Jump to content

ESET NOD32 A/V continuously blocking attempted connections to clkh71yhks66.com and zl00zxcv1.com


Recommended Posts

Hey all,

I"m actually having the same issue as this user: http://forums.malwarebytes.org/lofiversion...php?t57224.html

Everytime I open up Firefox, ESET NOD32 keeps displaying a notification that it has blocked an address, usually from an ip address of 61.212.226.179, with a url of gth656yhyk7jk765rsghzl00zxcv1.com.Next time I will do a print screen.

NOD32 keeps blocking the address, Can anyone give me any advice? Thank you!

I know that Borislav(Minacs) help someone from here

Link to post
Share on other sites

Hey all,

I"m actually having the same issue as this user: http://forums.malwarebytes.org/lofiversion...php?t57224.html

Everytime I open up Firefox, ESET NOD32 keeps displaying a notification that it has blocked an address, usually from an ip address of 61.212.226.179, with a url of gth656yhyk7jk765rsghzl00zxcv1.com.Next time I will do a print screen.

NOD32 keeps blocking the address, Can anyone give me any advice? Thank you!

I know that Borislav(Minacs) help someone from here

At the Bottom tight you can see it

Link to post
Share on other sites

Hey all,

I"m actually having the same issue as this user: http://forums.malwarebytes.org/lofiversion...php?t57224.html

Everytime I open up Firefox, ESET NOD32 keeps displaying a notification that it has blocked an address, usually from an ip address of 61.212.226.179, with a url of gth656yhyk7jk765rsghzl00zxcv1.com.Next time I will do a print screen.

NOD32 keeps blocking the address, Can anyone give me any advice? Thank you!

I know that Borislav(Minacs) help someone from here

At the Bottom tight you can see it post-62752-1292379235_thumb.png

Link to post
Share on other sites

Hey all,

I"m actually having the same issue as this user: http://forums.malwarebytes.org/lofiversion...php?t57224.html

Everytime I open up Firefox, ESET NOD32 keeps displaying a notification that it has blocked an address, usually from an ip address of 61.212.226.179, with a url of gth656yhyk7jk765rsghzl00zxcv1.com.Next time I will do a print screen.

NOD32 keeps blocking the address, Can anyone give me any advice? Thank you!

I know that Borislav(Minacs) help someone from here

At the Bottom tight you can see it post-62752-1292379235_thumb.png

Link to post
Share on other sites

Hello Chocobo1984! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Step 2

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

  • :\_OTL\Moved Files
    • in most cases this will be C:\_OTL\Moved Files

In your next reply, please include these log(s):

  1. Malwarebytes' Anti-Malware log
  2. OTL log with Extras.txt

Link to post
Share on other sites

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:files
C:\Users\Chocobo1984\AppData\Local\Wvecimakigej.dat
C:\Users\Chocobo1984\AppData\Local\Xbohipavurog.bin

:Commands
[purity]
[emptytemp]
[resethosts]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log"
  • Please post that log in your next reply.

Link to post
Share on other sites

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:files
C:\Users\Chocobo1984\AppData\Local\Wvecimakigej.dat
C:\Users\Chocobo1984\AppData\Local\Xbohipavurog.bin

:Commands
[purity]
[emptytemp]
[resethosts]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log"
  • Please post that log in your next reply.

I dont understand this one

Can you find me an english OTL?

you want me to redo OTL?

when i check on the OTL.txt files i did not find those code that you have posted

Link to post
Share on other sites

@kredda, this script is not for you!!!

@Chocobo1984, you kidding me....

My second step for you was to download OTL and save it on your Desktop. I want to run this tool again (OTL.exe on your desktop), to post this script in the white empty box.

Do you need screenshot?

Link to post
Share on other sites

@kredda, this script is not for you!!!

@Chocobo1984, you kidding me....

My second step for you was to download OTL and save it on your Desktop. I want to run this tool again (OTL.exe on your desktop), to post this script in the white empty box.

Do you need screenshot?

