Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: smitfraud issue, wont delete

  1. #1
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default smitfraud issue, wont delete

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27
    Run by LaviLev at 17:27:36 on 2012-03-06
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4026.2140 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    -netsvcs
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\LaviLev\Downloads\hijackthis.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uWindow Title =
    mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273610114505l03f4z135a48m2v28n
    mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273610114505l03f4z135a48m2v28n
    mWindow Title =
    uInternet Settings,ProxyOverride = local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    uRun: [Google Update] "C:\Users\LaviLev\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRunOnce: [SpybotDeletingB2347] command.com /c del "C:\Windows\svchost.exe_old"
    uRunOnce: [SpybotDeletingD6843] cmd.exe /c del "C:\Windows\svchost.exe_old"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
    mRunOnce: [SpybotDeletingA5715] command.com /c del "C:\Windows\svchost.exe_old"
    mRunOnce: [SpybotDeletingC2633] cmd.exe /c del "C:\Windows\svchost.exe_old"
    dRun: [nlsnet] C:\Windows\system32\config\systemprofile\AppData\Roaming\nlsnet.exe
    dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
    StartupFolder: C:\Users\LaviLev\DOCUME~1\Startup\RT-UPD~1.LNK - C:\Ross-Tech\VCDS\VCDS.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AIRMOU~1.LNK - C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
    uPolicies-explorer: NoInstrumentation = 01
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    TCP: DhcpNameServer = 192.168.2.1 192.168.1.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066} : NameServer = 216.254.95.2,4.2.2.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066} : DhcpNameServer = 192.168.2.1 192.168.1.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\05F4C49534F4D4028444 : NameServer = 205.171.3.65,208.67.222.222
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\05F4C49534F4D4028444 : DhcpNameServer = 192.168.2.1 192.168.1.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\2456C6B696E6F574F505C65737F5D494D4F4F5448383834424 : NameServer = 156.154.70.1,4.2.2.3
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\2456C6B696E6F574F505C65737F5D494D4F4F5448383834424 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\2456C6B696E6F5E413F575962756C6563737F5647333033453 : DhcpNameServer = 192.168.2.1 192.168.1.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\A583839373 : NameServer = 216.254.95.2,4.2.2.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\A583839373 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\E4544574541425 : NameServer = 216.254.95.2,4.2.2.1
    TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\E4544574541425 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{3684E32D-4846-436A-B1F8-95238FCB0EFA} : DhcpNameServer = 192.168.2.1 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun-x64: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
    mRunOnce-x64: [SpybotDeletingA5715] command.com /c del "C:\Windows\svchost.exe_old"
    mRunOnce-x64: [SpybotDeletingC2633] cmd.exe /c del "C:\Windows\svchost.exe_old"
    Hosts: 109.163.226.208 www.google-analytics.com.
    Hosts: 109.163.226.208 ad-emea.doubleclick.net.
    Hosts: 109.163.226.208 www.statcounter.com.
    Hosts: 67.215.245.19 www.google-analytics.com.
    Hosts: 67.215.245.19 ad-emea.doubleclick.net.
    .
    Note: multiple HOSTS entries found. Please refer to Attach.txt
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\LaviLev\AppData\Roaming\Mozilla\Firefox\Profiles\hhbrubyw.default\
    FF - prefs.js: browser.startup.homepage - hxxp://forums.vwvortex.com/subscription.php
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?&q=
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\LaviLev\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-8-28 844320]
    S2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-6-4 1150496]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-6 136176]
    S2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
    S2 NovacomD;Palm Novacom;C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [2011-6-24 72192]
    S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720]
    S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-2 1153368]
    S2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-10-24 520040]
    S2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
    S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    S3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
    S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-6 136176]
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RT-USB;Ross-Tech USB driver;C:\Windows\system32\drivers\RT-USB64.SYS --> C:\Windows\system32\drivers\RT-USB64.SYS [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-03-06 20:10:33 20480 ------w- C:\Windows\svchost.exe_old
    2012-03-03 01:42:43 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2012-03-03 01:42:26 -------- d-----w- C:\Windows\PCHEALTH
    2012-03-03 01:38:23 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2012-02-13 02:33:51 -------- d-----w- C:\Program Files\iTunes
    2012-02-13 02:33:51 -------- d-----w- C:\Program Files\iPod
    2012-02-13 02:33:51 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-02-08 06:54:40 -------- d-----w- C:\Users\LaviLev\AppData\Local\{193CE5D9-0571-4DC4-A5DA-3CAA0D51D4FC}
    2012-02-08 06:54:28 -------- d-----w- C:\Users\LaviLev\AppData\Local\{7686645D-E2CE-4E03-98C5-67E66BBBD4AF}
    2012-02-08 06:54:22 -------- d-----w- C:\Users\LaviLev\AppData\Local\{4DDBFCE9-3A2D-4854-A330-E816F49CF53C}
    2012-02-08 06:54:08 -------- d-----w- C:\Users\LaviLev\Tracing
    2012-02-08 06:52:59 -------- d-----w- C:\Windows\en
    2012-02-08 06:46:36 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
    2012-02-08 06:46:36 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
    2012-02-08 06:46:34 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
    2012-02-08 06:46:34 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
    2012-02-08 06:46:07 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
    2012-02-08 06:46:07 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
    2012-02-08 06:45:45 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47d4960b1cce62d12\DSETUP.dll
    2012-02-08 06:45:45 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47d4960b1cce62d12\DXSETUP.exe
    2012-02-08 06:45:45 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47d4960b1cce62d12\dsetup32.dll
    2012-02-08 06:45:42 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\458e47041cce62d11\DSETUP.dll
    2012-02-08 06:45:42 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\458e47041cce62d11\DXSETUP.exe
    2012-02-08 06:45:42 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\458e47041cce62d11\dsetup32.dll
    2012-02-08 06:43:55 -------- d-----w- C:\Users\LaviLev\AppData\Local\Windows Live
    .
    ==================== Find3M ====================
    .
    2012-02-20 14:08:19 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2011-12-16 08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-16 08:46:06 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2011-12-16 07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-16 07:52:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2011-12-16 06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-16 06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 17:32:12.99 ===============

  2. #2
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi lavilev, welcome to the forum.

    To make cleaning this machine easier
    • Please do not uninstall/install any programs unless asked to
      It is more difficult when files/programs are appearing in/disappearing from the logs.
    • Please do not run any scans other than those requested
    • Please follow all instructions in the order posted
    • All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
    • Do not attach any logs/reports, etc.. unless specifically requested to do so.
    • If you have problems with or do not understand the instructions, Please ask before continuing.
    • Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.


    Let's take a look.

    Download aswMBR.exe to your desktop.

    Double click the aswMBR.exe to run it. If asked to download the Avast database please do so.

    Please post back with
    • aswMBR log
    • mbr.zip (attached)


    Click the "Scan" button to start scan


    On completion of the scan click save log, save it to your desktop and post in your next reply


    There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

    Please post back with
    • aswMBR log
    • mbr.zip (attached)
    Member of UNITE and ASAP

  3. #3
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default aswMBR

    aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
    Run date: 2012-03-06 19:34:48
    -----------------------------
    19:34:48.928 OS Version: Windows x64 6.1.7601 Service Pack 1
    19:34:48.928 Number of processors: 2 586 0x170A
    19:34:48.929 ComputerName: LAVILEV-PC UserName: LaviLev
    19:34:51.542 Initialize success
    19:35:35.941 AVAST engine defs: 12030600
    19:35:48.853 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
    19:35:48.856 Disk 0 Vendor: WDC_WD6400BEVT-60A0RT0 01.01A01 Size: 610480MB BusType: 11
    19:35:48.859 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
    19:35:48.862 Disk 1 Vendor: TOSHIBA_MK5055GSX FG001J Size: 476940MB BusType: 11
    19:35:48.866 Device \Driver\atapi -> MajorFunction fffffa800511e5c4
    19:35:48.916 Disk 1 MBR read successfully
    19:35:48.920 Disk 1 MBR scan
    19:35:48.926 Disk 1 MBR:Alureon-M [Rtk]
    19:35:48.930 Disk 1 TDL4@MBR code has been found
    19:35:48.934 Disk 1 Windows 7 default MBR code found via API
    19:35:48.940 Disk 1 MBR hidden
    19:35:48.945 Disk 1 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
    19:35:48.964 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
    19:35:48.983 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 366261 MB offset 25382700
    19:35:49.028 Disk 1 Partition 4 00 07 HPFS/NTFS NTFS 98283 MB offset 775487488
    19:35:49.036 Disk 1 MBR [TDL4] **ROOTKIT**
    19:35:49.043 Disk 1 trace - called modules:
    19:35:49.052 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800511e5c4]<<
    19:35:49.059 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004c4b060]
    19:35:49.066 3 CLASSPNP.SYS[fffff880019b843f] -> nt!IofCallDriver -> [0xfffffa8003c755e0]
    19:35:49.074 5 ACPI.sys[fffff88000eee7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003db0680]
    19:35:49.082 \Driver\atapi[0xfffffa800508a550] -> IRP_MJ_CREATE -> 0xfffffa800511e5c4
    19:35:50.871 AVAST engine scan C:\Windows
    19:35:53.837 AVAST engine scan C:\Windows\system32
    19:40:31.722 AVAST engine scan C:\Windows\system32\drivers
    19:40:48.587 AVAST engine scan C:\Users\LaviLev
    20:36:44.673 AVAST engine scan C:\ProgramData
    20:40:53.910 Scan finished successfully
    20:45:19.075 Disk 1 MBR has been saved successfully to "C:\Users\LaviLev\Desktop\FIXME\MBR.dat"
    20:45:19.083 The log file has been saved successfully to "C:\Users\LaviLev\Desktop\FIXME\DDS.txt"
    20:46:59.812 Disk 1 MBR has been saved successfully to "C:\Users\LaviLev\Desktop\MBR.dat"
    20:46:59.820 The log file has been saved successfully to "C:\Users\LaviLev\Desktop\aswMBR.txt"

  4. #4
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi lavilev,


    Download the latest version of TDSSKiller from here and save it to your Desktop.


    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    • Click the Start Scan button.

    • If a suspicious object is detected, the default action will be Skip, click on Continue.

