Help: Guard Online and Redirect Virus

Ashmi · October 12, 2011

Hello Experts,

My system is currently infected with Guard Online and Redirect viruses. Whenever I get a virus I'm usually able to clean it up myself but this instance has me extremely worried. Especially since I did some things that may have made things even worse.

Prior to getting the Guard Online virus, my virus was infected with the Redirect virus. I don't have a television so I like going to sites to watch live streams of shows. At that point I should have been figuring out a way to get rid of it while it before things got serious, which may have been why I got the Guard Online virus (not sure).

I'm currently running Windows Vista in Safe Mode with networking. I pretty much can't do anything in regular mode because it's so low and the virus keeps popping up. When I tried a system restore I notice that it would not let me choose a restore point older than a few days. I ran Malwarebytes and it was able to find a few infections but I don't think it was able to remove Guard Online and Redirect because they were still present on my system after restart. After that, I tried updating but I got this error 'An error has occurred MBAM_ERROR_UPDATING(2, 0, CreateFile'. Then I tried updating by way of download which also didn't work. Then, I just tried reinstalling Malwarebytes and got an "Access is denied' error.

I don't know how I would go about doing a HijackThis log because it's apparently not letting me install anything. Actually I tried but I can't remember what happened. I did the ComboFix (I don't know if I was supposed to but I attached the log anyway).

At this point I don't know what else to do.

log.txt

screen317 · October 14, 2011

Hi and welcome to Malwarebytes.

Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
Execute the file TDSSKiller.exe by double-clicking on it.
Wait for the scan and disinfection process to be over.
When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Ashmi · October 14, 2011

18:20:04.0932 1188 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24

18:20:05.0299 1188 ============================================================

18:20:05.0299 1188 Current date / time: 2011/10/14 18:20:05.0299

18:20:05.0299 1188 SystemInfo:

18:20:05.0299 1188

18:20:05.0299 1188 OS Version: 6.0.6002 ServicePack: 2.0

18:20:05.0299 1188 Product type: Workstation

18:20:05.0299 1188 ComputerName: ASHLEIGH-PC

18:20:05.0300 1188 UserName: HOTTEST

18:20:05.0300 1188 Windows directory: C:\Windows

18:20:05.0300 1188 System windows directory: C:\Windows

18:20:05.0300 1188 Running under WOW64

18:20:05.0300 1188 Processor architecture: Intel x64

18:20:05.0300 1188 Number of processors: 2

18:20:05.0300 1188 Page size: 0x1000

18:20:05.0300 1188 Boot type: Safe boot with network

18:20:05.0300 1188 ============================================================

18:20:07.0037 1188 Initialize success

18:20:43.0524 1740 ============================================================

18:20:43.0524 1740 Scan started

18:20:43.0524 1740 Mode: Manual;

18:20:43.0524 1740 ============================================================

18:20:43.0971 1740 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys

18:20:43.0971 1740 Accelerometer - ok

18:20:44.0021 1740 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

18:20:44.0025 1740 ACPI - ok

18:20:44.0172 1740 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

18:20:44.0174 1740 adfs - ok

18:20:44.0249 1740 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

18:20:44.0256 1740 adp94xx - ok

18:20:44.0367 1740 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

18:20:44.0379 1740 adpahci - ok

18:20:44.0406 1740 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

18:20:44.0408 1740 adpu160m - ok

18:20:44.0475 1740 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

18:20:44.0479 1740 adpu320 - ok

18:20:44.0685 1740 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys

18:20:44.0691 1740 AFD - ok

18:20:44.0836 1740 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys

18:20:44.0853 1740 AgereSoftModem - ok

18:20:44.0964 1740 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

18:20:44.0966 1740 agp440 - ok

18:20:45.0027 1740 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

18:20:45.0029 1740 aic78xx - ok

18:20:45.0132 1740 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys

18:20:45.0133 1740 aliide - ok

18:20:45.0141 1740 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys

18:20:45.0143 1740 amdide - ok

18:20:45.0218 1740 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

18:20:45.0220 1740 AmdK8 - ok

18:20:45.0323 1740 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

18:20:45.0326 1740 arc - ok

18:20:45.0383 1740 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

18:20:45.0386 1740 arcsas - ok

18:20:45.0439 1740 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

18:20:45.0440 1740 AsyncMac - ok

18:20:45.0526 1740 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

18:20:45.0526 1740 atapi - ok

18:20:45.0672 1740 BCM43XX (a4815907b039121d8d9221695cdc35f7) C:\Windows\system32\DRIVERS\bcmwl664.sys