Sorry because i have the french version and i went to see the english version and i did understand what you are saying i was searching for custom but in french its was personnalisation thats why i did not understand where to put the "codes"

Link to post
Share on other sites

All processes killed

========== FILES ==========

C:\Users\Chocobo1984\AppData\Local\Wvecimakigej.dat moved successfully.

C:\Users\Chocobo1984\AppData\Local\Xbohipavurog.bin moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chocobo1984

->Temp folder emptied: 118921663 bytes

->Temporary Internet Files folder emptied: 56065633 bytes

->Java cache emptied: 48766 bytes

->FireFox cache emptied: 90858719 bytes

->Flash cache emptied: 2866077 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 2358078 bytes

RecycleBin emptied: 5084688 bytes

Total Files Cleaned = 263,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.17.3 log created on 12202010_222748

Files\Folders moved on Reboot...

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DF07DB11AD13424111.TMP not found!

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DF234548AF659CA8B6.TMP not found!

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DF48F67DFE6E2CF262.TMP not found!

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DF89A90AE336E3A060.TMP not found!

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DFBA857A9FF1F0F8E2.TMP not found!

File\Folder C:\Users\Chocobo1984\AppData\Local\Temp\~DFEE2DADE4C12411EF.TMP not found!

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GD2B0FP2\ads[9].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GD2B0FP2\reply[1].html moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GD2B0FP2\search[4].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DT7D6ZZI\1036609180[1].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DT7D6ZZI\getSegment[1].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DT7D6ZZI\getSegment[2].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DT7D6ZZI\recommendations[1].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ASWPF148\login_status[4].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ASWPF148\otl-by-oldtimer-a-modern-replacement-for-hijackthis[1].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ASWPF148\stats[1].html moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01O23TUT\1036609180[1].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01O23TUT\ads[7].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01O23TUT\index[2].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01O23TUT\index[3].htm moved successfully.

C:\Users\Chocobo1984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

File\Folder C:\Windows\temp\JETF640.tmp not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

I had alot of issue installing COmodo fix.I did like you do rename to Combo-Fix and save it to my desktop.Once double click it run like the 100% and do nothing and 2 times has frozen and 4 times appea the blue screen(you know the blue screen of memory that count 0 to 100)and restart the computer.

Then I decided to go on safe mode and run it it work but then show me this message

post-62752-1293029274_thumb.png

But i already close COmodo the firewall.Then did twice the same thing after reboot i decided to uninstall COmodo Firewall.ONce uninstall i go back to safe mode and it did the same thing showing that anti-spyware comodo defense should be close.Then i think I reboot again and it work finally after more then 1 hour.

Here is the LOG

Oh I did re-install my firewall after Combo-Fix work

ComboFix 10-12-16.05 - Chocobo1984 2010-12-21 22:28:00.1.2 - x86 MINIMAL

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.2038.1401 [GMT -5:00]

Lanc

Link to post
Share on other sites

You did a very nice job! :lol:

Open Notepad and copy and paste the text in the code box below into it:

FCopy::
c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll | c:\windows\System32\user32.dll

Save the file to your desktop and name it CFScript.txt

Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.

Link to post
Share on other sites

Oh man ComboFix and COmodo firewall are given a hard time.

First time ive drag after comodo firewall let it authorize blue screen appear instanly after.

Once it has reboot ive try again it reboot again.OMG

OK I had enough i went to safe mode and it froze there for 5 min...I reboot again in safe mode

And this time work but it says the same thing that Antispyware Comodo is active but in the process its not there and i only did install comodo firewall not antispyware

Then I decided to go on windows to ged rid of Comodo firewall till this issue is finish I will not re-install it.

I dont know what is wrong but maybe my laptop is overheating got 2-3 times bluesreen again in safe mode omg.

After 2-3 blue screen on safe mode again i decided to let laptop rest 10 min.

I decide to put back Comodo firewall put check on google how to disable the defense + and finally after 2h30 IT WORK THERE YOU GO For the LOG HAHA!!