    • If malicious objects are found, they will show in the Scan results and offer three (3) options.
    • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
    Member of UNITE and ASAP

  5. #5
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default TDSSKiller

    21:34:28.0690 5408 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
    21:34:29.0610 5408 ============================================================
    21:34:29.0610 5408 Current date / time: 2012/03/06 21:34:29.0610
    21:34:29.0610 5408 SystemInfo:
    21:34:29.0610 5408
    21:34:29.0610 5408 OS Version: 6.1.7601 ServicePack: 1.0
    21:34:29.0610 5408 Product type: Workstation
    21:34:29.0610 5408 ComputerName: LAVILEV-PC
    21:34:29.0610 5408 UserName: LaviLev
    21:34:29.0610 5408 Windows directory: C:\Windows
    21:34:29.0610 5408 System windows directory: C:\Windows
    21:34:29.0610 5408 Running under WOW64
    21:34:29.0610 5408 Processor architecture: Intel x64
    21:34:29.0610 5408 Number of processors: 2
    21:34:29.0610 5408 Page size: 0x1000
    21:34:29.0610 5408 Boot type: Normal boot
    21:34:29.0610 5408 ============================================================
    21:34:31.0576 5408 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    21:34:35.0117 5408 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    21:34:35.0195 5408 Drive \Device\Harddisk2\DR2 - Size: 0x1ECF00000 (7.70 Gb), SectorSize: 0x200, Cylinders: 0x3ED, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    21:34:35.0211 5408 \Device\Harddisk1\DR1:
    21:34:35.0226 5408 MBR used
    21:34:35.0226 5408 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
    21:34:35.0226 5408 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2CB5A904
    21:34:35.0226 5408 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2E390000, BlocksNum 0xBFF5800
    21:34:35.0226 5408 \Device\Harddisk0\DR0:
    21:34:35.0351 5408 MBR used
    21:34:35.0351 5408 \Device\Harddisk2\DR2:
    21:34:35.0351 5408 MBR used
    21:34:35.0351 5408 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0xF65800
    21:34:35.0507 5408 Initialize success
    21:34:35.0507 5408 ============================================================
    21:35:06.0723 6512 ============================================================
    21:35:06.0723 6512 Scan started
    21:35:06.0723 6512 Mode: Manual; SigCheck; TDLFS;
    21:35:06.0723 6512 ============================================================
    21:35:07.0830 6512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    21:35:08.0111 6512 1394ohci - ok
    21:35:08.0251 6512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    21:35:08.0267 6512 ACPI - ok
    21:35:08.0548 6512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    21:35:08.0641 6512 AcpiPmi - ok
    21:35:08.0751 6512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:35:08.0766 6512 adp94xx - ok
    21:35:08.0875 6512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    21:35:08.0891 6512 adpahci - ok
    21:35:09.0031 6512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    21:35:09.0031 6512 adpu320 - ok
    21:35:09.0219 6512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    21:35:09.0297 6512 AFD - ok
    21:35:09.0406 6512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    21:35:09.0421 6512 agp440 - ok
    21:35:09.0546 6512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    21:35:09.0546 6512 aliide - ok
    21:35:09.0655 6512 ALSysIO - ok
    21:35:09.0749 6512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    21:35:09.0765 6512 amdide - ok
    21:35:09.0858 6512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    21:35:09.0936 6512 AmdK8 - ok
    21:35:10.0045 6512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    21:35:10.0092 6512 AmdPPM - ok
    21:35:10.0201 6512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    21:35:10.0217 6512 amdsata - ok
    21:35:10.0311 6512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:35:10.0342 6512 amdsbs - ok
    21:35:10.0435 6512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    21:35:10.0435 6512 amdxata - ok
    21:35:10.0545 6512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    21:35:11.0106 6512 AppID - ok
    21:35:11.0247 6512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    21:35:11.0262 6512 arc - ok
    21:35:11.0371 6512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    21:35:11.0387 6512 arcsas - ok
    21:35:11.0512 6512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:35:11.0637 6512 AsyncMac - ok
    21:35:11.0746 6512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    21:35:11.0761 6512 atapi - ok
    21:35:11.0964 6512 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
    21:35:12.0183 6512 atikmdag - ok
    21:35:12.0323 6512 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    21:35:12.0401 6512 AVGIDSDriver - ok
    21:35:12.0541 6512 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    21:35:12.0557 6512 AVGIDSEH - ok
    21:35:12.0651 6512 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    21:35:12.0666 6512 AVGIDSFilter - ok
    21:35:12.0822 6512 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    21:35:12.0838 6512 Avgldx64 - ok
    21:35:12.0963 6512 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    21:35:12.0978 6512 Avgmfx64 - ok
    21:35:13.0181 6512 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    21:35:13.0181 6512 Avgrkx64 - ok
    21:35:13.0446 6512 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    21:35:13.0462 6512 Avgtdia - ok
    21:35:13.0680 6512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    21:35:13.0774 6512 b06bdrv - ok
    21:35:13.0883 6512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:35:13.0945 6512 b57nd60a - ok
    21:35:14.0086 6512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    21:35:14.0164 6512 Beep - ok
    21:35:14.0289 6512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:35:14.0335 6512 blbdrive - ok
    21:35:14.0491 6512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    21:35:14.0554 6512 bowser - ok
    21:35:14.0663 6512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:35:14.0710 6512 BrFiltLo - ok
    21:35:14.0819 6512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:35:14.0866 6512 BrFiltUp - ok
    21:35:14.0991 6512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    21:35:15.0053 6512 Brserid - ok
    21:35:15.0162 6512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:35:15.0193 6512 BrSerWdm - ok
    21:35:15.0287 6512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:35:15.0318 6512 BrUsbMdm - ok
    21:35:15.0412 6512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:35:15.0427 6512 BrUsbSer - ok
    21:35:15.0583 6512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
    21:35:15.0771 6512 BthEnum - ok
    21:35:15.0989 6512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:35:16.0020 6512 BTHMODEM - ok
    21:35:16.0161 6512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    21:35:16.0192 6512 BthPan - ok
    21:35:16.0317 6512 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
    21:35:16.0363 6512 BTHPORT - ok
    21:35:16.0597 6512 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
    21:35:16.0629 6512 BTHUSB - ok
    21:35:16.0909 6512 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
    21:35:16.0972 6512 CAXHWAZL - ok
    21:35:17.0097 6512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    21:35:17.0159 6512 cdfs - ok
    21:35:17.0393 6512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    21:35:17.0440 6512 cdrom - ok
    21:35:17.0549 6512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    21:35:17.0580 6512 circlass - ok
    21:35:17.0705 6512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    21:35:17.0736 6512 CLFS - ok
    21:35:17.0955 6512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:35:17.0986 6512 CmBatt - ok
    21:35:18.0095 6512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    21:35:18.0111 6512 cmdide - ok
    21:35:18.0282 6512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    21:35:18.0360 6512 CNG - ok
    21:35:18.0547 6512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    21:35:18.0547 6512 Compbatt - ok
    21:35:18.0688 6512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    21:35:18.0735 6512 CompositeBus - ok
    21:35:18.0828 6512 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
    21:35:18.0844 6512 cpudrv64 - ok
    21:35:18.0937 6512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:35:18.0953 6512 crcdisk - ok
    21:35:19.0109 6512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    21:35:19.0171 6512 DfsC - ok
    21:35:19.0281 6512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    21:35:19.0343 6512 discache - ok
    21:35:19.0452 6512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    21:35:19.0468 6512 Disk - ok
    21:35:19.0546 6512 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
    21:35:19.0546 6512 DKbFltr - ok
    21:35:19.0686 6512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    21:35:19.0717 6512 drmkaud - ok
    21:35:19.0827 6512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    21:35:19.0858 6512 DXGKrnl - ok
    21:35:20.0045 6512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    21:35:20.0154 6512 ebdrv - ok
    21:35:20.0279 6512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    21:35:20.0295 6512 elxstor - ok
    21:35:20.0419 6512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    21:35:20.0482 6512 ErrDev - ok
    21:35:20.0622 6512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    21:35:20.0685 6512 exfat - ok
    21:35:20.0887 6512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    21:35:20.0965 6512 fastfat - ok
    21:35:21.0090 6512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    21:35:21.0106 6512 fdc - ok
    21:35:21.0231 6512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    21:35:21.0246 6512 FileInfo - ok
    21:35:21.0355 6512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    21:35:21.0418 6512 Filetrace - ok
    21:35:21.0527 6512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:35:21.0543 6512 flpydisk - ok
    21:35:21.0636 6512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    21:35:21.0667 6512 FltMgr - ok
    21:35:21.0777 6512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    21:35:21.0792 6512 FsDepends - ok
    21:35:21.0886 6512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    21:35:21.0901 6512 Fs_Rec - ok
    21:35:22.0026 6512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    21:35:22.0042 6512 fvevol - ok
    21:35:22.0151 6512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:35:22.0167 6512 gagp30kx - ok
    21:35:22.0260 6512 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    21:35:22.0276 6512 GEARAspiWDM - ok
    21:35:22.0401 6512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    21:35:22.0463 6512 hcw85cir - ok
    21:35:22.0557 6512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    21:35:22.0619 6512 HdAudAddService - ok
    21:35:22.0728 6512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    21:35:22.0775 6512 HDAudBus - ok
    21:35:22.0884 6512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:35:22.0931 6512 HidBatt - ok
    21:35:23.0134 6512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    21:35:23.0181 6512 HidBth - ok
    21:35:23.0290 6512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    21:35:23.0337 6512 HidIr - ok
    21:35:23.0446 6512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    21:35:23.0477 6512 HidUsb - ok
    21:35:23.0571 6512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    21:35:23.0586 6512 HpSAMD - ok
    21:35:23.0727 6512 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
    21:35:23.0789 6512 HSF_DPV - ok
    21:35:23.0929 6512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    21:35:23.0992 6512 HTTP - ok
    21:35:24.0085 6512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    21:35:24.0101 6512 hwpolicy - ok
    21:35:24.0210 6512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    21:35:24.0226 6512 i8042prt - ok
    21:35:24.0351 6512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    21:35:24.0382 6512 iaStorV - ok
    21:35:24.0741 6512 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    21:35:25.0021 6512 igfx - ok
    21:35:25.0131 6512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    21:35:25.0146 6512 iirsp - ok
    21:35:25.0349 6512 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
    21:35:25.0427 6512 IntcAzAudAddService - ok
    21:35:25.0552 6512 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
    21:35:25.0614 6512 IntcHdmiAddService - ok
    21:35:25.0708 6512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    21:35:25.0723 6512 intelide - ok
    21:35:25.0833 6512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    21:35:25.0848 6512 intelppm - ok
    21:35:25.0989 6512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:35:26.0035 6512 IpFilterDriver - ok
    21:35:26.0160 6512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    21:35:26.0191 6512 IPMIDRV - ok
    21:35:26.0301 6512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    21:35:26.0347 6512 IPNAT - ok
    21:35:26.0472 6512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    21:35:26.0519 6512 IRENUM - ok
    21:35:26.0628 6512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    21:35:26.0644 6512 isapnp - ok
    21:35:26.0753 6512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    21:35:26.0769 6512 iScsiPrt - ok
    21:35:26.0893 6512 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
    21:35:26.0909 6512 k57nd60a - ok
    21:35:27.0049 6512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    21:35:27.0065 6512 kbdclass - ok
    21:35:27.0174 6512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    21:35:27.0205 6512 kbdhid - ok
    21:35:27.0346 6512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    21:35:27.0361 6512 KSecDD - ok
    21:35:27.0517 6512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    21:35:27.0533 6512 KSecPkg - ok
    21:35:27.0767 6512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    21:35:27.0892 6512 ksthunk - ok
    21:35:28.0048 6512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    21:35:28.0095 6512 lltdio - ok
    21:35:28.0219 6512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:35:28.0235 6512 LSI_FC - ok
    21:35:28.0344 6512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:35:28.0344 6512 LSI_SAS - ok
    21:35:28.0453 6512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:35:28.0469 6512 LSI_SAS2 - ok
    21:35:28.0578 6512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:35:28.0594 6512 LSI_SCSI - ok
    21:35:28.0703 6512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    21:35:28.0765 6512 luafv - ok
    21:35:28.0875 6512 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
    21:35:28.0890 6512 mcdbus - ok
    21:35:28.0999 6512 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    21:35:29.0031 6512 mdmxsdk - ok
    21:35:29.0140 6512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    21:35:29.0140 6512 megasas - ok
    21:35:29.0249 6512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:35:29.0265 6512 MegaSR - ok
    21:35:29.0389 6512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    21:35:29.0452 6512 Modem - ok
    21:35:29.0561 6512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    21:35:29.0592 6512 monitor - ok
    21:35:29.0748 6512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    21:35:29.0748 6512 mouclass - ok
    21:35:29.0920 6512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    21:35:29.0967 6512 mouhid - ok
    21:35:30.0481 6512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    21:35:30.0497 6512 mountmgr - ok
    21:35:30.0606 6512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    21:35:30.0622 6512 mpio - ok
    21:35:30.0731 6512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    21:35:30.0778 6512 mpsdrv - ok
    21:35:30.0918 6512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    21:35:30.0981 6512 MRxDAV - ok
    21:35:31.0090 6512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:35:31.0137 6512 mrxsmb - ok
    21:35:31.0261 6512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:35:31.0308 6512 mrxsmb10 - ok
    21:35:31.0433 6512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:35:31.0449 6512 mrxsmb20 - ok
    21:35:31.0558 6512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    21:35:31.0573 6512 msahci - ok
    21:35:31.0683 6512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    21:35:31.0698 6512 msdsm - ok
    21:35:31.0823 6512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    21:35:31.0854 6512 Msfs - ok
    21:35:31.0963 6512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    21:35:32.0026 6512 mshidkmdf - ok
    21:35:32.0135 6512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    21:35:32.0151 6512 msisadrv - ok
    21:35:32.0275 6512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    21:35:32.0322 6512 MSKSSRV - ok
    21:35:32.0416 6512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:35:32.0478 6512 MSPCLOCK - ok
    21:35:32.0634 6512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    21:35:32.0697 6512 MSPQM - ok