18:20:45.0681 1740 BCM43XX - ok

18:20:45.0864 1740 BHDrvx64 (4d7f8401eae7eaa4ef702fa6f4153269) C:\Windows\System32\Drivers\NISx64\1007020.00B\BHDrvx64.sys

18:20:45.0869 1740 BHDrvx64 - ok

18:20:46.0012 1740 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

18:20:46.0014 1740 blbdrive - ok

18:20:46.0084 1740 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

18:20:46.0086 1740 bowser - ok

18:20:46.0204 1740 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

18:20:46.0205 1740 BrFiltLo - ok

18:20:46.0222 1740 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

18:20:46.0223 1740 BrFiltUp - ok

18:20:46.0311 1740 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

18:20:46.0313 1740 Brserid - ok

18:20:46.0400 1740 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

18:20:46.0401 1740 BrSerWdm - ok

18:20:46.0422 1740 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

18:20:46.0424 1740 BrUsbMdm - ok

18:20:46.0433 1740 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

18:20:46.0434 1740 BrUsbSer - ok

18:20:46.0542 1740 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

18:20:46.0544 1740 BTHMODEM - ok

18:20:46.0690 1740 ccHP (1b79efc84b924a6932bb9d2a549de5c9) C:\Windows\System32\Drivers\NISx64\1007020.00B\ccHPx64.sys

18:20:46.0698 1740 ccHP - ok

18:20:46.0798 1740 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

18:20:46.0800 1740 cdfs - ok

18:20:46.0874 1740 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

18:20:46.0876 1740 cdrom - ok

18:20:46.0994 1740 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys

18:20:46.0996 1740 circlass - ok

18:20:47.0045 1740 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

18:20:47.0051 1740 CLFS - ok

18:20:47.0254 1740 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys

18:20:47.0256 1740 CmBatt - ok

18:20:47.0294 1740 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys

18:20:47.0295 1740 cmdide - ok

18:20:47.0330 1740 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys

18:20:47.0331 1740 Compbatt - ok

18:20:47.0347 1740 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

18:20:47.0349 1740 crcdisk - ok

18:20:47.0549 1740 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

18:20:47.0551 1740 DfsC - ok

18:20:47.0671 1740 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

18:20:47.0673 1740 disk - ok

18:20:47.0767 1740 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

18:20:47.0767 1740 drmkaud - ok

18:20:47.0874 1740 dump_wmimmc - ok

18:20:48.0036 1740 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

18:20:48.0049 1740 DXGKrnl - ok

18:20:48.0128 1740 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

18:20:48.0131 1740 E1G60 - ok

18:20:48.0232 1740 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

18:20:48.0235 1740 Ecache - ok

18:20:48.0349 1740 eeCtrl (a7fbc38c1f6f3df3f1e21b8933e76e7c) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

18:20:48.0356 1740 eeCtrl - ok

18:20:48.0481 1740 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys

18:20:48.0482 1740 ElbyCDIO - ok

18:20:48.0536 1740 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

18:20:48.0542 1740 elxstor - ok

18:20:48.0654 1740 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys

18:20:48.0655 1740 enecir - ok

18:20:48.0695 1740 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys

18:20:48.0696 1740 ErrDev - ok

18:20:48.0763 1740 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

18:20:48.0766 1740 exfat - ok

18:20:48.0871 1740 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

18:20:48.0874 1740 fastfat - ok

18:20:48.0941 1740 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

18:20:48.0943 1740 fdc - ok

18:20:49.0025 1740 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

18:20:49.0027 1740 FileInfo - ok

18:20:49.0038 1740 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

18:20:49.0039 1740 Filetrace - ok

18:20:49.0095 1740 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

18:20:49.0110 1740 flpydisk - ok

18:20:49.0150 1740 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

18:20:49.0154 1740 FltMgr - ok

18:20:49.0320 1740 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

18:20:49.0321 1740 fssfltr - ok

18:20:49.0360 1740 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys

18:20:49.0361 1740 Fs_Rec - ok

18:20:49.0387 1740 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

18:20:49.0388 1740 gagp30kx - ok

18:20:49.0494 1740 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:20:49.0495 1740 GEARAspiWDM - ok