Oh by the way it did not ask me to reboot i save the log and reboot

ComboFix 10-12-16.05 - Chocobo1984 2010-12-23 11:49:38.2.2 - x86 MINIMAL

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.2038.1305 [GMT -5:00]

Lanc

Link to post
Share on other sites

I did check on the log at the beginning I can see

FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Mention I did not desactivate both because i thought on safe mode it would not run those as I check on Task Manager and Process I did not see them

Link to post
Share on other sites

okai I try and it bug like 10 times yesterday ive seen the bluescreen more then 10 times!!

Now i know why it did not work when i drag the file

Because I copied and paste on a notepad but normally when u copy on notepad its suppose to be 1 line but me I went to to end and after | and press enter so the c: could be like under like you wrote

C: and the path

C: and the path

like this and thats why it but to the bluescreen OMG

Theres the file thanks for your patience

ComboFix 10-12-23.05 - Chocobo1984 2010-12-24 9:36.3.2 - x86 MINIMAL

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.2038.1339 [GMT -5:00]

Lanc

Link to post
Share on other sites

Good! :)

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, change it to Cure and then click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

Link to post
Share on other sites

There you go my friend

2010/12/24 11:57:36.0086 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2010/12/24 11:57:36.0086 ================================================================================

2010/12/24 11:57:36.0086 SystemInfo:

2010/12/24 11:57:36.0086

2010/12/24 11:57:36.0086 OS Version: 6.1.7600 ServicePack: 0.0

2010/12/24 11:57:36.0086 Product type: Workstation

2010/12/24 11:57:36.0086 ComputerName: CHOCOBO1984-PC

2010/12/24 11:57:36.0086 UserName: Chocobo1984

2010/12/24 11:57:36.0086 Windows directory: C:\Windows

2010/12/24 11:57:36.0086 System windows directory: C:\Windows

2010/12/24 11:57:36.0086 Processor architecture: Intel x86

2010/12/24 11:57:36.0086 Number of processors: 2

2010/12/24 11:57:36.0086 Page size: 0x1000

2010/12/24 11:57:36.0086 Boot type: Normal boot

2010/12/24 11:57:36.0086 ================================================================================

2010/12/24 11:57:37.0584 Initialize success

2010/12/24 11:58:01.0624 ================================================================================

2010/12/24 11:58:01.0624 Scan started

2010/12/24 11:58:01.0624 Mode: Manual;

2010/12/24 11:58:01.0624 ================================================================================

2010/12/24 11:58:02.0342 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

2010/12/24 11:58:02.0498 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

2010/12/24 11:58:02.0576 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

2010/12/24 11:58:02.0670 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

2010/12/24 11:58:02.0794 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

2010/12/24 11:58:02.0841 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

2010/12/24 11:58:02.0904 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys

2010/12/24 11:58:02.0950 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

2010/12/24 11:58:03.0013 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

2010/12/24 11:58:03.0091 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

2010/12/24 11:58:03.0153 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

2010/12/24 11:58:03.0216 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

2010/12/24 11:58:03.0262 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

2010/12/24 11:58:03.0356 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

2010/12/24 11:58:03.0418 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys

2010/12/24 11:58:03.0496 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

2010/12/24 11:58:03.0543 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys

2010/12/24 11:58:03.0606 ApfiltrService (7c2f57bce81fa74933f0e1c84a97c9db) C:\Windows\system32\DRIVERS\Apfiltr.sys

2010/12/24 11:58:03.0652 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

2010/12/24 11:58:03.0762 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

2010/12/24 11:58:03.0793 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

2010/12/24 11:58:03.0886 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/12/24 11:58:03.0949 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

2010/12/24 11:58:04.0120 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

2010/12/24 11:58:04.0214 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

2010/12/24 11:58:04.0308 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

2010/12/24 11:58:04.0354 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

2010/12/24 11:58:04.0401 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys

2010/12/24 11:58:04.0448 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2010/12/24 11:58:04.0479 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2010/12/24 11:58:04.0588 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