    21:35:32.0806 6512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    21:35:32.0837 6512 MsRPC - ok
    21:35:32.0946 6512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    21:35:32.0946 6512 mssmbios - ok
    21:35:33.0055 6512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    21:35:33.0118 6512 MSTEE - ok
    21:35:33.0227 6512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:35:33.0274 6512 MTConfig - ok
    21:35:33.0367 6512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    21:35:33.0383 6512 Mup - ok
    21:35:33.0492 6512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    21:35:33.0539 6512 NativeWifiP - ok
    21:35:33.0648 6512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    21:35:33.0679 6512 NDIS - ok
    21:35:33.0789 6512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    21:35:33.0835 6512 NdisCap - ok
    21:35:33.0945 6512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:35:33.0991 6512 NdisTapi - ok
    21:35:34.0132 6512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:35:34.0179 6512 Ndisuio - ok
    21:35:34.0288 6512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:35:34.0335 6512 NdisWan - ok
    21:35:34.0459 6512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    21:35:34.0506 6512 NDProxy - ok
    21:35:34.0615 6512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    21:35:34.0678 6512 NetBIOS - ok
    21:35:34.0803 6512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    21:35:34.0849 6512 NetBT - ok
    21:35:35.0146 6512 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
    21:35:35.0442 6512 NETw5s64 - ok
    21:35:35.0801 6512 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
    21:35:35.0988 6512 netw5v64 - ok
    21:35:36.0300 6512 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
    21:35:36.0550 6512 NETwNs64 - ok
    21:35:36.0643 6512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    21:35:36.0659 6512 nfrd960 - ok
    21:35:36.0799 6512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    21:35:36.0862 6512 Npfs - ok
    21:35:36.0955 6512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    21:35:37.0018 6512 nsiproxy - ok
    21:35:37.0174 6512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    21:35:37.0221 6512 Ntfs - ok
    21:35:37.0345 6512 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
    21:35:37.0345 6512 NTIDrvr - ok
    21:35:37.0455 6512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    21:35:37.0517 6512 Null - ok
    21:35:37.0642 6512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    21:35:37.0657 6512 nvraid - ok
    21:35:37.0782 6512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    21:35:37.0798 6512 nvstor - ok
    21:35:37.0907 6512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    21:35:37.0923 6512 nv_agp - ok
    21:35:38.0032 6512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    21:35:38.0063 6512 ohci1394 - ok
    21:35:38.0219 6512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    21:35:38.0235 6512 Parport - ok
    21:35:38.0359 6512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    21:35:38.0359 6512 partmgr - ok
    21:35:38.0469 6512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    21:35:38.0484 6512 pci - ok
    21:35:38.0593 6512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    21:35:38.0609 6512 pciide - ok
    21:35:38.0703 6512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:35:38.0718 6512 pcmcia - ok
    21:35:38.0827 6512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    21:35:38.0843 6512 pcw - ok
    21:35:38.0968 6512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    21:35:39.0030 6512 PEAUTH - ok
    21:35:39.0171 6512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    21:35:39.0217 6512 PptpMiniport - ok
    21:35:39.0327 6512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    21:35:39.0342 6512 Processor - ok
    21:35:39.0467 6512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    21:35:39.0514 6512 Psched - ok
    21:35:39.0654 6512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    21:35:39.0701 6512 ql2300 - ok
    21:35:39.0810 6512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:35:39.0826 6512 ql40xx - ok
    21:35:39.0919 6512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    21:35:39.0966 6512 QWAVEdrv - ok
    21:35:40.0060 6512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    21:35:40.0122 6512 RasAcd - ok
    21:35:40.0216 6512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:35:40.0263 6512 RasAgileVpn - ok
    21:35:40.0387 6512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:35:40.0434 6512 Rasl2tp - ok
    21:35:40.0528 6512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:35:40.0590 6512 RasPppoe - ok
    21:35:40.0933 6512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    21:35:40.0996 6512 RasSstp - ok
    21:35:41.0121 6512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    21:35:41.0167 6512 rdbss - ok
    21:35:41.0261 6512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:35:41.0292 6512 rdpbus - ok
    21:35:41.0417 6512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:35:41.0464 6512 RDPCDD - ok
    21:35:41.0573 6512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    21:35:41.0635 6512 RDPENCDD - ok
    21:35:41.0745 6512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    21:35:41.0791 6512 RDPREFMP - ok
    21:35:41.0901 6512 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    21:35:41.0947 6512 RDPWD - ok
    21:35:42.0057 6512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    21:35:42.0072 6512 rdyboost - ok
    21:35:42.0213 6512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    21:35:42.0244 6512 RFCOMM - ok
    21:35:42.0369 6512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    21:35:42.0431 6512 rspndr - ok
    21:35:42.0540 6512 RSUSBSTOR (fb39af63d6617f028ba0ebc21b83360d) C:\Windows\system32\Drivers\RtsUStor.sys
    21:35:42.0571 6512 RSUSBSTOR - ok
    21:35:42.0681 6512 RT-USB (5bdaf690fe82d8e531328de7e766fb7a) C:\Windows\system32\drivers\RT-USB64.SYS
    21:35:42.0696 6512 RT-USB - ok
    21:35:42.0805 6512 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
    21:35:42.0821 6512 RTHDMIAzAudService - ok
    21:35:42.0930 6512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    21:35:42.0930 6512 sbp2port - ok
    21:35:43.0086 6512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    21:35:43.0133 6512 scfilter - ok
    21:35:43.0258 6512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    21:35:43.0305 6512 secdrv - ok
    21:35:43.0414 6512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    21:35:43.0445 6512 Serenum - ok
    21:35:43.0539 6512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    21:35:43.0554 6512 Serial - ok
    21:35:43.0679 6512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    21:35:43.0710 6512 sermouse - ok
    21:35:43.0819 6512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    21:35:43.0866 6512 sffdisk - ok
    21:35:43.0960 6512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    21:35:43.0991 6512 sffp_mmc - ok
    21:35:44.0116 6512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    21:35:44.0147 6512 sffp_sd - ok
    21:35:44.0256 6512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:35:44.0272 6512 sfloppy - ok
    21:35:44.0397 6512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:35:44.0412 6512 SiSRaid2 - ok
    21:35:44.0537 6512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:35:44.0553 6512 SiSRaid4 - ok
    21:35:44.0646 6512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    21:35:44.0693 6512 Smb - ok
    21:35:44.0818 6512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    21:35:44.0833 6512 spldr - ok
    21:35:44.0974 6512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    21:35:45.0021 6512 srv - ok
    21:35:45.0145 6512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    21:35:45.0192 6512 srv2 - ok
    21:35:45.0317 6512 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    21:35:45.0333 6512 SrvHsfHDA - ok
    21:35:45.0489 6512 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    21:35:45.0551 6512 SrvHsfV92 - ok
    21:35:45.0676 6512 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    21:35:45.0707 6512 SrvHsfWinac - ok
    21:35:45.0816 6512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    21:35:45.0847 6512 srvnet - ok
    21:35:46.0035 6512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    21:35:46.0050 6512 stexstor - ok
    21:35:46.0206 6512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    21:35:46.0206 6512 swenum - ok
    21:35:46.0331 6512 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
    21:35:46.0347 6512 SynTP - ok
    21:35:46.0534 6512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    21:35:46.0581 6512 Tcpip - ok
    21:35:46.0737 6512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    21:35:46.0783 6512 TCPIP6 - ok
    21:35:46.0908 6512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    21:35:46.0955 6512 tcpipreg - ok
    21:35:47.0064 6512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    21:35:47.0127 6512 TDPIPE - ok
    21:35:47.0220 6512 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    21:35:47.0267 6512 TDTCP - ok
    21:35:47.0376 6512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    21:35:47.0423 6512 tdx - ok
    21:35:47.0532 6512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    21:35:47.0548 6512 TermDD - ok
    21:35:47.0688 6512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:35:47.0735 6512 tssecsrv - ok
    21:35:47.0844 6512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    21:35:47.0891 6512 TsUsbFlt - ok
    21:35:48.0000 6512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    21:35:48.0047 6512 tunnel - ok
    21:35:48.0156 6512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    21:35:48.0172 6512 uagp35 - ok
    21:35:48.0297 6512 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
    21:35:48.0297 6512 UBHelper - ok
    21:35:48.0406 6512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    21:35:48.0468 6512 udfs - ok
    21:35:48.0593 6512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    21:35:48.0609 6512 uliagpkx - ok
    21:35:48.0718 6512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    21:35:48.0749 6512 umbus - ok
    21:35:48.0843 6512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    21:35:48.0874 6512 UmPass - ok
    21:35:49.0014 6512 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    21:35:49.0045 6512 USBAAPL64 - ok
    21:35:49.0155 6512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:35:49.0170 6512 usbccgp - ok
    21:35:49.0279 6512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    21:35:49.0311 6512 usbcir - ok
    21:35:49.0420 6512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:35:49.0467 6512 usbehci - ok
    21:35:49.0607 6512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    21:35:49.0654 6512 usbhub - ok
    21:35:49.0763 6512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    21:35:49.0779 6512 usbohci - ok
    21:35:49.0872 6512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    21:35:49.0919 6512 usbprint - ok
    21:35:50.0028 6512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:35:50.0091 6512 USBSTOR - ok
    21:35:50.0200 6512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:35:50.0215 6512 usbuhci - ok
    21:35:50.0340 6512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    21:35:50.0371 6512 usbvideo - ok
    21:35:50.0481 6512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    21:35:50.0496 6512 vdrvroot - ok
    21:35:50.0605 6512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:35:50.0621 6512 vga - ok
    21:35:50.0730 6512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    21:35:50.0777 6512 VgaSave - ok
    21:35:50.0902 6512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    21:35:50.0917 6512 vhdmp - ok
    21:35:51.0027 6512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    21:35:51.0042 6512 viaide - ok
    21:35:51.0151 6512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    21:35:51.0167 6512 volmgr - ok
    21:35:51.0292 6512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    21:35:51.0307 6512 volmgrx - ok
    21:35:51.0432 6512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    21:35:51.0448 6512 volsnap - ok
    21:35:51.0541 6512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:35:51.0557 6512 vsmraid - ok
    21:35:51.0682 6512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    21:35:51.0697 6512 vwifibus - ok
    21:35:51.0807 6512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    21:35:51.0838 6512 vwififlt - ok
    21:35:51.0947 6512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    21:35:51.0978 6512 WacomPen - ok
    21:35:52.0087 6512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:35:52.0134 6512 WANARP - ok
    21:35:52.0134 6512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:35:52.0181 6512 Wanarpv6 - ok
    21:35:52.0306 6512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    21:35:52.0321 6512 Wd - ok
    21:35:52.0446 6512 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
    21:35:52.0477 6512 WDC_SAM - ok
    21:35:52.0587 6512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    21:35:52.0618 6512 Wdf01000 - ok
    21:35:52.0743 6512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:35:52.0789 6512 WfpLwf - ok
    21:35:52.0883 6512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    21:35:52.0899 6512 WIMMount - ok
    21:35:53.0008 6512 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
    21:35:53.0039 6512 winachsf - ok
    21:35:53.0179 6512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    21:35:53.0211 6512 WinUsb - ok
    21:35:53.0351 6512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    21:35:53.0382 6512 WmiAcpi - ok
    21:35:53.0491 6512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    21:35:53.0554 6512 ws2ifsl - ok
    21:35:53.0694 6512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    21:35:53.0772 6512 WudfPf - ok
    21:35:53.0881 6512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:35:53.0944 6512 WUDFRd - ok
    21:35:54.0069 6512 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
    21:35:54.0100 6512 XAudio - ok
    21:35:54.0147 6512 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk1\DR1
    21:35:54.0178 6512 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.b ) - infected
    21:35:54.0178 6512 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Pihar.b (0)
    21:35:54.0895 6512 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
    21:35:54.0895 6512 \Device\Harddisk1\DR1 - detected TDSS File System (1)
    21:35:58.0593 6512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    21:35:58.0718 6512 \Device\Harddisk0\DR0 - ok
    21:35:58.0718 6512 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
    21:35:58.0874 6512 \Device\Harddisk2\DR2 - ok
    21:35:58.0936 6512 Boot (0x1200) (c88a41d745e96a715af83e66473ed0d6) \Device\Harddisk1\DR1\Partition0
    21:35:58.0936 6512 \Device\Harddisk1\DR1\Partition0 - ok
    21:35:58.0936 6512 Boot (0x1200) (e24e5a9cdfa81f012d3bf0ca5e7fb140) \Device\Harddisk1\DR1\Partition1
    21:35:58.0936 6512 \Device\Harddisk1\DR1\Partition1 - ok
    21:35:58.0967 6512 Boot (0x1200) (4f9b06b3665e975f5efd4a5ee05a7d75) \Device\Harddisk1\DR1\Partition2
    21:35:58.0967 6512 \Device\Harddisk1\DR1\Partition2 - ok
    21:35:58.0983 6512 Boot (0x1200) (e7e2a9958803d0809296baad4334f5e5) \Device\Harddisk2\DR2\Partition0
    21:35:58.0983 6512 \Device\Harddisk2\DR2\Partition0 - ok
    21:35:58.0983 6512 ============================================================
    21:35:58.0983 6512 Scan finished
    21:35:58.0983 6512 ============================================================
    21:35:58.0998 6368 Detected object count: 2
    21:35:58.0998 6368 Actual detected object count: 2
    21:36:51.0680 6368 \Device\Harddisk1\DR1\# - copied to quarantine
    21:36:51.0680 6368 \Device\Harddisk1\DR1 - copied to quarantine
    21:36:51.0711 6368 \Device\Harddisk1\DR1\TDLFS\ph.dll - copied to quarantine
    21:36:51.0711 6368 \Device\Harddisk1\DR1\TDLFS\phx.dll - copied to quarantine
    21:36:51.0711 6368 \Device\Harddisk1\DR1\TDLFS\sub.dll - copied to quarantine
    21:36:51.0711 6368 \Device\Harddisk1\DR1\TDLFS\subx.dll - copied to quarantine
    21:36:51.0726 6368 \Device\Harddisk1\DR1\TDLFS\phd - copied to quarantine
    21:36:51.0726 6368 \Device\Harddisk1\DR1\TDLFS\phdx - copied to quarantine
    21:36:51.0726 6368 \Device\Harddisk1\DR1\TDLFS\phs - copied to quarantine
    21:36:51.0726 6368 \Device\Harddisk1\DR1\TDLFS\phdata - copied to quarantine
    21:36:51.0742 6368 \Device\Harddisk1\DR1\TDLFS\phld - copied to quarantine
    21:36:51.0742 6368 \Device\Harddisk1\DR1\TDLFS\phln - copied to quarantine
    21:36:51.0742 6368 \Device\Harddisk1\DR1\TDLFS\phlx - copied to quarantine
    21:36:51.0742 6368 \Device\Harddisk1\DR1\TDLFS\phm - copied to quarantine
    21:36:51.0773 6368 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
    21:36:51.0773 6368 \Device\Harddisk1\DR1 - ok
    21:36:52.0366 6368 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
    21:36:52.0366 6368 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
    21:36:52.0366 6368 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
    21:37:10.0072 1592 Deinitialize success

