28.0297 2840 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:40:28.0375 2840 HTTP - ok

16:40:28.0421 2840 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:40:28.0437 2840 hwpolicy - ok

16:40:28.0515 2840 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:40:28.0531 2840 i8042prt - ok

16:40:28.0593 2840 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:40:28.0624 2840 iaStorV - ok

16:40:28.0952 2840 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

16:40:29.0233 2840 igfx - ok

16:40:29.0389 2840 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:40:29.0404 2840 iirsp - ok

16:40:29.0498 2840 IntcAzAudAddService (d311e2dd59a34079d89c249b2a4d9fdb) C:\Windows\system32\drivers\RTKVHD64.sys

16:40:29.0607 2840 IntcAzAudAddService - ok

16:40:29.0732 2840 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:40:29.0732 2840 intelide - ok

16:40:29.0794 2840 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:40:29.0825 2840 intelppm - ok

16:40:29.0981 2840 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:40:30.0028 2840 IpFilterDriver - ok

16:40:30.0091 2840 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:40:30.0122 2840 IPMIDRV - ok

16:40:30.0184 2840 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:40:30.0278 2840 IPNAT - ok

16:40:30.0325 2840 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:40:30.0418 2840 IRENUM - ok

16:40:30.0512 2840 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:40:30.0527 2840 isapnp - ok

16:40:30.0590 2840 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:40:30.0605 2840 iScsiPrt - ok

16:40:30.0652 2840 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:40:30.0668 2840 kbdclass - ok

16:40:30.0761 2840 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

16:40:30.0793 2840 kbdhid - ok

16:40:30.0855 2840 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:40:30.0871 2840 KSecDD - ok

16:40:30.0902 2840 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:40:30.0917 2840 KSecPkg - ok

16:40:30.0980 2840 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:40:31.0058 2840 ksthunk - ok

16:40:31.0214 2840 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:40:31.0229 2840 LHidFilt - ok

16:40:31.0495 2840 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:40:31.0541 2840 lltdio - ok

16:40:31.0666 2840 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:40:31.0682 2840 LMouFilt - ok

16:40:31.0760 2840 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:40:31.0775 2840 LSI_FC - ok

16:40:31.0900 2840 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:40:31.0916 2840 LSI_SAS - ok

16:40:32.0056 2840 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:40:32.0072 2840 LSI_SAS2 - ok

16:40:32.0103 2840 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:40:32.0119 2840 LSI_SCSI - ok

16:40:32.0165 2840 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:40:32.0228 2840 luafv - ok

16:40:32.0353 2840 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

16:40:32.0368 2840 mcdbus - ok

16:40:32.0431 2840 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:40:32.0446 2840 megasas - ok

16:40:32.0493 2840 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:40:32.0509 2840 MegaSR - ok

16:40:32.0618 2840 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:40:32.0727 2840 Modem - ok

16:40:33.0148 2840 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:40:33.0195 2840 monitor - ok

16:40:33.0335 2840 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:40:33.0351 2840 mouclass - ok

16:40:33.0476 2840 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:40:33.0507 2840 mouhid - ok

16:40:33.0601 2840 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:40:33.0647 2840 mountmgr - ok

16:40:34.0583 2840 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:40:34.0599 2840 mpio - ok

16:40:34.0927 2840 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:40:35.0129 2840 mpsdrv - ok

16:40:35.0379 2840 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:40:35.0473 2840 MRxDAV - ok

16:40:35.0582 2840 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:40:35.0644 2840 mrxsmb - ok

16:40:35.0691 2840 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:40:35.0722 2840 mrxsmb10 - ok

16:40:35.0785 2840 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:40:35.0800 2840 mrxsmb20 - ok

16:40:35.0847 2840 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:40:35.0863 2840 msahci - ok

16:40:35.0909 2840 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:40:35.0925 2840 msdsm - ok

16:40:35.0987 2840 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:40:36.0034 2840 Msfs - ok

16:40:36.0143 2840 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:40:36.0221 2840 mshidkmdf - ok

16:40:36.0284 2840 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:40:36.0299 2840 msisadrv - ok

16:40:36.0377 2840 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:40:36.0502 2840 MSKSSRV - ok

16:40:37.0064 2840 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:40:37.0126 2840 MSPCLOCK - ok