18:20:49.0632 1740 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys

18:20:49.0637 1740 HdAudAddService - ok

18:20:49.0697 1740 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:20:49.0709 1740 HDAudBus - ok

18:20:49.0791 1740 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

18:20:49.0793 1740 HidBth - ok

18:20:49.0836 1740 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys

18:20:49.0837 1740 HidIr - ok

18:20:49.0905 1740 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

18:20:49.0906 1740 HidUsb - ok

18:20:50.0008 1740 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

18:20:50.0010 1740 HpCISSs - ok

18:20:50.0033 1740 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys

18:20:50.0034 1740 hpdskflt - ok

18:20:50.0084 1740 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

18:20:50.0085 1740 HpqKbFiltr - ok

18:20:50.0181 1740 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

18:20:50.0190 1740 HTTP - ok

18:20:50.0235 1740 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

18:20:50.0237 1740 i2omp - ok

18:20:50.0332 1740 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

18:20:50.0334 1740 i8042prt - ok

18:20:50.0382 1740 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

18:20:50.0386 1740 iaStorV - ok

18:20:50.0521 1740 IDSVia64 (bfb776b66cc89ab66ae97ffa40b25f45) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090730.003\IDSvia64.sys

18:20:50.0554 1740 IDSVia64 - ok

18:20:50.0882 1740 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

18:20:51.0180 1740 igfx - ok

18:20:51.0262 1740 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

18:20:51.0264 1740 iirsp - ok

18:20:51.0340 1740 IntcHdmiAddService (dea2ab452b4fa773187369c4b6517320) C:\Windows\system32\drivers\IntcHdmi.sys

18:20:51.0342 1740 IntcHdmiAddService - ok

18:20:51.0452 1740 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys

18:20:51.0453 1740 intelide - ok

18:20:51.0496 1740 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

18:20:51.0498 1740 intelppm - ok

18:20:51.0543 1740 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:20:51.0545 1740 IpFilterDriver - ok

18:20:51.0649 1740 IpInIp - ok

18:20:51.0691 1740 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

18:20:51.0693 1740 IPMIDRV - ok

18:20:51.0718 1740 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

18:20:51.0721 1740 IPNAT - ok

18:20:51.0751 1740 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

18:20:51.0752 1740 IRENUM - ok

18:20:51.0826 1740 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

18:20:51.0828 1740 isapnp - ok

18:20:51.0903 1740 iscFlash (df88742822de27c5daa89d6790ddea01) C:\SwSetup\sp43819\iscflashx64.sys