  6. #6
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi lavilev,

    Please rerun TDSSKiller. When you are presented with

    21:35:54.0895 6512 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
    21:35:54.0895 6512 \Device\Harddisk1\DR1 - detected TDSS File System (1)
    please use the dropdown menu and select delete.

    Next

    Please rerun aswMBR.

    Please post back with
    • TDSSKiller log
    • aswMBR log
    How's the computer?
    Member of UNITE and ASAP

  7. #7
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default

    aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
    Run date: 2012-03-06 23:04:56
    -----------------------------
    23:04:56.592 OS Version: Windows x64 6.1.7601 Service Pack 1
    23:04:56.592 Number of processors: 2 586 0x170A
    23:04:56.593 ComputerName: LAVILEV-PC UserName: LaviLev
    23:04:57.782 Initialize success
    23:05:03.527 AVAST engine defs: 12030600
    23:05:07.296 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
    23:05:07.299 Disk 0 Vendor: WDC_WD6400BEVT-60A0RT0 01.01A01 Size: 610480MB BusType: 11
    23:05:07.302 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
    23:05:07.305 Disk 1 Vendor: TOSHIBA_MK5055GSX FG001J Size: 476940MB BusType: 11
    23:05:07.349 Disk 1 MBR read successfully
    23:05:07.353 Disk 1 MBR scan
    23:05:07.376 Disk 1 Windows 7 default MBR code
    23:05:07.380 Disk 1 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
    23:05:07.398 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
    23:05:07.417 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 366261 MB offset 25382700
    23:05:07.450 Disk 1 Partition 4 00 07 HPFS/NTFS NTFS 98283 MB offset 775487488
    23:05:07.484 Disk 1 scanning C:\Windows\system32\drivers
    23:05:18.795 Service scanning
    23:05:40.370 Modules scanning
    23:05:40.380 Disk 1 trace - called modules:
    23:05:40.419 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
    23:05:40.426 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004c2c060]
    23:05:40.433 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8003c75450]
    23:05:40.440 5 ACPI.sys[fffff88000f887a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003db0060]
    23:05:41.389 AVAST engine scan C:\Windows
    23:05:43.563 AVAST engine scan C:\Windows\system32
    23:09:11.605 AVAST engine scan C:\Windows\system32\drivers
    23:09:25.773 AVAST engine scan C:\Users\LaviLev
    00:04:38.553 AVAST engine scan C:\ProgramData
    00:06:28.892 Scan finished successfully
    00:07:24.662 Disk 1 MBR has been saved successfully to "C:\Users\LaviLev\Desktop\MBR.dat"
    00:07:24.677 The log file has been saved successfully to "C:\Users\LaviLev\Desktop\aswMBR.txt"