2010/12/24 11:58:04.0651 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

2010/12/24 11:58:04.0698 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

2010/12/24 11:58:04.0744 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

2010/12/24 11:58:04.0822 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys

2010/12/24 11:58:04.0869 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

2010/12/24 11:58:04.0932 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys

2010/12/24 11:58:04.0978 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys

2010/12/24 11:58:05.0041 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys

2010/12/24 11:58:05.0306 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

2010/12/24 11:58:05.0384 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\Windows\system32\drivers\Cdr4_xp.sys

2010/12/24 11:58:05.0446 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\Windows\system32\drivers\Cdralw2k.sys

2010/12/24 11:58:05.0571 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

2010/12/24 11:58:05.0649 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

2010/12/24 11:58:05.0712 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

2010/12/24 11:58:05.0774 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

2010/12/24 11:58:05.0805 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

2010/12/24 11:58:05.0836 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

2010/12/24 11:58:05.0899 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

2010/12/24 11:58:05.0961 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

2010/12/24 11:58:06.0024 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

2010/12/24 11:58:06.0117 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

2010/12/24 11:58:06.0195 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys

2010/12/24 11:58:06.0289 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

2010/12/24 11:58:06.0336 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

2010/12/24 11:58:06.0398 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys

2010/12/24 11:58:06.0492 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

2010/12/24 11:58:06.0585 DXGKrnl (39806cfeddcc55e686a49bccd2972f23) C:\Windows\System32\drivers\dxgkrnl.sys

2010/12/24 11:58:06.0679 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys

2010/12/24 11:58:06.0726 eamon (23a6e5a600d3743be536161e9c6f2043) C:\Windows\system32\DRIVERS\eamon.sys

2010/12/24 11:58:06.0772 easdrv (0ed4fa004a79e44df4dbdc85f44fc1fd) C:\Windows\system32\DRIVERS\easdrv.sys

2010/12/24 11:58:06.0928 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

2010/12/24 11:58:07.0209 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

2010/12/24 11:58:07.0303 epfwtdir (ccfb3bb29c08fcab134f237743bb0311) C:\Windows\system32\DRIVERS\epfwtdir.sys

2010/12/24 11:58:07.0350 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

2010/12/24 11:58:07.0443 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

2010/12/24 11:58:07.0490 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

2010/12/24 11:58:07.0584 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

2010/12/24 11:58:07.0646 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

2010/12/24 11:58:07.0708 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

2010/12/24 11:58:07.0771 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/12/24 11:58:07.0849 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

2010/12/24 11:58:07.0911 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

2010/12/24 11:58:07.0989 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

2010/12/24 11:58:08.0005 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys

2010/12/24 11:58:08.0052 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

2010/12/24 11:58:08.0114 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys

2010/12/24 11:58:08.0176 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

2010/12/24 11:58:08.0223 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/12/24 11:58:08.0270 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

2010/12/24 11:58:08.0317 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

2010/12/24 11:58:08.0379 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

2010/12/24 11:58:08.0457 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

2010/12/24 11:58:08.0535 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

2010/12/24 11:58:08.0629 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys

2010/12/24 11:58:08.0691 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

2010/12/24 11:58:08.0769 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

2010/12/24 11:58:08.0832 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

2010/12/24 11:58:08.0878 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/12/24 11:58:08.0910 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys

2010/12/24 11:58:09.0144 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys

2010/12/24 11:58:09.0378 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

2010/12/24 11:58:09.0456 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

2010/12/24 11:58:09.0518 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

2010/12/24 11:58:09.0596 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/12/24 11:58:09.0658 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2010/12/24 11:58:09.0705 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

2010/12/24 11:58:09.0783 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

2010/12/24 11:58:09.0830 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

2010/12/24 11:58:09.0861 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/12/24 11:58:09.0939 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/12/24 11:58:10.0017 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

2010/12/24 11:58:10.0064 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

2010/12/24 11:58:10.0095 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys

2010/12/24 11:58:10.0204 libusb0 (e2f1dcf4a68cc6cf694fbfba1842f4cd) C:\Windows\system32\drivers\libusb0.sys