16:40:37.0267 2840 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:40:37.0329 2840 MSPQM - ok

16:40:37.0828 2840 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:40:37.0859 2840 MsRPC - ok

16:40:37.0922 2840 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

16:40:37.0937 2840 mssmbios - ok

16:40:38.0000 2840 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:40:38.0140 2840 MSTEE - ok

16:40:38.0530 2840 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:40:38.0671 2840 MTConfig - ok

16:40:38.0764 2840 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:40:38.0780 2840 Mup - ok

16:40:39.0435 2840 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:40:39.0497 2840 NativeWifiP - ok

16:40:39.0622 2840 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

16:40:39.0653 2840 NDIS - ok

16:40:39.0731 2840 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:40:39.0794 2840 NdisCap - ok

16:40:39.0919 2840 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:40:39.0981 2840 NdisTapi - ok

16:40:40.0121 2840 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:40:40.0184 2840 Ndisuio - ok

16:40:40.0231 2840 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:40:40.0293 2840 NdisWan - ok

16:40:40.0340 2840 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:40:40.0418 2840 NDProxy - ok

16:40:40.0480 2840 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:40:40.0543 2840 NetBIOS - ok

16:40:40.0605 2840 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:40:40.0667 2840 NetBT - ok

16:40:40.0917 2840 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

16:40:41.0135 2840 netw5v64 - ok

16:40:41.0245 2840 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:40:41.0260 2840 nfrd960 - ok

16:40:41.0307 2840 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:40:41.0385 2840 Npfs - ok

16:40:41.0479 2840 NPPTNT2 - ok

16:40:41.0557 2840 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:40:41.0619 2840 nsiproxy - ok

16:40:41.0822 2840 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:40:41.0916 2840 Ntfs - ok

16:40:41.0931 2840 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:40:42.0009 2840 Null - ok

16:40:42.0399 2840 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:40:42.0415 2840 nvraid - ok

16:40:42.0493 2840 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:40:42.0508 2840 nvstor - ok

16:40:42.0555 2840 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:40:42.0571 2840 nv_agp - ok

16:40:42.0649 2840 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:40:42.0711 2840 ohci1394 - ok

16:40:42.0774 2840 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:40:42.0789 2840 Parport - ok

16:40:42.0852 2840 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:40:42.0852 2840 partmgr - ok

16:40:42.0945 2840 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:40:42.0961 2840 pci - ok

16:40:43.0008 2840 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:40:43.0039 2840 pciide - ok

16:40:43.0070 2840 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:40:43.0086 2840 pcmcia - ok

16:40:43.0117 2840 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:40:43.0117 2840 pcw - ok

16:40:43.0164 2840 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:40:43.0242 2840 PEAUTH - ok

16:40:43.0366 2840 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:40:43.0444 2840 PptpMiniport - ok

16:40:43.0491 2840 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:40:43.0538 2840 Processor - ok

16:40:43.0632 2840 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:40:43.0694 2840 Psched - ok

16:40:43.0772 2840 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:40:43.0834 2840 ql2300 - ok

16:40:44.0006 2840 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:40:44.0022 2840 ql40xx - ok

16:40:44.0053 2840 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:40:44.0115 2840 QWAVEdrv - ok

16:40:44.0131 2840 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:40:44.0287 2840 RasAcd - ok

16:40:44.0334 2840 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:40:44.0380 2840 RasAgileVpn - ok

16:40:44.0443 2840 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:40:44.0536 2840 Rasl2tp - ok

16:40:44.0646 2840 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:40:44.0817 2840 RasPppoe - ok

16:40:45.0192 2840 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:40:45.0270 2840 RasSstp - ok

16:40:45.0379 2840 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:40:45.0441 2840 rdbss - ok

16:40:45.0488 2840 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:40:45.0691 2840 rdpbus - ok

16:40:45.0847 2840 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:40:45.0925 2840 RDPCDD - ok

16:40:46.0065 2840 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:40:46.0143 2840 RDPENCDD - ok

16:40:46.0190 2840 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:40:46.0221 2840 RDPREFMP - ok

16:40:46.0284 2840 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

16:40:46.0330 2840 RDPWD - ok

16:40:46.0393 2840 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:40:46.0408 2840 rdyboost - ok