  8. #8
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default

    23:02:50.0918 3920 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
    23:02:51.0163 3920 ============================================================
    23:02:51.0163 3920 Current date / time: 2012/03/06 23:02:51.0163
    23:02:51.0163 3920 SystemInfo:
    23:02:51.0163 3920
    23:02:51.0163 3920 OS Version: 6.1.7601 ServicePack: 1.0
    23:02:51.0163 3920 Product type: Workstation
    23:02:51.0163 3920 ComputerName: LAVILEV-PC
    23:02:51.0164 3920 UserName: LaviLev
    23:02:51.0164 3920 Windows directory: C:\Windows
    23:02:51.0164 3920 System windows directory: C:\Windows
    23:02:51.0164 3920 Running under WOW64
    23:02:51.0164 3920 Processor architecture: Intel x64
    23:02:51.0164 3920 Number of processors: 2
    23:02:51.0164 3920 Page size: 0x1000
    23:02:51.0164 3920 Boot type: Normal boot
    23:02:51.0164 3920 ============================================================
    23:02:52.0291 3920 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    23:02:55.0897 3920 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    23:02:55.0904 3920 Drive \Device\Harddisk2\DR2 - Size: 0x1ECF00000 (7.70 Gb), SectorSize: 0x200, Cylinders: 0x3ED, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    23:02:55.0908 3920 \Device\Harddisk1\DR1:
    23:02:55.0926 3920 MBR used
    23:02:55.0926 3920 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
    23:02:55.0926 3920 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2CB5A904
    23:02:55.0926 3920 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2E390000, BlocksNum 0xBFF5800
    23:02:55.0926 3920 \Device\Harddisk0\DR0:
    23:02:55.0942 3920 MBR used
    23:02:55.0942 3920 \Device\Harddisk2\DR2:
    23:02:55.0943 3920 MBR used
    23:02:55.0943 3920 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0xF65800
    23:02:56.0093 3920 Initialize success
    23:02:56.0093 3920 ============================================================
    23:03:07.0052 4056 ============================================================
    23:03:07.0052 4056 Scan started
    23:03:07.0052 4056 Mode: Manual; SigCheck; TDLFS;
    23:03:07.0052 4056 ============================================================
    23:03:07.0631 4056 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    23:03:07.0714 4056 1394ohci - ok
    23:03:07.0857 4056 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    23:03:07.0874 4056 ACPI - ok
    23:03:07.0995 4056 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    23:03:08.0028 4056 AcpiPmi - ok
    23:03:08.0137 4056 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    23:03:08.0156 4056 adp94xx - ok
    23:03:08.0289 4056 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    23:03:08.0306 4056 adpahci - ok
    23:03:08.0427 4056 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    23:03:08.0441 4056 adpu320 - ok
    23:03:08.0595 4056 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    23:03:08.0652 4056 AFD - ok
    23:03:08.0762 4056 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    23:03:08.0775 4056 agp440 - ok
    23:03:08.0887 4056 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    23:03:08.0899 4056 aliide - ok
    23:03:08.0997 4056 ALSysIO - ok
    23:03:09.0101 4056 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    23:03:09.0113 4056 amdide - ok
    23:03:09.0203 4056 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    23:03:09.0272 4056 AmdK8 - ok
    23:03:09.0368 4056 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    23:03:09.0415 4056 AmdPPM - ok
    23:03:09.0523 4056 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    23:03:09.0536 4056 amdsata - ok
    23:03:09.0632 4056 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    23:03:09.0647 4056 amdsbs - ok
    23:03:09.0744 4056 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    23:03:09.0756 4056 amdxata - ok
    23:03:09.0864 4056 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    23:03:09.0936 4056 AppID - ok
    23:03:10.0060 4056 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    23:03:10.0073 4056 arc - ok
    23:03:10.0175 4056 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    23:03:10.0187 4056 arcsas - ok
    23:03:10.0313 4056 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    23:03:10.0371 4056 AsyncMac - ok
    23:03:10.0484 4056 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    23:03:10.0496 4056 atapi - ok
    23:03:10.0700 4056 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
    23:03:10.0808 4056 atikmdag - ok
    23:03:10.0946 4056 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    23:03:10.0970 4056 AVGIDSDriver - ok
    23:03:11.0103 4056 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    23:03:11.0112 4056 AVGIDSEH - ok
    23:03:11.0218 4056 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    23:03:11.0228 4056 AVGIDSFilter - ok
    23:03:11.0349 4056 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    23:03:11.0363 4056 Avgldx64 - ok
    23:03:11.0488 4056 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    23:03:11.0497 4056 Avgmfx64 - ok
    23:03:11.0624 4056 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    23:03:11.0634 4056 Avgrkx64 - ok
    23:03:11.0767 4056 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    23:03:11.0783 4056 Avgtdia - ok
    23:03:11.0922 4056 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    23:03:11.0977 4056 b06bdrv - ok
    23:03:12.0091 4056 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    23:03:12.0153 4056 b57nd60a - ok
    23:03:12.0291 4056 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    23:03:12.0370 4056 Beep - ok
    23:03:12.0498 4056 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    23:03:12.0537 4056 blbdrive - ok
    23:03:12.0678 4056 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    23:03:12.0740 4056 bowser - ok
    23:03:12.0849 4056 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    23:03:12.0883 4056 BrFiltLo - ok
    23:03:12.0994 4056 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    23:03:13.0010 4056 BrFiltUp - ok
    23:03:13.0127 4056 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    23:03:13.0178 4056 Brserid - ok
    23:03:13.0283 4056 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    23:03:13.0310 4056 BrSerWdm - ok
    23:03:13.0406 4056 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    23:03:13.0430 4056 BrUsbMdm - ok
    23:03:13.0528 4056 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    23:03:13.0549 4056 BrUsbSer - ok
    23:03:13.0677 4056 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
    23:03:13.0748 4056 BthEnum - ok
    23:03:13.0841 4056 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    23:03:13.0874 4056 BTHMODEM - ok
    23:03:13.0992 4056 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    23:03:14.0025 4056 BthPan - ok
    23:03:14.0147 4056 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
    23:03:14.0185 4056 BTHPORT - ok
    23:03:14.0315 4056 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
    23:03:14.0350 4056 BTHUSB - ok
    23:03:14.0484 4056 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
    23:03:14.0537 4056 CAXHWAZL - ok
    23:03:14.0645 4056 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    23:03:14.0705 4056 cdfs - ok
    23:03:14.0824 4056 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    23:03:14.0860 4056 cdrom - ok
    23:03:14.0973 4056 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    23:03:15.0012 4056 circlass - ok
    23:03:15.0159 4056 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    23:03:15.0176 4056 CLFS - ok
    23:03:15.0307 4056 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    23:03:15.0336 4056 CmBatt - ok
    23:03:15.0450 4056 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    23:03:15.0462 4056 cmdide - ok
    23:03:15.0592 4056 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    23:03:15.0616 4056 CNG - ok
    23:03:15.0722 4056 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    23:03:15.0733 4056 Compbatt - ok
    23:03:15.0863 4056 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    23:03:15.0899 4056 CompositeBus - ok
    23:03:15.0989 4056 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
    23:03:16.0001 4056 cpudrv64 - ok
    23:03:16.0102 4056 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    23:03:16.0113 4056 crcdisk - ok
    23:03:16.0266 4056 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    23:03:16.0320 4056 DfsC - ok
    23:03:16.0434 4056 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    23:03:16.0492 4056 discache - ok
    23:03:16.0604 4056 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    23:03:16.0616 4056 Disk - ok
    23:03:16.0688 4056 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
    23:03:16.0698 4056 DKbFltr - ok
    23:03:16.0823 4056 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    23:03:16.0848 4056 drmkaud - ok
    23:03:16.0968 4056 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    23:03:16.0999 4056 DXGKrnl - ok
    23:03:17.0161 4056 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    23:03:17.0211 4056 ebdrv - ok
    23:03:17.0338 4056 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    23:03:17.0358 4056 elxstor - ok
    23:03:17.0464 4056 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    23:03:17.0517 4056 ErrDev - ok
    23:03:17.0637 4056 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    23:03:17.0696 4056 exfat - ok
    23:03:17.0812 4056 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    23:03:17.0880 4056 fastfat - ok
    23:03:17.0988 4056 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    23:03:18.0035 4056 fdc - ok
    23:03:18.0163 4056 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    23:03:18.0175 4056 FileInfo - ok
    23:03:18.0281 4056 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    23:03:18.0352 4056 Filetrace - ok
    23:03:18.0458 4056 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    23:03:18.0475 4056 flpydisk - ok
    23:03:18.0590 4056 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    23:03:18.0606 4056 FltMgr - ok
    23:03:18.0713 4056 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    23:03:18.0725 4056 FsDepends - ok
    23:03:18.0824 4056 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    23:03:18.0836 4056 Fs_Rec - ok
    23:03:18.0959 4056 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    23:03:18.0976 4056 fvevol - ok
    23:03:19.0087 4056 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    23:03:19.0099 4056 gagp30kx - ok
    23:03:19.0212 4056 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    23:03:19.0221 4056 GEARAspiWDM - ok
    23:03:19.0348 4056 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    23:03:19.0404 4056 hcw85cir - ok
    23:03:19.0509 4056 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    23:03:19.0547 4056 HdAudAddService - ok
    23:03:19.0658 4056 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    23:03:19.0697 4056 HDAudBus - ok
    23:03:19.0804 4056 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    23:03:19.0840 4056 HidBatt - ok
    23:03:19.0948 4056 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    23:03:19.0980 4056 HidBth - ok
    23:03:20.0089 4056 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    23:03:20.0128 4056 HidIr - ok
    23:03:20.0237 4056 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    23:03:20.0264 4056 HidUsb - ok
    23:03:20.0369 4056 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    23:03:20.0381 4056 HpSAMD - ok
    23:03:20.0527 4056 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
    23:03:20.0578 4056 HSF_DPV - ok
    23:03:20.0721 4056 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    23:03:20.0793 4056 HTTP - ok
    23:03:20.0896 4056 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    23:03:20.0907 4056 hwpolicy - ok
    23:03:21.0016 4056 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    23:03:21.0031 4056 i8042prt - ok
    23:03:21.0147 4056 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    23:03:21.0165 4056 iaStorV - ok
    23:03:21.0419 4056 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    23:03:21.0630 4056 igfx - ok
    23:03:21.0733 4056 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    23:03:21.0745 4056 iirsp - ok
    23:03:21.0898 4056 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
    23:03:21.0936 4056 IntcAzAudAddService - ok
    23:03:22.0045 4056 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
    23:03:22.0073 4056 IntcHdmiAddService - ok
    23:03:22.0184 4056 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    23:03:22.0195 4056 intelide - ok
    23:03:22.0308 4056 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    23:03:22.0337 4056 intelppm - ok
    23:03:22.0463 4056 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    23:03:22.0522 4056 IpFilterDriver - ok
    23:03:22.0626 4056 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    23:03:22.0656 4056 IPMIDRV - ok
    23:03:22.0770 4056 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    23:03:22.0823 4056 IPNAT - ok