2010/12/24 11:58:10.0251 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

2010/12/24 11:58:10.0376 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

2010/12/24 11:58:10.0454 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

2010/12/24 11:58:10.0516 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2010/12/24 11:58:10.0548 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2010/12/24 11:58:10.0641 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

2010/12/24 11:58:10.0719 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2010/12/24 11:58:10.0766 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

2010/12/24 11:58:10.0828 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

2010/12/24 11:58:10.0891 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

2010/12/24 11:58:10.0969 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

2010/12/24 11:58:11.0016 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

2010/12/24 11:58:11.0094 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

2010/12/24 11:58:11.0140 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

2010/12/24 11:58:11.0203 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

2010/12/24 11:58:11.0265 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

2010/12/24 11:58:11.0312 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

2010/12/24 11:58:11.0374 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/12/24 11:58:11.0421 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/12/24 11:58:11.0452 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/12/24 11:58:11.0530 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

2010/12/24 11:58:11.0655 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

2010/12/24 11:58:11.0733 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

2010/12/24 11:58:11.0796 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

2010/12/24 11:58:11.0842 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

2010/12/24 11:58:11.0905 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

2010/12/24 11:58:11.0952 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/12/24 11:58:12.0014 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

2010/12/24 11:58:12.0076 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

2010/12/24 11:58:12.0170 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/12/24 11:58:12.0232 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

2010/12/24 11:58:12.0264 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

2010/12/24 11:58:12.0310 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

2010/12/24 11:58:12.0388 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

2010/12/24 11:58:12.0482 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

2010/12/24 11:58:12.0560 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

2010/12/24 11:58:12.0654 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/12/24 11:58:12.0685 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/12/24 11:58:12.0716 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/12/24 11:58:12.0778 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

2010/12/24 11:58:12.0841 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

2010/12/24 11:58:12.0903 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

2010/12/24 11:58:13.0200 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys

2010/12/24 11:58:13.0418 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

2010/12/24 11:58:13.0480 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

2010/12/24 11:58:13.0558 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

2010/12/24 11:58:13.0621 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys

2010/12/24 11:58:13.0714 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

2010/12/24 11:58:13.0761 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys

2010/12/24 11:58:13.0792 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys

2010/12/24 11:58:13.0855 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

2010/12/24 11:58:13.0870 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

2010/12/24 11:58:13.0995 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

2010/12/24 11:58:14.0026 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

2010/12/24 11:58:14.0089 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

2010/12/24 11:58:14.0151 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

2010/12/24 11:58:14.0214 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

2010/12/24 11:58:14.0276 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

2010/12/24 11:58:14.0323 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

2010/12/24 11:58:14.0370 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

2010/12/24 11:58:14.0557 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

2010/12/24 11:58:14.0604 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

2010/12/24 11:58:14.0697 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

2010/12/24 11:58:14.0760 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\Windows\system32\Drivers\PxHelp20.sys

2010/12/24 11:58:14.0838 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

2010/12/24 11:58:14.0962 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

2010/12/24 11:58:15.0025 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

2010/12/24 11:58:15.0103 R5U870FLx86 (1839c6db8c49d1911d946f1b3383ef6a) C:\Windows\system32\Drivers\R5U870FLx86.sys

2010/12/24 11:58:15.0181 R5U870FUx86 (8f80f66afcaaf743418a2e7ee593db3c) C:\Windows\system32\Drivers\R5U870FUx86.sys

2010/12/24 11:58:15.0243 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

2010/12/24 11:58:15.0337 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

2010/12/24 11:58:15.0399 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/12/24 11:58:15.0446 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/12/24 11:58:15.0508 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

2010/12/24 11:58:15.0586 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

2010/12/24 11:58:15.0649 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

2010/12/24 11:58:15.0727 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/12/24 11:58:15.0789 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