18:20:51.0915 1740 iscFlash - ok

18:20:51.0986 1740 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

18:20:51.0987 1740 iScsiPrt - ok

18:20:52.0039 1740 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

18:20:52.0040 1740 iteatapi - ok

18:20:52.0105 1740 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

18:20:52.0107 1740 iteraid - ok

18:20:52.0123 1740 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

18:20:52.0124 1740 kbdclass - ok

18:20:52.0159 1740 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys

18:20:52.0160 1740 kbdhid - ok

18:20:52.0246 1740 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys

18:20:52.0254 1740 KSecDD - ok

18:20:52.0331 1740 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

18:20:52.0333 1740 ksthunk - ok

18:20:52.0429 1740 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

18:20:52.0431 1740 lltdio - ok

18:20:52.0497 1740 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

18:20:52.0500 1740 LSI_FC - ok

18:20:52.0514 1740 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

18:20:52.0516 1740 LSI_SAS - ok

18:20:52.0527 1740 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

18:20:52.0530 1740 LSI_SCSI - ok

18:20:52.0560 1740 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

18:20:52.0562 1740 luafv - ok

18:20:52.0670 1740 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

18:20:52.0671 1740 megasas - ok

18:20:52.0757 1740 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

18:20:52.0779 1740 MegaSR - ok

18:20:52.0896 1740 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

18:20:52.0898 1740 Modem - ok

18:20:52.0944 1740 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

18:20:52.0945 1740 monitor - ok

18:20:52.0988 1740 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

18:20:52.0988 1740 mouclass - ok

18:20:53.0082 1740 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

18:20:53.0083 1740 mouhid - ok

18:20:53.0112 1740 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

18:20:53.0114 1740 MountMgr - ok

18:20:53.0149 1740 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

18:20:53.0151 1740 mpio - ok

18:20:53.0183 1740 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

18:20:53.0185 1740 mpsdrv - ok

18:20:53.0256 1740 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

18:20:53.0258 1740 Mraid35x - ok

18:20:53.0291 1740 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

18:20:53.0294 1740 MRxDAV - ok

18:20:53.0353 1740 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:20:53.0355 1740 mrxsmb - ok

18:20:53.0465 1740 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:20:53.0469 1740 mrxsmb10 - ok

18:20:53.0510 1740 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:20:53.0512 1740 mrxsmb20 - ok