16:40:46.0486 2840 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:40:46.0549 2840 rspndr - ok

16:40:46.0674 2840 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\system32\Drivers\RtsUStor.sys

16:40:46.0689 2840 RSUSBSTOR - ok

16:40:46.0830 2840 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

16:40:46.0845 2840 RTL8167 - ok

16:40:47.0001 2840 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:40:47.0017 2840 sbp2port - ok

16:40:47.0110 2840 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:40:47.0188 2840 scfilter - ok

16:40:47.0485 2840 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

16:40:47.0547 2840 sdbus - ok

16:40:47.0672 2840 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:40:47.0781 2840 secdrv - ok

16:40:47.0906 2840 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:40:47.0968 2840 Serenum - ok

16:40:48.0015 2840 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:40:48.0031 2840 Serial - ok

16:40:48.0093 2840 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:40:48.0140 2840 sermouse - ok

16:40:48.0234 2840 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:40:48.0296 2840 sffdisk - ok

16:40:48.0343 2840 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:40:48.0374 2840 sffp_mmc - ok

16:40:48.0405 2840 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:40:48.0483 2840 sffp_sd - ok

16:40:48.0530 2840 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:40:48.0530 2840 sfloppy - ok

16:40:48.0592 2840 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:40:48.0608 2840 SiSRaid2 - ok

16:40:48.0624 2840 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:40:48.0639 2840 SiSRaid4 - ok

16:40:48.0686 2840 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:40:48.0748 2840 Smb - ok

16:40:48.0889 2840 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:40:48.0889 2840 spldr - ok

16:40:48.0967 2840 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:40:49.0076 2840 srv - ok

16:40:49.0201 2840 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:40:49.0232 2840 srv2 - ok

16:40:49.0294 2840 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

16:40:49.0341 2840 SrvHsfHDA - ok

16:40:49.0388 2840 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

16:40:49.0482 2840 SrvHsfV92 - ok

16:40:49.0591 2840 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

16:40:49.0622 2840 SrvHsfWinac - ok

16:40:49.0684 2840 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:40:49.0716 2840 srvnet - ok

16:40:49.0872 2840 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:40:49.0887 2840 stexstor - ok

16:40:50.0028 2840 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

16:40:50.0043 2840 swenum - ok

16:40:50.0230 2840 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys

16:40:50.0246 2840 SynTP - ok

16:40:50.0386 2840 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys

16:40:50.0386 2840 tbhsd - ok

16:40:50.0480 2840 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:40:50.0558 2840 Tcpip - ok

16:40:50.0714 2840 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:40:50.0745 2840 TCPIP6 - ok

16:40:50.0823 2840 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:40:50.0870 2840 tcpipreg - ok

16:40:50.0979 2840 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:40:51.0057 2840 TDPIPE - ok

16:40:51.0166 2840 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:40:51.0229 2840 TDTCP - ok

16:40:51.0307 2840 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:40:51.0338 2840 tdx - ok

16:40:51.0400 2840 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

16:40:51.0416 2840 TermDD - ok

16:40:51.0510 2840 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:40:51.0588 2840 tssecsrv - ok

16:40:51.0666 2840 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:40:51.0697 2840 TsUsbFlt - ok

16:40:51.0822 2840 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:40:51.0900 2840 tunnel - ok

16:40:51.0946 2840 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:40:51.0962 2840 uagp35 - ok

16:40:52.0024 2840 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:40:52.0087 2840 udfs - ok

16:40:52.0149 2840 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:40:52.0165 2840 uliagpkx - ok

16:40:52.0227 2840 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

16:40:52.0290 2840 umbus - ok

16:40:52.0352 2840 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:40:52.0414 2840 UmPass - ok

16:40:52.0508 2840 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:40:52.0539 2840 usbccgp - ok

16:40:52.0602 2840 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:40:52.0648 2840 usbcir - ok

16:40:52.0742 2840 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

16:40:52.0789 2840 usbehci - ok

16:40:52.0867 2840 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys

16:40:52.0882 2840 usbfilter - ok

16:40:52.0960 2840 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:40:53.0007 2840 usbhub - ok

16:40:53.0054 2840 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

16:40:53.0085 2840 usbohci - ok

16:40:53.0132 2840 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:40:53.0179 2840 usbprint - ok