2010/12/24 11:58:15.0836 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

2010/12/24 11:58:15.0867 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

2010/12/24 11:58:15.0945 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

2010/12/24 11:58:15.0992 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

2010/12/24 11:58:16.0070 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys

2010/12/24 11:58:16.0148 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

2010/12/24 11:58:16.0195 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

2010/12/24 11:58:16.0304 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

2010/12/24 11:58:16.0335 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS

2010/12/24 11:58:16.0382 SASKUTIL (4731a1b8a79b19cad8e2cfdc7b7d82d4) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

2010/12/24 11:58:16.0476 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

2010/12/24 11:58:16.0522 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

2010/12/24 11:58:16.0585 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2010/12/24 11:58:16.0647 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

2010/12/24 11:58:16.0694 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

2010/12/24 11:58:16.0741 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

2010/12/24 11:58:16.0850 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

2010/12/24 11:58:16.0866 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2010/12/24 11:58:16.0897 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

2010/12/24 11:58:16.0928 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

2010/12/24 11:58:17.0006 shpf (571aed0899d559671672ea9da3fdf4cf) C:\Windows\system32\DRIVERS\shpf.sys

2010/12/24 11:58:17.0068 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

2010/12/24 11:58:17.0146 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2010/12/24 11:58:17.0209 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

2010/12/24 11:58:17.0287 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

2010/12/24 11:58:17.0380 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys

2010/12/24 11:58:17.0474 SonyImgF (2f30c6ec1904cdb6f32ca69622726eb4) C:\Windows\system32\DRIVERS\SonyImgF.sys

2010/12/24 11:58:17.0552 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys

2010/12/24 11:58:17.0630 SPI (6832cda4c9336294df1df124f6627b6c) C:\Windows\system32\DRIVERS\SonyPI.sys

2010/12/24 11:58:17.0708 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

2010/12/24 11:58:17.0848 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys

2010/12/24 11:58:17.0848 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

2010/12/24 11:58:17.0848 sptd - detected Locked file (1)

2010/12/24 11:58:17.0926 srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\Windows\system32\DRIVERS\srv.sys

2010/12/24 11:58:17.0973 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys

2010/12/24 11:58:18.0020 srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\Windows\system32\DRIVERS\srvnet.sys

2010/12/24 11:58:18.0192 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

2010/12/24 11:58:18.0254 STHDA (09460dff222bd1d2cb051c99ee4204e6) C:\Windows\system32\drivers\stwrt.sys

2010/12/24 11:58:18.0332 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

2010/12/24 11:58:18.0363 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

2010/12/24 11:58:18.0394 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

2010/12/24 11:58:18.0504 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys

2010/12/24 11:58:18.0691 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys

2010/12/24 11:58:18.0753 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

2010/12/24 11:58:18.0831 TcUsb (009aede9fe870c247014450dc1e01d5d) C:\Windows\system32\Drivers\tcusb.sys

2010/12/24 11:58:18.0862 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

2010/12/24 11:58:18.0909 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

2010/12/24 11:58:18.0941 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

2010/12/24 11:58:18.0972 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

2010/12/24 11:58:19.0050 ti21sony (7c7445b4c2bd46c56abb3499da52b75c) C:\Windows\system32\drivers\ti21sony.sys

2010/12/24 11:58:19.0128 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\Windows\system32\DRIVERS\tosporte.sys

2010/12/24 11:58:19.0190 tosrfbd (42a23ff09bd172fa3f6a3a0a589ef1b0) C:\Windows\system32\DRIVERS\tosrfbd.sys

2010/12/24 11:58:19.0237 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\Windows\system32\Drivers\tosrfbnp.sys

2010/12/24 11:58:19.0268 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\Drivers\tosrfcom.sys

2010/12/24 11:58:19.0331 Tosrfhid (28099a4e52148319afa685d93a2244d0) C:\Windows\system32\DRIVERS\Tosrfhid.sys

2010/12/24 11:58:19.0424 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\Windows\system32\DRIVERS\tosrfnds.sys

2010/12/24 11:58:19.0487 TosRfSnd (a4ce9572bc4ac8d329455059b43c5bea) C:\Windows\system32\drivers\tosrfsnd.sys