    23:03:22.0938 4056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    23:03:22.0958 4056 IRENUM - ok
    23:03:23.0065 4056 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    23:03:23.0077 4056 isapnp - ok
    23:03:23.0186 4056 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    23:03:23.0201 4056 iScsiPrt - ok
    23:03:23.0329 4056 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
    23:03:23.0346 4056 k57nd60a - ok
    23:03:23.0453 4056 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    23:03:23.0465 4056 kbdclass - ok
    23:03:23.0571 4056 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    23:03:23.0603 4056 kbdhid - ok
    23:03:23.0721 4056 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    23:03:23.0734 4056 KSecDD - ok
    23:03:23.0841 4056 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    23:03:23.0855 4056 KSecPkg - ok
    23:03:23.0954 4056 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    23:03:24.0005 4056 ksthunk - ok
    23:03:24.0135 4056 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    23:03:24.0191 4056 lltdio - ok
    23:03:24.0307 4056 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    23:03:24.0320 4056 LSI_FC - ok
    23:03:24.0429 4056 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    23:03:24.0442 4056 LSI_SAS - ok
    23:03:24.0552 4056 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    23:03:24.0566 4056 LSI_SAS2 - ok
    23:03:24.0666 4056 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    23:03:24.0680 4056 LSI_SCSI - ok
    23:03:24.0794 4056 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    23:03:24.0852 4056 luafv - ok
    23:03:24.0962 4056 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
    23:03:24.0978 4056 mcdbus - ok
    23:03:25.0080 4056 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    23:03:25.0110 4056 mdmxsdk - ok
    23:03:25.0216 4056 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    23:03:25.0228 4056 megasas - ok
    23:03:25.0335 4056 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    23:03:25.0352 4056 MegaSR - ok
    23:03:25.0464 4056 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    23:03:25.0513 4056 Modem - ok
    23:03:25.0617 4056 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    23:03:25.0636 4056 monitor - ok
    23:03:25.0756 4056 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    23:03:25.0769 4056 mouclass - ok
    23:03:25.0884 4056 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    23:03:25.0913 4056 mouhid - ok
    23:03:26.0020 4056 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    23:03:26.0033 4056 mountmgr - ok
    23:03:26.0141 4056 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    23:03:26.0154 4056 mpio - ok
    23:03:26.0262 4056 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    23:03:26.0320 4056 mpsdrv - ok
    23:03:26.0438 4056 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    23:03:26.0509 4056 MRxDAV - ok
    23:03:26.0610 4056 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    23:03:26.0653 4056 mrxsmb - ok
    23:03:26.0775 4056 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    23:03:26.0807 4056 mrxsmb10 - ok
    23:03:26.0930 4056 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    23:03:26.0947 4056 mrxsmb20 - ok
    23:03:27.0053 4056 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    23:03:27.0065 4056 msahci - ok
    23:03:27.0181 4056 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    23:03:27.0195 4056 msdsm - ok
    23:03:27.0323 4056 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    23:03:27.0363 4056 Msfs - ok
    23:03:27.0460 4056 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    23:03:27.0534 4056 mshidkmdf - ok
    23:03:27.0636 4056 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    23:03:27.0647 4056 msisadrv - ok
    23:03:27.0751 4056 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    23:03:27.0805 4056 MSKSSRV - ok
    23:03:27.0905 4056 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    23:03:27.0956 4056 MSPCLOCK - ok
    23:03:28.0073 4056 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    23:03:28.0122 4056 MSPQM - ok
    23:03:28.0238 4056 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    23:03:28.0256 4056 MsRPC - ok
    23:03:28.0365 4056 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    23:03:28.0377 4056 mssmbios - ok
    23:03:28.0481 4056 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    23:03:28.0537 4056 MSTEE - ok
    23:03:28.0639 4056 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    23:03:28.0692 4056 MTConfig - ok
    23:03:28.0790 4056 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    23:03:28.0803 4056 Mup - ok
    23:03:28.0912 4056 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    23:03:28.0949 4056 NativeWifiP - ok
    23:03:29.0070 4056 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    23:03:29.0097 4056 NDIS - ok
    23:03:29.0188 4056 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    23:03:29.0242 4056 NdisCap - ok
    23:03:29.0347 4056 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    23:03:29.0413 4056 NdisTapi - ok
    23:03:29.0542 4056 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    23:03:29.0594 4056 Ndisuio - ok
    23:03:29.0700 4056 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    23:03:29.0755 4056 NdisWan - ok
    23:03:29.0870 4056 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    23:03:29.0927 4056 NDProxy - ok
    23:03:30.0032 4056 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    23:03:30.0086 4056 NetBIOS - ok
    23:03:30.0203 4056 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    23:03:30.0245 4056 NetBT - ok
    23:03:30.0554 4056 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
    23:03:30.0794 4056 NETw5s64 - ok
    23:03:31.0047 4056 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
    23:03:31.0251 4056 netw5v64 - ok
    23:03:31.0545 4056 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
    23:03:31.0801 4056 NETwNs64 - ok
    23:03:31.0899 4056 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    23:03:31.0911 4056 nfrd960 - ok
    23:03:32.0044 4056 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    23:03:32.0093 4056 Npfs - ok
    23:03:32.0094 4056 Scan interrupted by user!
    23:03:32.0094 4056 Scan interrupted by user!
    23:03:32.0094 4056 Scan interrupted by user!
    23:03:32.0094 4056 ============================================================
    23:03:32.0094 4056 Scan finished
    23:03:32.0094 4056 ============================================================
    23:03:32.0105 3404 Detected object count: 0
    23:03:32.0105 3404 Actual detected object count: 0
    23:03:35.0679 1428 ============================================================
    23:03:35.0679 1428 Scan started
    23:03:35.0679 1428 Mode: Manual; SigCheck; TDLFS;
    23:03:35.0679 1428 ============================================================
    23:03:36.0145 1428 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    23:03:36.0170 1428 1394ohci - ok
    23:03:36.0283 1428 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    23:03:36.0299 1428 ACPI - ok
    23:03:36.0409 1428 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    23:03:36.0426 1428 AcpiPmi - ok
    23:03:36.0529 1428 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    23:03:36.0548 1428 adp94xx - ok
    23:03:36.0647 1428 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    23:03:36.0663 1428 adpahci - ok
    23:03:36.0764 1428 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    23:03:36.0777 1428 adpu320 - ok
    23:03:36.0898 1428 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    23:03:36.0917 1428 AFD - ok
    23:03:37.0021 1428 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    23:03:37.0033 1428 agp440 - ok
    23:03:37.0146 1428 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    23:03:37.0157 1428 aliide - ok
    23:03:37.0223 1428 ALSysIO - ok
    23:03:37.0326 1428 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    23:03:37.0337 1428 amdide - ok
    23:03:37.0428 1428 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    23:03:37.0443 1428 AmdK8 - ok
    23:03:37.0548 1428 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    23:03:37.0563 1428 AmdPPM - ok
    23:03:37.0660 1428 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    23:03:37.0672 1428 amdsata - ok
    23:03:37.0769 1428 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    23:03:37.0783 1428 amdsbs - ok
    23:03:37.0881 1428 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    23:03:37.0892 1428 amdxata - ok
    23:03:38.0000 1428 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    23:03:38.0036 1428 AppID - ok
    23:03:38.0151 1428 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    23:03:38.0163 1428 arc - ok
    23:03:38.0265 1428 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    23:03:38.0278 1428 arcsas - ok
    23:03:38.0382 1428 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    23:03:38.0418 1428 AsyncMac - ok
    23:03:38.0531 1428 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    23:03:38.0542 1428 atapi - ok
    23:03:38.0735 1428 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
    23:03:38.0806 1428 atikmdag - ok
    23:03:38.0926 1428 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    23:03:38.0938 1428 AVGIDSDriver - ok
    23:03:39.0039 1428 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    23:03:39.0048 1428 AVGIDSEH - ok
    23:03:39.0142 1428 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    23:03:39.0151 1428 AVGIDSFilter - ok
    23:03:39.0262 1428 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    23:03:39.0274 1428 Avgldx64 - ok
    23:03:39.0368 1428 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    23:03:39.0378 1428 Avgmfx64 - ok
    23:03:39.0493 1428 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    23:03:39.0502 1428 Avgrkx64 - ok
    23:03:39.0613 1428 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    23:03:39.0627 1428 Avgtdia - ok
    23:03:39.0746 1428 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    23:03:39.0765 1428 b06bdrv - ok
    23:03:39.0871 1428 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    23:03:39.0888 1428 b57nd60a - ok
    23:03:39.0993 1428 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    23:03:40.0030 1428 Beep - ok
    23:03:40.0134 1428 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    23:03:40.0148 1428 blbdrive - ok
    23:03:40.0247 1428 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    23:03:40.0260 1428 bowser - ok
    23:03:40.0362 1428 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    23:03:40.0379 1428 BrFiltLo - ok
    23:03:40.0485 1428 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    23:03:40.0501 1428 BrFiltUp - ok
    23:03:40.0606 1428 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    23:03:40.0624 1428 Brserid - ok
    23:03:40.0730 1428 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    23:03:40.0746 1428 BrSerWdm - ok
    23:03:40.0841 1428 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    23:03:40.0857 1428 BrUsbMdm - ok
    23:03:40.0952 1428 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    23:03:40.0966 1428 BrUsbSer - ok
    23:03:41.0079 1428 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
    23:03:41.0093 1428 BthEnum - ok
    23:03:41.0188 1428 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    23:03:41.0205 1428 BTHMODEM - ok
    23:03:41.0316 1428 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    23:03:41.0333 1428 BthPan - ok
    23:03:41.0460 1428 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
    23:03:41.0479 1428 BTHPORT - ok
    23:03:41.0594 1428 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
    23:03:41.0608 1428 BTHUSB - ok
    23:03:41.0709 1428 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
    23:03:41.0726 1428 CAXHWAZL - ok
    23:03:41.0825 1428 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    23:03:41.0861 1428 cdfs - ok
    23:03:41.0959 1428 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    23:03:41.0975 1428 cdrom - ok
    23:03:42.0075 1428 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    23:03:42.0092 1428 circlass - ok
    23:03:42.0183 1428 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    23:03:42.0199 1428 CLFS - ok
    23:03:42.0309 1428 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    23:03:42.0322 1428 CmBatt - ok
    23:03:42.0430 1428 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    23:03:42.0441 1428 cmdide - ok
    23:03:42.0549 1428 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    23:03:42.0573 1428 CNG - ok
    23:03:42.0668 1428 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    23:03:42.0680 1428 Compbatt - ok
    23:03:42.0787 1428 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    23:03:42.0804 1428 CompositeBus - ok
    23:03:42.0869 1428 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
    23:03:42.0878 1428 cpudrv64 - ok
    23:03:42.0982 1428 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    23:03:42.0993 1428 crcdisk - ok