16:40:53.0241 2840 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:40:53.0288 2840 USBSTOR - ok

16:40:53.0304 2840 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

16:40:53.0350 2840 usbuhci - ok

16:40:53.0491 2840 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

16:40:53.0522 2840 usbvideo - ok

16:40:53.0600 2840 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:40:53.0616 2840 vdrvroot - ok

16:40:53.0662 2840 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:40:53.0678 2840 vga - ok

16:40:53.0709 2840 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:40:53.0772 2840 VgaSave - ok

16:40:53.0834 2840 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:40:53.0850 2840 vhdmp - ok

16:40:53.0865 2840 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:40:53.0881 2840 viaide - ok

16:40:53.0928 2840 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:40:53.0943 2840 volmgr - ok

16:40:54.0006 2840 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:40:54.0021 2840 volmgrx - ok

16:40:54.0052 2840 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:40:54.0068 2840 volsnap - ok

16:40:54.0130 2840 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:40:54.0146 2840 vsmraid - ok

16:40:54.0177 2840 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

16:40:54.0208 2840 vwifibus - ok

16:40:54.0255 2840 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

16:40:54.0318 2840 vwififlt - ok

16:40:54.0427 2840 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

16:40:54.0458 2840 vwifimp - ok

16:40:54.0489 2840 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:40:54.0536 2840 WacomPen - ok

16:40:54.0614 2840 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:40:54.0676 2840 WANARP - ok

16:40:54.0708 2840 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:40:54.0739 2840 Wanarpv6 - ok

16:40:54.0879 2840 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:40:54.0879 2840 Wd - ok

16:40:54.0926 2840 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:40:54.0957 2840 Wdf01000 - ok

16:40:55.0144 2840 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:40:55.0176 2840 WfpLwf - ok

16:40:55.0207 2840 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:40:55.0222 2840 WIMMount - ok

16:40:55.0425 2840 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

16:40:55.0488 2840 WinUsb - ok

16:40:55.0534 2840 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

16:40:55.0581 2840 WmiAcpi - ok

16:40:55.0644 2840 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:40:55.0706 2840 ws2ifsl - ok

16:40:55.0784 2840 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:40:55.0846 2840 WudfPf - ok

16:40:55.0987 2840 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:40:56.0065 2840 WUDFRd - ok

16:40:56.0158 2840 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

16:40:56.0205 2840 yukonw7 - ok

16:40:56.0283 2840 MBR (0x1B8) (c7c5a62a86001f377a0ba5fd78832cb9) \Device\Harddisk0\DR0

16:40:56.0361 2840 \Device\Harddisk0\DR0 - ok

16:40:56.0408 2840 Boot (0x1200) (f9f904bdb3f62284fa5a3469b7bb1f57) \Device\Harddisk0\DR0\Partition0

16:40:56.0408 2840 \Device\Harddisk0\DR0\Partition0 - ok

16:40:56.0424 2840 Boot (0x1200) (479558340bf6f6aa3a07fb4de2a3dcc9) \Device\Harddisk0\DR0\Partition1

16:40:56.0424 2840 \Device\Harddisk0\DR0\Partition1 - ok

16:40:56.0455 2840 Boot (0x1200) (82fd8e2bb8025e546e693a680478f8df) \Device\Harddisk0\DR0\Partition2

16:40:56.0470 2840 \Device\Harddisk0\DR0\Partition2 - ok

16:40:56.0486 2840 Boot (0x1200) (9419597aa33157577c1bc23e78202911) \Device\Harddisk0\DR0\Partition3

16:40:56.0486 2840 \Device\Harddisk0\DR0\Partition3 - ok

16:40:56.0502 2840 ============================================================

16:40:56.0502 2840 Scan finished

16:40:56.0502 2840 ============================================================

16:40:56.0517 2872 Detected object count: 0

16:40:56.0517 2872 Actual detected object count: 0

16:41:53.0083 4548 Deinitialize success

Link to post
Share on other sites

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Most likely rootkit. Probelemat is that neither TDSSKiller, nor opened ComboFix or remove something to show exactly what is the infection. At startup, ComboFix restore some settings that most malware changed. I guess that is what had an effect.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.