18:20:53.0585 1740 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys

18:20:53.0585 1740 msahci - ok

18:20:53.0760 1740 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

18:20:53.0762 1740 msdsm - ok

18:20:53.0789 1740 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

18:20:53.0790 1740 Msfs - ok

18:20:53.0841 1740 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

18:20:53.0843 1740 msisadrv - ok

18:20:53.0962 1740 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

18:20:53.0963 1740 MSKSSRV - ok

18:20:53.0997 1740 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

18:20:53.0998 1740 MSPCLOCK - ok

18:20:54.0017 1740 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

18:20:54.0018 1740 MSPQM - ok

18:20:54.0066 1740 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

18:20:54.0071 1740 MsRPC - ok

18:20:54.0142 1740 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

18:20:54.0143 1740 mssmbios - ok

18:20:54.0196 1740 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

18:20:54.0197 1740 MSTEE - ok

18:20:54.0233 1740 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

18:20:54.0235 1740 Mup - ok

18:20:54.0354 1740 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

18:20:54.0357 1740 NativeWifiP - ok

18:20:54.0416 1740 NAVENG - ok

18:20:54.0421 1740 NAVEX15 - ok

18:20:54.0607 1740 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

18:20:54.0617 1740 NDIS - ok

18:20:54.0680 1740 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

18:20:54.0681 1740 NdisTapi - ok

18:20:54.0719 1740 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

18:20:54.0720 1740 Ndisuio - ok

18:20:54.0762 1740 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

18:20:54.0765 1740 NdisWan - ok

18:20:54.0817 1740 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

18:20:54.0818 1740 NDProxy - ok

18:20:54.0867 1740 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

18:20:54.0868 1740 NetBIOS - ok

18:20:54.0903 1740 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

18:20:54.0907 1740 netbt - ok

18:20:55.0059 1740 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys

18:20:55.0100 1740 NETw3v64 - ok

18:20:55.0180 1740 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

18:20:55.0181 1740 nfrd960 - ok

18:20:55.0208 1740 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

18:20:55.0209 1740 Npfs - ok

18:20:55.0219 1740 NPPTNT2 - ok

18:20:55.0238 1740 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

18:20:55.0239 1740 nsiproxy - ok

18:20:55.0301 1740 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

18:20:55.0321 1740 Ntfs - ok

18:20:55.0404 1740 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

18:20:55.0404 1740 Null - ok

18:20:55.0418 1740 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

18:20:55.0421 1740 nvraid - ok

18:20:55.0436 1740 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

18:20:55.0438 1740 nvstor - ok

18:20:55.0469 1740 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

18:20:55.0471 1740 nv_agp - ok

18:20:55.0549 1740 NwlnkFlt - ok

18:20:55.0558 1740 NwlnkFwd - ok

18:20:55.0627 1740 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys

18:20:55.0629 1740 ohci1394 - ok

18:20:55.0746 1740 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

18:20:55.0748 1740 Parport - ok

18:20:55.0797 1740 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

18:20:55.0799 1740 partmgr - ok

18:20:55.0836 1740 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

18:20:55.0839 1740 pci - ok

18:20:55.0905 1740 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys

18:20:55.0906 1740 pciide - ok

18:20:55.0947 1740 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

18:20:55.0950 1740 pcmcia - ok

18:20:56.0004 1740 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

18:20:56.0014 1740 PEAUTH - ok

18:20:56.0147 1740 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

18:20:56.0149 1740 PptpMiniport - ok

18:20:56.0204 1740 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys

18:20:56.0206 1740 Processor - ok

18:20:56.0249 1740 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

18:20:56.0251 1740 PSched - ok

18:20:56.0329 1740 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

18:20:56.0345 1740 ql2300 - ok

18:20:56.0386 1740 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

18:20:56.0389 1740 ql40xx - ok

18:20:56.0446 1740 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

18:20:56.0447 1740 QWAVEdrv - ok

18:20:56.0465 1740 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

18:20:56.0466 1740 RasAcd - ok

18:20:56.0558 1740 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:20:56.0560 1740 Rasl2tp - ok

18:20:56.0647 1740 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

18:20:56.0648 1740 RasPppoe - ok

18:20:56.0695 1740 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

18:20:56.0697 1740 RasSstp - ok

18:20:56.0737 1740 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

18:20:56.0742 1740 rdbss - ok

18:20:56.0804 1740 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:20:56.0805 1740 RDPCDD - ok

18:20:56.0834 1740 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

18:20:56.0839 1740 rdpdr - ok

18:20:56.0861 1740 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

18:20:56.0862 1740 RDPENCDD - ok

18:20:56.0906 1740 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys

18:20:56.0910 1740 RDPWD - ok

18:20:57.0041 1740 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys

18:20:57.0043 1740 Revoflt - ok

18:20:57.0093 1740 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

18:20:57.0095 1740 rspndr - ok

18:20:57.0208 1740 RTL8169 (af7074e1d6a8a66204067ee8b2a8327a) C:\Windows\system32\DRIVERS\Rtlh64.sys

18:20:57.0211 1740 RTL8169 - ok

18:20:57.0250 1740 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS

18:20:57.0250 1740 RTSTOR - ok

18:20:57.0311 1740 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

18:20:57.0313 1740 sbp2port - ok

18:20:57.0344 1740 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys

18:20:57.0346 1740 sdbus - ok

18:20:57.0395 1740 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

18:20:57.0397 1740 secdrv - ok

18:20:57.0473 1740 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys

18:20:57.0475 1740 Serenum - ok

18:20:57.0505 1740 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys

18:20:57.0508 1740 Serial - ok

18:20:57.0535 1740 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

18:20:57.0537 1740 sermouse - ok

18:20:57.0589 1740 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

18:20:57.0590 1740 sffdisk - ok

18:20:57.0612 1740 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

18:20:57.0614 1740 sffp_mmc - ok

18:20:57.0633 1740 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

18:20:57.0634 1740 sffp_sd - ok

18:20:57.0681 1740 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

18:20:57.0682 1740 sfloppy - ok

18:20:57.0701 1740 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

18:20:57.0702 1740 SiSRaid2 - ok

18:20:57.0723 1740 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

18:20:57.0725 1740 SiSRaid4 - ok

18:20:57.0784 1740 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

18:20:57.0787 1740 Smb - ok

18:20:57.0905 1740 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

18:20:57.0906 1740 spldr - ok

18:20:58.0011 1740 sptd (a6cff1af7664627a296b6a0a96cf876e) C:\Windows\System32\Drivers\sptd.sys

18:20:58.0019 1740 sptd - ok

18:20:58.0120 1740 SRTSP (9e399476e5d5e0d3c8822c857a7e9a9a) C:\Windows\System32\Drivers\NISx64\1007020.00B\SRTSP64.SYS

18:20:58.0128 1740 SRTSP - ok

18:20:58.0165 1740 SRTSPX (3d7717b582f0365e75071556936e5a6b) C:\Windows\system32\drivers\NISx64\1007020.00B\SRTSPX64.SYS