  9. #9
    Junior Member
    Join Date
    Mar 2012
    Posts
    15

    Default

    23:03:43.0112 1428 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    23:03:43.0148 1428 DfsC - ok
    23:03:43.0247 1428 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    23:03:43.0284 1428 discache - ok
    23:03:43.0384 1428 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    23:03:43.0396 1428 Disk - ok
    23:03:43.0467 1428 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
    23:03:43.0477 1428 DKbFltr - ok
    23:03:43.0558 1428 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    23:03:43.0574 1428 drmkaud - ok
    23:03:43.0693 1428 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    23:03:43.0719 1428 DXGKrnl - ok
    23:03:43.0885 1428 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    23:03:43.0936 1428 ebdrv - ok
    23:03:44.0051 1428 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    23:03:44.0070 1428 elxstor - ok
    23:03:44.0177 1428 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    23:03:44.0192 1428 ErrDev - ok
    23:03:44.0306 1428 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    23:03:44.0344 1428 exfat - ok
    23:03:44.0448 1428 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    23:03:44.0486 1428 fastfat - ok
    23:03:44.0590 1428 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    23:03:44.0604 1428 fdc - ok
    23:03:44.0698 1428 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    23:03:44.0711 1428 FileInfo - ok
    23:03:44.0817 1428 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    23:03:44.0853 1428 Filetrace - ok
    23:03:44.0937 1428 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    23:03:44.0952 1428 flpydisk - ok
    23:03:45.0060 1428 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    23:03:45.0075 1428 FltMgr - ok
    23:03:45.0183 1428 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    23:03:45.0194 1428 FsDepends - ok
    23:03:45.0293 1428 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    23:03:45.0305 1428 Fs_Rec - ok
    23:03:45.0418 1428 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    23:03:45.0436 1428 fvevol - ok
    23:03:45.0545 1428 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    23:03:45.0557 1428 gagp30kx - ok
    23:03:45.0659 1428 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    23:03:45.0668 1428 GEARAspiWDM - ok
    23:03:45.0784 1428 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    23:03:45.0798 1428 hcw85cir - ok
    23:03:45.0900 1428 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    23:03:45.0920 1428 HdAudAddService - ok
    23:03:46.0027 1428 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    23:03:46.0045 1428 HDAudBus - ok
    23:03:46.0151 1428 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    23:03:46.0166 1428 HidBatt - ok
    23:03:46.0262 1428 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    23:03:46.0279 1428 HidBth - ok
    23:03:46.0381 1428 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    23:03:46.0397 1428 HidIr - ok
    23:03:46.0507 1428 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    23:03:46.0521 1428 HidUsb - ok
    23:03:46.0627 1428 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    23:03:46.0640 1428 HpSAMD - ok
    23:03:46.0763 1428 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
    23:03:46.0792 1428 HSF_DPV - ok
    23:03:46.0913 1428 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    23:03:46.0958 1428 HTTP - ok
    23:03:47.0065 1428 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    23:03:47.0077 1428 hwpolicy - ok
    23:03:47.0174 1428 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    23:03:47.0192 1428 i8042prt - ok
    23:03:47.0306 1428 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    23:03:47.0323 1428 iaStorV - ok
    23:03:47.0566 1428 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    23:03:47.0662 1428 igfx - ok
    23:03:47.0770 1428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    23:03:47.0782 1428 iirsp - ok
    23:03:47.0912 1428 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
    23:03:47.0952 1428 IntcAzAudAddService - ok
    23:03:48.0048 1428 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
    23:03:48.0061 1428 IntcHdmiAddService - ok
    23:03:48.0164 1428 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    23:03:48.0176 1428 intelide - ok
    23:03:48.0278 1428 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    23:03:48.0293 1428 intelppm - ok
    23:03:48.0410 1428 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    23:03:48.0447 1428 IpFilterDriver - ok
    23:03:48.0551 1428 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    23:03:48.0566 1428 IPMIDRV - ok
    23:03:48.0606 1428 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    23:03:48.0645 1428 IPNAT - ok
    23:03:48.0752 1428 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    23:03:48.0770 1428 IRENUM - ok
    23:03:48.0879 1428 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    23:03:48.0891 1428 isapnp - ok
    23:03:49.0000 1428 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    23:03:49.0015 1428 iScsiPrt - ok
    23:03:49.0121 1428 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
    23:03:49.0135 1428 k57nd60a - ok
    23:03:49.0244 1428 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    23:03:49.0256 1428 kbdclass - ok
    23:03:49.0363 1428 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    23:03:49.0377 1428 kbdhid - ok
    23:03:49.0491 1428 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    23:03:49.0503 1428 KSecDD - ok
    23:03:49.0611 1428 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    23:03:49.0624 1428 KSecPkg - ok
    23:03:49.0724 1428 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    23:03:49.0760 1428 ksthunk - ok
    23:03:49.0871 1428 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    23:03:49.0908 1428 lltdio - ok
    23:03:50.0021 1428 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    23:03:50.0034 1428 LSI_FC - ok
    23:03:50.0143 1428 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    23:03:50.0156 1428 LSI_SAS - ok
    23:03:50.0267 1428 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    23:03:50.0278 1428 LSI_SAS2 - ok
    23:03:50.0381 1428 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    23:03:50.0393 1428 LSI_SCSI - ok
    23:03:50.0497 1428 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    23:03:50.0534 1428 luafv - ok
    23:03:50.0643 1428 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
    23:03:50.0662 1428 mcdbus - ok
    23:03:50.0772 1428 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    23:03:50.0785 1428 mdmxsdk - ok
    23:03:50.0886 1428 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    23:03:50.0897 1428 megasas - ok
    23:03:51.0004 1428 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    23:03:51.0020 1428 MegaSR - ok
    23:03:51.0134 1428 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    23:03:51.0171 1428 Modem - ok
    23:03:51.0276 1428 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    23:03:51.0292 1428 monitor - ok
    23:03:51.0403 1428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    23:03:51.0415 1428 mouclass - ok
    23:03:51.0520 1428 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    23:03:51.0534 1428 mouhid - ok
    23:03:51.0657 1428 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    23:03:51.0669 1428 mountmgr - ok
    23:03:51.0777 1428 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    23:03:51.0790 1428 mpio - ok
    23:03:51.0899 1428 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    23:03:51.0936 1428 mpsdrv - ok
    23:03:52.0052 1428 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    23:03:52.0071 1428 MRxDAV - ok
    23:03:52.0168 1428 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    23:03:52.0184 1428 mrxsmb - ok
    23:03:52.0278 1428 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    23:03:52.0293 1428 mrxsmb10 - ok
    23:03:52.0389 1428 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    23:03:52.0403 1428 mrxsmb20 - ok
    23:03:52.0512 1428 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    23:03:52.0523 1428 msahci - ok
    23:03:52.0628 1428 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    23:03:52.0641 1428 msdsm - ok
    23:03:52.0748 1428 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    23:03:52.0785 1428 Msfs - ok
    23:03:52.0874 1428 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    23:03:52.0911 1428 mshidkmdf - ok
    23:03:53.0016 1428 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    23:03:53.0027 1428 msisadrv - ok
    23:03:53.0142 1428 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    23:03:53.0178 1428 MSKSSRV - ok
    23:03:53.0284 1428 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    23:03:53.0321 1428 MSPCLOCK - ok
    23:03:53.0419 1428 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    23:03:53.0456 1428 MSPQM - ok
    23:03:53.0573 1428 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    23:03:53.0589 1428 MsRPC - ok
    23:03:53.0701 1428 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    23:03:53.0712 1428 mssmbios - ok
    23:03:53.0816 1428 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    23:03:53.0853 1428 MSTEE - ok
    23:03:53.0952 1428 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    23:03:53.0966 1428 MTConfig - ok
    23:03:54.0070 1428 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    23:03:54.0082 1428 Mup - ok
    23:03:54.0191 1428 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    23:03:54.0213 1428 NativeWifiP - ok
    23:03:54.0339 1428 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    23:03:54.0364 1428 NDIS - ok
    23:03:54.0456 1428 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    23:03:54.0493 1428 NdisCap - ok
    23:03:54.0593 1428 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    23:03:54.0630 1428 NdisTapi - ok
    23:03:54.0733 1428 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    23:03:54.0769 1428 Ndisuio - ok
    23:03:54.0880 1428 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    23:03:54.0917 1428 NdisWan - ok
    23:03:55.0017 1428 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    23:03:55.0052 1428 NDProxy - ok
    23:03:55.0145 1428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    23:03:55.0182 1428 NetBIOS - ok
    23:03:55.0294 1428 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    23:03:55.0331 1428 NetBT - ok
    23:03:55.0600 1428 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
    23:03:55.0697 1428 NETw5s64 - ok
    23:03:55.0916 1428 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
    23:03:55.0990 1428 netw5v64 - ok
    23:03:56.0471 1428 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys
    23:03:56.0578 1428 NETwNs64 - ok
    23:03:56.0678 1428 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    23:03:56.0694 1428 nfrd960 - ok
    23:03:56.0790 1428 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    23:03:56.0827 1428 Npfs - ok
    23:03:56.0939 1428 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    23:03:56.0999 1428 nsiproxy - ok
    23:03:57.0140 1428 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    23:03:57.0183 1428 Ntfs - ok
    23:03:57.0302 1428 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
    23:03:57.0312 1428 NTIDrvr - ok
    23:03:57.0419 1428 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    23:03:57.0477 1428 Null - ok
    23:03:57.0587 1428 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    23:03:57.0600 1428 nvraid - ok
    23:03:57.0710 1428 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    23:03:57.0723 1428 nvstor - ok
    23:03:57.0837 1428 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    23:03:57.0850 1428 nv_agp - ok
    23:03:57.0953 1428 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    23:03:57.0976 1428 ohci1394 - ok
    23:03:58.0138 1428 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    23:03:58.0153 1428 Parport - ok
    23:03:58.0259 1428 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    23:03:58.0271 1428 partmgr - ok
    23:03:58.0377 1428 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    23:03:58.0390 1428 pci - ok
    23:03:58.0495 1428 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    23:03:58.0507 1428 pciide - ok
    23:03:58.0609 1428 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    23:03:58.0624 1428 pcmcia - ok
    23:03:58.0729 1428 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    23:03:58.0741 1428 pcw - ok
    23:03:58.0868 1428 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    23:03:58.0915 1428 PEAUTH - ok
    23:03:59.0058 1428 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    23:03:59.0096 1428 PptpMiniport - ok
    23:03:59.0193 1428 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    23:03:59.0216 1428 Processor - ok
    23:03:59.0338 1428 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    23:03:59.0389 1428 Psched - ok
    23:03:59.0529 1428 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    23:03:59.0563 1428 ql2300 - ok
    23:03:59.0668 1428 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    23:03:59.0681 1428 ql40xx - ok
    23:03:59.0790 1428 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    23:03:59.0831 1428 QWAVEdrv - ok