2010/12/24 11:58:19.0565 tosrfusb (967316fb4777bc6eaaa0e15552fef768) C:\Windows\system32\DRIVERS\tosrfusb.sys

2010/12/24 11:58:19.0658 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/12/24 11:58:19.0767 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

2010/12/24 11:58:19.0861 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

2010/12/24 11:58:19.0923 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

2010/12/24 11:58:19.0986 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

2010/12/24 11:58:20.0048 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

2010/12/24 11:58:20.0126 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

2010/12/24 11:58:20.0173 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/12/24 11:58:20.0251 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

2010/12/24 11:58:20.0282 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys

2010/12/24 11:58:20.0329 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys

2010/12/24 11:58:20.0423 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

2010/12/24 11:58:20.0501 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

2010/12/24 11:58:20.0532 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/12/24 11:58:20.0594 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/12/24 11:58:20.0672 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys

2010/12/24 11:58:20.0828 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

2010/12/24 11:58:20.0891 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/12/24 11:58:20.0922 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

2010/12/24 11:58:20.0984 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

2010/12/24 11:58:21.0047 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

2010/12/24 11:58:21.0078 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

2010/12/24 11:58:21.0109 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

2010/12/24 11:58:21.0140 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

2010/12/24 11:58:21.0218 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

2010/12/24 11:58:21.0281 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

2010/12/24 11:58:21.0359 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

2010/12/24 11:58:21.0421 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

2010/12/24 11:58:21.0499 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

2010/12/24 11:58:21.0561 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

2010/12/24 11:58:21.0655 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

2010/12/24 11:58:21.0733 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

2010/12/24 11:58:21.0764 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

2010/12/24 11:58:21.0842 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

2010/12/24 11:58:21.0936 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

2010/12/24 11:58:22.0029 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

2010/12/24 11:58:22.0092 WimFltr (c8d53a13e867d5a7eafb19400016560f) C:\Windows\system32\DRIVERS\wimfltr.sys

2010/12/24 11:58:22.0170 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

2010/12/24 11:58:22.0248 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

2010/12/24 11:58:22.0466 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

2010/12/24 11:58:22.0544 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2010/12/24 11:58:22.0638 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

2010/12/24 11:58:22.0716 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

2010/12/24 11:58:22.0763 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/12/24 11:58:22.0841 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys

2010/12/24 11:58:22.0950 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys

2010/12/24 11:58:23.0012 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)

2010/12/24 11:58:23.0028 ================================================================================

2010/12/24 11:58:23.0028 Scan finished

2010/12/24 11:58:23.0028 ================================================================================

2010/12/24 11:58:23.0028 Detected object count: 2

2010/12/24 12:10:13.0299 Locked file(sptd) - User select action: Skip

2010/12/24 12:10:13.0393 \HardDisk0 - will be cured after reboot

2010/12/24 12:10:13.0424 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure

2010/12/24 12:10:40.0097 Deinitialize success

Link to post
Share on other sites

The last msg was on the c: drive

This is when i click on Report after executing the software

2010/12/24 12:16:11.0346 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2010/12/24 12:16:11.0346 ================================================================================

2010/12/24 12:16:11.0346 SystemInfo:

2010/12/24 12:16:11.0346

2010/12/24 12:16:11.0346 OS Version: 6.1.7600 ServicePack: 0.0

2010/12/24 12:16:11.0346 Product type: Workstation

2010/12/24 12:16:11.0346 ComputerName: CHOCOBO1984-PC

2010/12/24 12:16:11.0346 UserName: Chocobo1984

2010/12/24 12:16:11.0346 Windows directory: C:\Windows

2010/12/24 12:16:11.0346 System windows directory: C:\Windows

2010/12/24 12:16:11.0346 Processor architecture: Intel x86

2010/12/24 12:16:11.0346 Number of processors: 2

2010/12/24 12:16:11.0346 Page size: 0x1000

2010/12/24 12:16:11.0346 Boot type: Normal boot

2010/12/24 12:16:11.0346 ================================================================================

2010/12/24 12:16:12.0828 Initialize success

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.