18:20:58.0166 1740 SRTSPX - ok

18:20:58.0271 1740 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

18:20:58.0278 1740 srv - ok

18:20:58.0332 1740 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

18:20:58.0335 1740 srv2 - ok

18:20:58.0366 1740 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

18:20:58.0370 1740 srvnet - ok

18:20:58.0483 1740 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys

18:20:58.0490 1740 STHDA - ok

18:20:58.0548 1740 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys

18:20:58.0549 1740 StillCam - ok

18:20:58.0615 1740 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

18:20:58.0615 1740 swenum - ok

18:20:58.0704 1740 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

18:20:58.0706 1740 Symc8xx - ok

18:20:58.0791 1740 SYMDNS - ok

18:20:58.0872 1740 SymEFA (4f87bb5389a93778ebc363b28271a65b) C:\Windows\system32\drivers\NISx64\1007020.00B\SYMEFA64.SYS

18:20:58.0878 1740 SymEFA - ok

18:20:58.0947 1740 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

18:20:58.0950 1740 SymEvent - ok

18:20:59.0058 1740 SYMFW (6320bf296b62d324890866a13a296fc0) C:\Windows\System32\Drivers\NISx64\1007020.00B\SYMFW.SYS

18:20:59.0060 1740 SYMFW - ok

18:20:59.0128 1740 SymIM (212bbf5a964513980d5de9397381534f) C:\Windows\system32\DRIVERS\SymIMv.sys

18:20:59.0129 1740 SymIM - ok

18:20:59.0182 1740 SYMNDISV (21dcc664a1e0af7bf4c8aded8c9ff9d5) C:\Windows\System32\Drivers\NISx64\1007020.00B\SYMNDISV.SYS

18:20:59.0191 1740 SYMNDISV - ok

18:20:59.0282 1740 SYMREDRV - ok

18:20:59.0356 1740 SYMTDI (56a1cb71b8bb7ba9c41d2c9706df43cd) C:\Windows\System32\Drivers\NISx64\1007020.00B\SYMTDI.SYS

18:20:59.0358 1740 SYMTDI - ok

18:20:59.0424 1740 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

18:20:59.0425 1740 Sym_hi - ok

18:20:59.0461 1740 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

18:20:59.0463 1740 Sym_u3 - ok

18:20:59.0507 1740 SynTP (c851305e2bcfce8aaa53342f912ddd7f) C:\Windows\system32\DRIVERS\SynTP.sys

18:20:59.0509 1740 SynTP - ok

18:20:59.0681 1740 Tcpip (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\drivers\tcpip.sys

18:20:59.0700 1740 Tcpip - ok

18:20:59.0881 1740 Tcpip6 (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\DRIVERS\tcpip.sys

18:20:59.0890 1740 Tcpip6 - ok

18:21:00.0004 1740 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys

18:21:00.0005 1740 tcpipreg - ok

18:21:00.0041 1740 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

18:21:00.0043 1740 TDPIPE - ok

18:21:00.0101 1740 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

18:21:00.0102 1740 TDTCP - ok

18:21:00.0156 1740 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

18:21:00.0158 1740 tdx - ok

18:21:00.0192 1740 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

18:21:00.0192 1740 TermDD - ok

18:21:00.0293 1740 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:21:00.0294 1740 tssecsrv - ok

18:21:00.0385 1740 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

18:21:00.0386 1740 tunmp - ok

18:21:00.0453 1740 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

18:21:00.0454 1740 tunnel - ok

18:21:00.0532 1740 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

18:21:00.0534 1740 uagp35 - ok

18:21:00.0603 1740 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

18:21:00.0608 1740 udfs - ok

18:21:00.0636 1740 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

18:21:00.0638 1740 uliagpkx - ok

18:21:00.0696 1740 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

18:21:00.0707 1740 uliahci - ok

18:21:00.0735 1740 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

18:21:00.0738 1740 UlSata - ok

18:21:00.0785 1740 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

18:21:00.0788 1740 ulsata2 - ok

18:21:00.0831 1740 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

18:21:00.0832 1740 umbus - ok

18:21:00.0896 1740 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

18:21:00.0898 1740 usbccgp - ok

18:21:00.0961 1740 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

18:21:00.0963 1740 usbcir - ok

18:21:01.0015 1740 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

18:21:01.0016 1740 usbehci - ok

18:21:01.0040 1740 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

18:21:01.0045 1740 usbhub - ok

18:21:01.0107 1740 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys

18:21:01.0108 1740 usbohci - ok

18:21:01.0174 1740 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

18:21:01.0176 1740 usbprint - ok

18:21:01.0217 1740 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:21:01.0219 1740 USBSTOR - ok

18:21:01.0271 1740 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

18:21:01.0272 1740 usbuhci - ok

18:21:01.0343 1740 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys

18:21:01.0346 1740 usbvideo - ok

18:21:01.0420 1740 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

18:21:01.0421 1740 VClone - ok

18:21:01.0571 1740 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

18:21:01.0573 1740 vga - ok

18:21:01.0648 1740 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

18:21:01.0649 1740 VgaSave - ok

18:21:01.0664 1740 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys

18:21:01.0666 1740 viaide - ok

18:21:01.0703 1740 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

18:21:01.0705 1740 volmgr - ok

18:21:01.0781 1740 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

18:21:01.0787 1740 volmgrx - ok

18:21:01.0843 1740 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

18:21:01.0847 1740 volsnap - ok

18:21:01.0901 1740 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

18:21:01.0904 1740 vsmraid - ok

18:21:01.0931 1740 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

18:21:01.0933 1740 WacomPen - ok

18:21:01.0985 1740 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

18:21:01.0988 1740 Wanarp - ok

18:21:01.0991 1740 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

18:21:01.0992 1740 Wanarpv6 - ok

18:21:02.0010 1740 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

18:21:02.0012 1740 Wd - ok

18:21:02.0094 1740 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys

18:21:02.0106 1740 Wdf01000 - ok

18:21:02.0272 1740 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys

18:21:02.0273 1740 WmiAcpi - ok

18:21:02.0319 1740 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

18:21:02.0321 1740 WpdUsb - ok

18:21:02.0344 1740 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

18:21:02.0345 1740 ws2ifsl - ok

18:21:02.0427 1740 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:21:02.0430 1740 WUDFRd - ok

18:21:02.0568 1740 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys

18:21:02.0573 1740 yukonx64 - ok

18:21:02.0689 1740 {55662437-DA8C-40c0-AADA-2C816A897A49} (15cc7077d2dc28776cd430ecabbffd66) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

18:21:02.0692 1740 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

18:21:02.0723 1740 MBR (0x1B8) (b89f3c286823d91bfe3b1f3726e2eb81) \Device\Harddisk0\DR0

18:21:02.0723 1740 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

18:21:02.0723 1740 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

18:21:03.0378 1740 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1

18:21:03.0385 1740 \Device\Harddisk1\DR1 - ok

18:21:03.0432 1740 Boot (0x1200) (cead4ce2578bee1165dd63076e3b8c55) \Device\Harddisk0\DR0\Partition0

18:21:03.0433 1740 \Device\Harddisk0\DR0\Partition0 - ok

18:21:03.0464 1740 Boot (0x1200) (dd8c6a083d89d1831df6043b4983debc) \Device\Harddisk0\DR0\Partition1

18:21:03.0465 1740 \Device\Harddisk0\DR0\Partition1 - ok

18:21:03.0468 1740 Boot (0x1200) (d2adf4b6d5608101ad630ee4e561b673) \Device\Harddisk1\DR1\Partition0

18:21:03.0469 1740 \Device\Harddisk1\DR1\Partition0 - ok

18:21:03.0470 1740 ============================================================

18:21:03.0470 1740 Scan finished

18:21:03.0470 1740 ============================================================

18:21:03.0480 1376 Detected object count: 1

18:21:03.0480 1376 Actual detected object count: 1

18:21:33.0450 1376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

18:21:33.0451 1376 \Device\Harddisk0\DR0 - ok

18:21:33.0452 1376 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

18:22:07.0347 0796 Deinitialize success

Ashmi · October 14, 2011

When I downloaded DDS and double clicked it, a window popped only popped up for like a second.

screen317 · October 18, 2011

Hi,

Try this instead:

Download OTL.exe by OldTimer to your Desktop.

Close all windows and double click OTL.exe.
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

screen317 · October 31, 2011

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

screen317 · November 5, 2011

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Sign In

Help: Guard Online and Redirect Virus

Recommended Posts

Ashmi

Link to post

Share on other sites

screen317

Link to post

Share on other sites

Ashmi

Link to post

Share on other sites

Ashmi

Link to post

Share on other sites

screen317

Link to post

Share on other sites

screen317

Link to post

Share on other sites

screen317

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information