    23:03:59.0939 1428 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    23:03:59.0985 1428 RasAcd - ok
    23:04:00.0093 1428 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    23:04:00.0131 1428 RasAgileVpn - ok
    23:04:00.0244 1428 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    23:04:00.0293 1428 Rasl2tp - ok
    23:04:00.0389 1428 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    23:04:00.0448 1428 RasPppoe - ok
    23:04:00.0558 1428 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    23:04:00.0604 1428 RasSstp - ok
    23:04:00.0720 1428 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    23:04:00.0770 1428 rdbss - ok
    23:04:00.0869 1428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    23:04:00.0902 1428 rdpbus - ok
    23:04:01.0010 1428 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    23:04:01.0059 1428 RDPCDD - ok
    23:04:01.0160 1428 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    23:04:01.0214 1428 RDPENCDD - ok
    23:04:01.0329 1428 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    23:04:01.0365 1428 RDPREFMP - ok
    23:04:01.0477 1428 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    23:04:01.0515 1428 RDPWD - ok
    23:04:01.0635 1428 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    23:04:01.0650 1428 rdyboost - ok
    23:04:01.0773 1428 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    23:04:01.0814 1428 RFCOMM - ok
    23:04:01.0941 1428 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    23:04:01.0987 1428 rspndr - ok
    23:04:02.0108 1428 RSUSBSTOR (fb39af63d6617f028ba0ebc21b83360d) C:\Windows\system32\Drivers\RtsUStor.sys
    23:04:02.0137 1428 RSUSBSTOR - ok
    23:04:02.0246 1428 RT-USB (5bdaf690fe82d8e531328de7e766fb7a) C:\Windows\system32\drivers\RT-USB64.SYS
    23:04:02.0263 1428 RT-USB - ok
    23:04:02.0387 1428 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
    23:04:02.0400 1428 RTHDMIAzAudService - ok
    23:04:02.0508 1428 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    23:04:02.0520 1428 sbp2port - ok
    23:04:02.0658 1428 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    23:04:02.0707 1428 scfilter - ok
    23:04:02.0823 1428 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    23:04:02.0878 1428 secdrv - ok
    23:04:02.0992 1428 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    23:04:03.0013 1428 Serenum - ok
    23:04:03.0117 1428 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    23:04:03.0132 1428 Serial - ok
    23:04:03.0235 1428 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    23:04:03.0271 1428 sermouse - ok
    23:04:03.0387 1428 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    23:04:03.0418 1428 sffdisk - ok
    23:04:03.0518 1428 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    23:04:03.0538 1428 sffp_mmc - ok
    23:04:03.0652 1428 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    23:04:03.0678 1428 sffp_sd - ok
    23:04:03.0786 1428 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    23:04:03.0800 1428 sfloppy - ok
    23:04:03.0942 1428 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    23:04:03.0954 1428 SiSRaid2 - ok
    23:04:04.0078 1428 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    23:04:04.0090 1428 SiSRaid4 - ok
    23:04:04.0215 1428 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    23:04:04.0254 1428 Smb - ok
    23:04:04.0382 1428 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    23:04:04.0394 1428 spldr - ok
    23:04:04.0527 1428 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    23:04:04.0575 1428 srv - ok
    23:04:04.0693 1428 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    23:04:04.0730 1428 srv2 - ok
    23:04:04.0849 1428 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    23:04:04.0868 1428 SrvHsfHDA - ok
    23:04:05.0015 1428 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    23:04:05.0061 1428 SrvHsfV92 - ok
    23:04:05.0205 1428 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    23:04:05.0231 1428 SrvHsfWinac - ok
    23:04:05.0349 1428 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    23:04:05.0376 1428 srvnet - ok
    23:04:05.0520 1428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    23:04:05.0531 1428 stexstor - ok
    23:04:05.0651 1428 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    23:04:05.0663 1428 swenum - ok
    23:04:05.0789 1428 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
    23:04:05.0803 1428 SynTP - ok
    23:04:05.0972 1428 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    23:04:06.0012 1428 Tcpip - ok
    23:04:06.0172 1428 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    23:04:06.0215 1428 TCPIP6 - ok
    23:04:06.0336 1428 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    23:04:06.0387 1428 tcpipreg - ok
    23:04:06.0499 1428 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    23:04:06.0545 1428 TDPIPE - ok
    23:04:06.0655 1428 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    23:04:06.0692 1428 TDTCP - ok
    23:04:06.0808 1428 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    23:04:06.0846 1428 tdx - ok
    23:04:06.0955 1428 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    23:04:06.0967 1428 TermDD - ok
    23:04:07.0105 1428 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    23:04:07.0154 1428 tssecsrv - ok
    23:04:07.0269 1428 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    23:04:07.0310 1428 TsUsbFlt - ok
    23:04:07.0414 1428 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    23:04:07.0469 1428 tunnel - ok
    23:04:07.0577 1428 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    23:04:07.0589 1428 uagp35 - ok
    23:04:07.0706 1428 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
    23:04:07.0716 1428 UBHelper - ok
    23:04:07.0825 1428 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    23:04:07.0880 1428 udfs - ok
    23:04:07.0997 1428 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    23:04:08.0009 1428 uliagpkx - ok
    23:04:08.0129 1428 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    23:04:08.0144 1428 umbus - ok
    23:04:08.0245 1428 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    23:04:08.0274 1428 UmPass - ok
    23:04:08.0408 1428 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    23:04:08.0449 1428 USBAAPL64 - ok
    23:04:08.0558 1428 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    23:04:08.0583 1428 usbccgp - ok
    23:04:08.0689 1428 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    23:04:08.0720 1428 usbcir - ok
    23:04:08.0818 1428 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    23:04:08.0855 1428 usbehci - ok
    23:04:08.0998 1428 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    23:04:09.0046 1428 usbhub - ok
    23:04:09.0159 1428 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    23:04:09.0173 1428 usbohci - ok
    23:04:09.0272 1428 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    23:04:09.0295 1428 usbprint - ok
    23:04:09.0404 1428 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    23:04:09.0466 1428 USBSTOR - ok
    23:04:09.0566 1428 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    23:04:09.0589 1428 usbuhci - ok
    23:04:09.0716 1428 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    23:04:09.0734 1428 usbvideo - ok
    23:04:09.0849 1428 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    23:04:09.0860 1428 vdrvroot - ok
    23:04:09.0962 1428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    23:04:09.0980 1428 vga - ok
    23:04:10.0086 1428 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    23:04:10.0132 1428 VgaSave - ok
    23:04:10.0239 1428 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    23:04:10.0253 1428 vhdmp - ok
    23:04:10.0367 1428 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    23:04:10.0378 1428 viaide - ok
    23:04:10.0494 1428 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    23:04:10.0506 1428 volmgr - ok
    23:04:10.0616 1428 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    23:04:10.0633 1428 volmgrx - ok
    23:04:10.0742 1428 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    23:04:10.0758 1428 volsnap - ok
    23:04:10.0864 1428 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    23:04:10.0878 1428 vsmraid - ok
    23:04:10.0989 1428 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    23:04:11.0008 1428 vwifibus - ok
    23:04:11.0120 1428 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    23:04:11.0139 1428 vwififlt - ok
    23:04:11.0255 1428 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    23:04:11.0278 1428 WacomPen - ok
    23:04:11.0393 1428 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    23:04:11.0442 1428 WANARP - ok
    23:04:11.0447 1428 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    23:04:11.0483 1428 Wanarpv6 - ok
    23:04:11.0614 1428 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    23:04:11.0626 1428 Wd - ok
    23:04:11.0755 1428 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
    23:04:11.0782 1428 WDC_SAM - ok
    23:04:11.0895 1428 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    23:04:11.0916 1428 Wdf01000 - ok
    23:04:12.0048 1428 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    23:04:12.0086 1428 WfpLwf - ok
    23:04:12.0192 1428 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    23:04:12.0204 1428 WIMMount - ok
    23:04:12.0316 1428 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
    23:04:12.0340 1428 winachsf - ok
    23:04:12.0488 1428 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    23:04:12.0516 1428 WinUsb - ok
    23:04:12.0654 1428 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    23:04:12.0684 1428 WmiAcpi - ok
    23:04:12.0791 1428 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    23:04:12.0842 1428 ws2ifsl - ok
    23:04:12.0973 1428 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    23:04:13.0043 1428 WudfPf - ok
    23:04:13.0161 1428 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    23:04:13.0213 1428 WUDFRd - ok
    23:04:13.0341 1428 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
    23:04:13.0365 1428 XAudio - ok
    23:04:13.0411 1428 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
    23:04:14.0245 1428 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
    23:04:14.0245 1428 \Device\Harddisk1\DR1 - detected TDSS File System (1)
    23:04:17.0772 1428 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    23:04:17.0856 1428 \Device\Harddisk0\DR0 - ok
    23:04:17.0862 1428 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
    23:04:18.0010 1428 \Device\Harddisk2\DR2 - ok
    23:04:18.0048 1428 Boot (0x1200) (c88a41d745e96a715af83e66473ed0d6) \Device\Harddisk1\DR1\Partition0
    23:04:18.0050 1428 \Device\Harddisk1\DR1\Partition0 - ok
    23:04:18.0057 1428 Boot (0x1200) (e24e5a9cdfa81f012d3bf0ca5e7fb140) \Device\Harddisk1\DR1\Partition1
    23:04:18.0058 1428 \Device\Harddisk1\DR1\Partition1 - ok
    23:04:18.0090 1428 Boot (0x1200) (4f9b06b3665e975f5efd4a5ee05a7d75) \Device\Harddisk1\DR1\Partition2
    23:04:18.0091 1428 \Device\Harddisk1\DR1\Partition2 - ok
    23:04:18.0098 1428 Boot (0x1200) (e7e2a9958803d0809296baad4334f5e5) \Device\Harddisk2\DR2\Partition0
    23:04:18.0101 1428 \Device\Harddisk2\DR2\Partition0 - ok
    23:04:18.0101 1428 ============================================================
    23:04:18.0101 1428 Scan finished
    23:04:18.0101 1428 ============================================================
    23:04:18.0111 1980 Detected object count: 1
    23:04:18.0111 1980 Actual detected object count: 1
    23:04:26.0517 1980 \Device\Harddisk1\DR1\TDLFS\ph.dll - copied to quarantine
    23:04:26.0521 1980 \Device\Harddisk1\DR1\TDLFS\phx.dll - copied to quarantine
    23:04:26.0525 1980 \Device\Harddisk1\DR1\TDLFS\sub.dll - copied to quarantine
    23:04:26.0530 1980 \Device\Harddisk1\DR1\TDLFS\subx.dll - copied to quarantine
    23:04:26.0538 1980 \Device\Harddisk1\DR1\TDLFS\phd - copied to quarantine
    23:04:26.0590 1980 \Device\Harddisk1\DR1\TDLFS\phdx - copied to quarantine
    23:04:26.0591 1980 \Device\Harddisk1\DR1\TDLFS\phs - copied to quarantine
    23:04:26.0593 1980 \Device\Harddisk1\DR1\TDLFS\phdata - copied to quarantine
    23:04:26.0595 1980 \Device\Harddisk1\DR1\TDLFS\phld - copied to quarantine
    23:04:26.0598 1980 \Device\Harddisk1\DR1\TDLFS\phln - copied to quarantine
    23:04:26.0610 1980 \Device\Harddisk1\DR1\TDLFS\phlx - copied to quarantine
    23:04:26.0612 1980 \Device\Harddisk1\DR1\TDLFS\phm - copied to quarantine
    23:04:26.0613 1980 \Device\Harddisk1\DR1\TDLFS - deleted
    23:04:26.0614 1980 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
    23:04:31.0441 1064 Deinitialize success

    ----------------------

    thank you for all the help, comp feels great!

  10. #10
    Senior Member
    Join Date
    Sep 2010
    Posts
    631

    Default

    Hi lavilev,

    Still some more to do.

    Download ComboFix from one of these locations:

    Link 1
    Link 2

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
    • Right click on ComboFix.exe, click Run as Administrator & follow the prompts.


    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    Notes:

    1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Please post back with the combofix log.

    Thanks
    Member of UNITE and ASAP

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •