« previous next »
Pages: 1 [2] 3 4 5   Go Down

Author Topic: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups  (Read 4507 times)

0 Members and 1 Guest are viewing this topic.

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #15 on: January 10, 2012, 10:48:57 AM »
Here is what the popups look like if it helps any, I woke up just now with no web browser open to this:

http://oi43.tinypic.com/2h4i7uu.jpg

Since I don't want to click on any of those options, I close that popup using windows task manager and it has to restart the toolbar to get rid of it

I just tried google, the redirects are still happening. I have no idea how to fix this
Logged

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #16 on: January 10, 2012, 12:32:32 PM »
Just had another redirect. It redirected to countryhome.nl.ai (other sites it redirects to is eintervention.com and cdn.stopadwares.com) and this trojan (HEUR:Trojan.Script.Iframer) popped up from Kaspersky:

http://oi43.tinypic.com/2j0m714.jpg

So it's obvious I'm getting attacked here by something, it's just a shame nothing can find it in the system when I do a scan. Also, I tried googling again after Kaspersky detected this and i'm still getting the redirects.

Any thoughts on what I should do next?
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #17 on: January 10, 2012, 04:02:05 PM »
Download RogueKiller to your desktop
  • Close all open programs
  • For Vista or Windows 7, right click -> run as administrator, for XP simply double-click RogueKiller.exe
  • When prompted, type 1 and press Enter
  • The RKreport.txt shall be generated.
Note: If the program fails to run, don't hesitate to try several times. If several attempts still fail (it is possible), just rename it to winlogon.exe and try running it again.

Please post the contents of the RKreport.txt in your next reply. Thanks!
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #18 on: January 10, 2012, 04:07:33 PM »
Thank you for the reply, here is the log:

RogueKiller V6.2.3 [01/09/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Sam [Admin rights]
Mode: Scan -- Date : 01/10/2012 15:05:57

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] bef71944b3b5de032e277fa31ccfb751
[BSP] 5ddb2240a06dd04c2f16e27a394def14 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 63 | Size: 12888 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 25173855 | Size: 106 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 25382700 | Size: 147044 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 4c3bcdad733249acf5ba0fa43870e420
[BSP] 5ddb2240a06dd04c2f16e27a394def14 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 63 | Size: 12888 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 25173855 | Size: 106 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 25382700 | Size: 147044 Mo
3 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 312579760 | Size: 1 Mo

Finished : << RKreport[1].txt >>
RKreport[1].txt



Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #19 on: January 10, 2012, 04:27:02 PM »
Download aswMBR from Here
Allow the software to update if prompted.

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below


Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

   
  • Once the scan finishes click Save log to save the log to your Desktop.


   
  • Copy and paste the contents of aswMBR.txt back here for review
  • You will also notice another file created on the desktop named MBR.dat. Right-click that file and select Send To and then Compressed (zipped) file. Attach that zipped file to your next reply as well.
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #20 on: January 10, 2012, 04:33:33 PM »
I seem to have a problem running it. I double click the file then click on Run, and then nothing loads after, any advice?
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #21 on: January 10, 2012, 04:37:32 PM »
Let's try a different tool...
  • Please download the Bit Defender Removal Tool for TDSS
    NOTE: You will need to download the {ENTER 32 or 64 BIT HERE} version from the links halfway down the page
  • Please save the BDRemovalTool_TDSS-Clones_x64.exe to the desktop of the infected computer
  • Disable all Active Security Programs that are currently running on you system
  • Then please double click the BDRemovalTool icon on the desktop
  • Once the tool has opened, please click the green "Start Scan" button in the top right corner

  • Once the Scan has completed, if you are presented with the below screen. Please let me know:

  • If the infection we are looking for is found, you will be presented with a prompt to reboot the system, please do so:


  • Once the system has rebooted, please rerun Bit Defender Removal Tool and let me know if the tool now deems the system as being clean.
NOTE: If the tool still reports that the system is infected after the first removal attempt, please "Do Not" try to clean it again. Please just report back letting me know that the removal attempt was unsuccessful.
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #22 on: January 10, 2012, 04:46:27 PM »
Sorry about this, but this program isn't loading also. Could this have something to do with trojan or just with my computer being a piece of junk in general?
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #23 on: January 10, 2012, 04:56:48 PM »
It's entirely likely that it's all related to the infection. This infection, lately, has been changing and causing more problems. We can throw stuff at it till we find something that works for your situation...I hope you don't mind if it seems like a hit and miss type of operation, but I'd like to try different tools as we go to determine what tools are now being discovered and blocked by this thing. Not all of these infections are behaving the same way so...please bear with me:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application. Click the "Change parameters". Under Additional options, check the box next to both options, "Verify Driver Digital Signature" and "Detect TDLFS file system" and click the OK button.
  • Click the Start scan button.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • You may be prompted to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file back here on your next reply.
  • ...otherwise, if a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". If this was the case, then we need to see that log.
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #24 on: January 10, 2012, 05:05:24 PM »
I'm completely fine with you suggesting as many programs as possible because with you helping me on this I actually have hope that this can be fixed. Here is the log, it seemed to have found something, thanks!

15:58:16.0989 2344   TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
15:58:17.0442 2344   ============================================================
15:58:17.0442 2344   Current date / time: 2012/01/10 15:58:17.0442
15:58:17.0442 2344   SystemInfo:
15:58:17.0442 2344   
15:58:17.0442 2344   OS Version: 6.1.7601 ServicePack: 1.0
15:58:17.0442 2344   Product type: Workstation
15:58:17.0442 2344   ComputerName: SAM-PC
15:58:17.0442 2344   UserName: Sam
15:58:17.0442 2344   Windows directory: C:\Windows
15:58:17.0442 2344   System windows directory: C:\Windows
15:58:17.0442 2344   Running under WOW64
15:58:17.0442 2344   Processor architecture: Intel x64
15:58:17.0442 2344   Number of processors: 1
15:58:17.0442 2344   Page size: 0x1000
15:58:17.0442 2344   Boot type: Normal boot
15:58:17.0442 2344   ============================================================
15:58:19.0329 2344   Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000, SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
15:58:19.0407 2344   Initialize success
15:59:13.0758 3188   ============================================================
15:59:13.0758 3188   Scan started
15:59:13.0758 3188   Mode: Manual; SigCheck; TDLFS;
15:59:13.0758 3188   ============================================================
15:59:16.0800 3188   1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:59:17.0049 3188   1394ohci - ok
15:59:17.0096 3188   ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:59:17.0127 3188   ACPI - ok
15:59:17.0221 3188   AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:59:17.0439 3188   AcpiPmi - ok
15:59:17.0564 3188   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:59:17.0595 3188   adp94xx - ok
15:59:17.0689 3188   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:59:17.0782 3188   adpahci - ok
15:59:17.0814 3188   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:59:17.0892 3188   adpu320 - ok
15:59:17.0970 3188   AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:59:18.0157 3188   AFD - ok
15:59:18.0219 3188   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:59:18.0313 3188   agp440 - ok
15:59:18.0375 3188   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:59:18.0453 3188   aliide - ok
15:59:18.0516 3188   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:59:18.0594 3188   amdide - ok
15:59:18.0672 3188   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:59:18.0796 3188   AmdK8 - ok
15:59:18.0828 3188   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:59:18.0952 3188   AmdPPM - ok
15:59:19.0015 3188   amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:59:19.0062 3188   amdsata - ok
15:59:19.0108 3188   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:59:19.0202 3188   amdsbs - ok
15:59:19.0233 3188   amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:59:19.0296 3188   amdxata - ok
15:59:19.0374 3188   ApfiltrService  (c79c86a0395689045710e24d64e5e086) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:59:19.0436 3188   ApfiltrService - ok
15:59:19.0514 3188   AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:59:19.0810 3188   AppID - ok
15:59:19.0998 3188   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:59:20.0044 3188   arc - ok
15:59:20.0107 3188   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:59:20.0138 3188   arcsas - ok
15:59:20.0232 3188   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:59:20.0559 3188   AsyncMac - ok
15:59:20.0637 3188   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:59:20.0653 3188   atapi - ok
15:59:21.0027 3188   atikmdag        (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
15:59:21.0386 3188   atikmdag - ok
15:59:21.0464 3188   AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
15:59:21.0480 3188   AtiPcie - ok
15:59:21.0948 3188   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:59:22.0088 3188   b06bdrv - ok
15:59:22.0260 3188   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:59:22.0525 3188   b57nd60a - ok
15:59:22.0743 3188   BCM43XX         (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:59:22.0868 3188   BCM43XX - ok
15:59:22.0962 3188   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:59:23.0040 3188   Beep - ok
15:59:23.0118 3188   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:59:23.0180 3188   blbdrive - ok
15:59:23.0227 3188   bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:59:23.0352 3188   bowser - ok
15:59:23.0398 3188   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:59:23.0539 3188   BrFiltLo - ok
15:59:23.0570 3188   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:59:23.0601 3188   BrFiltUp - ok
15:59:23.0648 3188   BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:59:23.0742 3188   BridgeMP - ok
15:59:23.0788 3188   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:59:23.0929 3188   Brserid - ok
15:59:23.0976 3188   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:59:24.0022 3188   BrSerWdm - ok
15:59:24.0054 3188   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:59:24.0100 3188   BrUsbMdm - ok
15:59:24.0132 3188   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:59:24.0178 3188   BrUsbSer - ok
15:59:24.0225 3188   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:59:24.0288 3188   BTHMODEM - ok
15:59:24.0350 3188   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:59:24.0444 3188   cdfs - ok
15:59:24.0522 3188   cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:59:24.0568 3188   cdrom - ok
15:59:24.0818 3188   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:59:24.0865 3188   circlass - ok
15:59:24.0927 3188   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:59:24.0958 3188   CLFS - ok
15:59:25.0114 3188   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:59:25.0177 3188   CmBatt - ok
15:59:25.0239 3188   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:59:25.0255 3188   cmdide - ok
15:59:25.0317 3188   CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:59:25.0364 3188   CNG - ok
15:59:25.0395 3188   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:59:25.0426 3188   Compbatt - ok
15:59:25.0473 3188   CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:59:25.0536 3188   CompositeBus - ok
15:59:25.0598 3188   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:59:25.0614 3188   crcdisk - ok
15:59:25.0707 3188   DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:59:25.0785 3188   DfsC - ok
15:59:25.0832 3188   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:59:25.0894 3188   discache - ok
15:59:25.0957 3188   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:59:25.0988 3188   Disk - ok
15:59:26.0082 3188   DKbFltr         (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
15:59:26.0097 3188   DKbFltr - ok
15:59:26.0160 3188   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:59:26.0222 3188   drmkaud - ok
15:59:26.0284 3188   DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:59:26.0378 3188   DXGKrnl - ok
15:59:26.0487 3188   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:59:26.0643 3188   ebdrv - ok
15:59:26.0721 3188   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:59:26.0752 3188   elxstor - ok
15:59:26.0955 3188   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:59:27.0174 3188   ErrDev - ok
15:59:27.0298 3188   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:59:27.0408 3188   exfat - ok
15:59:27.0454 3188   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:59:27.0548 3188   fastfat - ok
15:59:27.0595 3188   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:59:27.0688 3188   fdc - ok
15:59:27.0751 3188   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:59:27.0782 3188   FileInfo - ok
15:59:27.0813 3188   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:59:27.0907 3188   Filetrace - ok
15:59:27.0954 3188   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:59:27.0985 3188   flpydisk - ok
15:59:28.0063 3188   FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:59:28.0110 3188   FltMgr - ok
15:59:28.0156 3188   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:59:28.0188 3188   FsDepends - ok
15:59:28.0219 3188   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:59:28.0281 3188   Fs_Rec - ok
15:59:28.0328 3188   fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:59:28.0359 3188   fvevol - ok
15:59:28.0406 3188   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:59:28.0437 3188   gagp30kx - ok
15:59:28.0500 3188   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:59:28.0562 3188   hcw85cir - ok
15:59:28.0624 3188   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:59:28.0702 3188   HdAudAddService - ok
15:59:28.0765 3188   HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:59:28.0827 3188   HDAudBus - ok
15:59:28.0890 3188   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:59:28.0921 3188   HidBatt - ok
15:59:28.0952 3188   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:59:28.0999 3188   HidBth - ok
15:59:29.0046 3188   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:59:29.0077 3188   HidIr - ok
15:59:29.0155 3188   HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:59:29.0248 3188   HidUsb - ok
15:59:29.0326 3188   HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:59:29.0342 3188   HpSAMD - ok
15:59:29.0420 3188   HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:59:29.0498 3188   HTTP - ok
15:59:29.0545 3188   hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:59:29.0576 3188   hwpolicy - ok
15:59:29.0607 3188   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:59:29.0638 3188   i8042prt - ok
15:59:29.0716 3188   iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:59:29.0748 3188   iaStorV - ok
15:59:29.0794 3188   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:59:29.0810 3188   iirsp - ok
15:59:29.0919 3188   IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
15:59:30.0091 3188   IntcAzAudAddService - ok
15:59:30.0200 3188   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:59:30.0216 3188   intelide - ok
15:59:30.0278 3188   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:59:30.0325 3188   intelppm - ok
15:59:30.0387 3188   IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:30.0481 3188   IpFilterDriver - ok
15:59:30.0528 3188   IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:59:30.0574 3188   IPMIDRV - ok
15:59:30.0621 3188   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:59:30.0730 3188   IPNAT - ok
15:59:30.0777 3188   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:59:30.0918 3188   IRENUM - ok
15:59:30.0964 3188   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:59:31.0011 3188   isapnp - ok
15:59:31.0058 3188   iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:59:31.0105 3188   iScsiPrt - ok
15:59:31.0136 3188   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:59:31.0183 3188   kbdclass - ok
15:59:31.0230 3188   kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:59:31.0261 3188   kbdhid - ok
15:59:31.0370 3188   KL1             (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
15:59:31.0432 3188   KL1 - ok
15:59:31.0464 3188   kl2             (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
15:59:31.0479 3188   kl2 - ok
15:59:31.0604 3188   KLIF            (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys
15:59:31.0651 3188   KLIF - ok
15:59:31.0698 3188   KLIM6           (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys
15:59:31.0729 3188   KLIM6 - ok
15:59:31.0760 3188   klmouflt        (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
15:59:31.0776 3188   klmouflt - ok
15:59:31.0822 3188   KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:59:31.0854 3188   KSecDD - ok
15:59:31.0900 3188   KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:59:31.0932 3188   KSecPkg - ok
15:59:31.0994 3188   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:59:32.0088 3188   ksthunk - ok
15:59:32.0166 3188   L1C             (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
15:59:32.0306 3188   L1C - ok
15:59:32.0400 3188   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:59:32.0509 3188   lltdio - ok
15:59:32.0571 3188   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:59:32.0602 3188   LSI_FC - ok
15:59:32.0634 3188   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:59:32.0649 3188   LSI_SAS - ok
15:59:32.0680 3188   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:59:32.0712 3188   LSI_SAS2 - ok
15:59:32.0743 3188   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:59:32.0774 3188   LSI_SCSI - ok
15:59:32.0805 3188   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:59:32.0883 3188   luafv - ok
15:59:32.0930 3188   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:59:32.0961 3188   megasas - ok
15:59:32.0992 3188   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:59:33.0024 3188   MegaSR - ok
15:59:33.0070 3188   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:59:33.0148 3188   Modem - ok
15:59:33.0180 3188   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:59:33.0242 3188   monitor - ok
15:59:33.0289 3188   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:59:33.0336 3188   mouclass - ok
15:59:33.0367 3188   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:59:33.0414 3188   mouhid - ok
15:59:33.0476 3188   mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:59:33.0507 3188   mountmgr - ok
15:59:33.0570 3188   mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:59:33.0601 3188   mpio - ok
15:59:33.0648 3188   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:59:33.0726 3188   mpsdrv - ok
15:59:33.0788 3188   MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:59:33.0928 3188   MRxDAV - ok
15:59:33.0975 3188   mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:34.0053 3188   mrxsmb - ok
15:59:34.0100 3188   mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:34.0162 3188   mrxsmb10 - ok
15:59:34.0194 3188   mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:34.0225 3188   mrxsmb20 - ok
15:59:34.0256 3188   msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:59:34.0272 3188   msahci - ok
15:59:34.0350 3188   msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:59:34.0396 3188   msdsm - ok
15:59:34.0459 3188   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:59:34.0521 3188   Msfs - ok
15:59:34.0552 3188   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:59:34.0646 3188   mshidkmdf - ok
15:59:34.0677 3188   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:59:34.0708 3188   msisadrv - ok
15:59:34.0771 3188   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:59:34.0849 3188   MSKSSRV - ok
15:59:34.0911 3188   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:35.0005 3188   MSPCLOCK - ok
15:59:35.0036 3188   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:59:35.0114 3188   MSPQM - ok
15:59:35.0176 3188   MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:59:35.0223 3188   MsRPC - ok
15:59:35.0286 3188   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:59:35.0317 3188   mssmbios - ok
15:59:35.0364 3188   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:59:35.0457 3188   MSTEE - ok
15:59:35.0488 3188   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:59:35.0551 3188   MTConfig - ok
15:59:35.0582 3188   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:59:35.0598 3188   Mup - ok
15:59:35.0660 3188   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:59:35.0738 3188   NativeWifiP - ok
15:59:35.0832 3188   NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:59:35.0925 3188   NDIS - ok
15:59:35.0972 3188   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:36.0034 3188   NdisCap - ok
15:59:36.0081 3188   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:36.0175 3188   NdisTapi - ok
15:59:36.0237 3188   Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:36.0315 3188   Ndisuio - ok
15:59:36.0362 3188   NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:36.0456 3188   NdisWan - ok
15:59:36.0502 3188   NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:59:36.0596 3188   NDProxy - ok
15:59:36.0658 3188   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:59:36.0705 3188   NetBIOS - ok
15:59:36.0768 3188   NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:59:36.0830 3188   NetBT - ok
15:59:36.0955 3188   netr7364        (621559a521682a888d83db34c6ec0bf8) C:\Windows\system32\DRIVERS\netr7364.sys
15:59:37.0017 3188   netr7364 - ok
15:59:37.0080 3188   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:59:37.0095 3188   nfrd960 - ok
15:59:37.0158 3188   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:59:37.0236 3188   Npfs - ok
15:59:37.0360 3188   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:59:37.0516 3188   nsiproxy - ok
15:59:37.0688 3188   Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:59:37.0782 3188   Ntfs - ok
15:59:37.0844 3188   NTIDrvr         (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:59:37.0860 3188   NTIDrvr - ok
15:59:37.0906 3188   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:59:38.0016 3188   Null - ok
15:59:38.0062 3188   nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:59:38.0094 3188   nvraid - ok
15:59:38.0140 3188   nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:59:38.0156 3188   nvstor - ok
15:59:38.0218 3188   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:59:38.0250 3188   nv_agp - ok
15:59:38.0281 3188   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:59:38.0343 3188   ohci1394 - ok
15:59:38.0421 3188   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:59:38.0452 3188   Parport - ok
15:59:38.0499 3188   partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:59:38.0515 3188   partmgr - ok
15:59:38.0546 3188   pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:59:38.0577 3188   pci - ok
15:59:38.0608 3188   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:59:38.0655 3188   pciide - ok
15:59:38.0702 3188   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:59:38.0733 3188   pcmcia - ok
15:59:38.0764 3188   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:59:38.0780 3188   pcw - ok
15:59:38.0827 3188   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:59:38.0952 3188   PEAUTH - ok
15:59:39.0092 3188   PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:59:39.0170 3188   PptpMiniport - ok
15:59:39.0217 3188   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:59:39.0248 3188   Processor - ok
15:59:39.0342 3188   Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:59:39.0435 3188   Psched - ok
15:59:39.0498 3188   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:59:39.0638 3188   ql2300 - ok
15:59:39.0685 3188   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:59:39.0700 3188   ql40xx - ok
15:59:39.0747 3188   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:59:39.0810 3188   QWAVEdrv - ok
15:59:39.0841 3188   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:59:39.0919 3188   RasAcd - ok
15:59:39.0966 3188   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:59:40.0028 3188   RasAgileVpn - ok
15:59:40.0090 3188   Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:40.0184 3188   Rasl2tp - ok
15:59:40.0231 3188   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:40.0387 3188   RasPppoe - ok
15:59:40.0449 3188   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:59:40.0543 3188   RasSstp - ok
15:59:40.0590 3188   rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:59:40.0683 3188   rdbss - ok
15:59:40.0714 3188   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:59:40.0777 3188   rdpbus - ok
15:59:40.0808 3188   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:40.0902 3188   RDPCDD - ok
15:59:40.0948 3188   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:59:41.0026 3188   RDPENCDD - ok
15:59:41.0058 3188   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:59:41.0120 3188   RDPREFMP - ok
15:59:41.0182 3188   RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:59:41.0260 3188   RDPWD - ok
15:59:41.0370 3188   rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:59:41.0448 3188   rdyboost - ok
15:59:41.0541 3188   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:59:41.0635 3188   rspndr - ok
15:59:41.0728 3188   RSUSBSTOR       (b1d04ed92d148b54169499d9568a3c55) C:\Windows\system32\Drivers\RtsUStor.sys
15:59:41.0853 3188   RSUSBSTOR - ok
15:59:41.0931 3188   RtsUIR - ok
15:59:42.0072 3188   sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:59:42.0087 3188   sbp2port - ok
15:59:42.0150 3188   scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:59:42.0228 3188   scfilter - ok
15:59:42.0306 3188   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:59:42.0368 3188   secdrv - ok
15:59:42.0415 3188   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:59:42.0462 3188   Serenum - ok
15:59:42.0524 3188   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:59:42.0540 3188   Serial - ok
15:59:42.0586 3188   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:59:42.0649 3188   sermouse - ok
15:59:42.0711 3188   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:59:42.0805 3188   sffdisk - ok
15:59:42.0867 3188   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:59:42.0930 3188   sffp_mmc - ok
15:59:42.0961 3188   sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:59:43.0023 3188   sffp_sd - ok
15:59:43.0070 3188   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:59:43.0117 3188   sfloppy - ok
15:59:43.0179 3188   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:59:43.0210 3188   SiSRaid2 - ok
15:59:43.0242 3188   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:59:43.0257 3188   SiSRaid4 - ok
15:59:43.0304 3188   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:59:43.0366 3188   Smb - ok
15:59:43.0429 3188   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:59:43.0444 3188   spldr - ok
15:59:43.0522 3188   srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:59:43.0632 3188   srv - ok
15:59:43.0694 3188   srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:59:43.0741 3188   srv2 - ok
15:59:43.0772 3188   srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:59:43.0834 3188   srvnet - ok
15:59:43.0912 3188   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:59:43.0928 3188   stexstor - ok
15:59:43.0990 3188   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:59:44.0022 3188   swenum - ok
15:59:44.0146 3188   Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:59:44.0302 3188   Tcpip - ok
15:59:44.0443 3188   TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:59:44.0505 3188   TCPIP6 - ok
15:59:44.0552 3188   tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:59:44.0646 3188   tcpipreg - ok
15:59:44.0708 3188   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:59:44.0786 3188   TDPIPE - ok
15:59:44.0833 3188   TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:59:44.0911 3188   TDTCP - ok
15:59:44.0973 3188   tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:59:45.0051 3188   tdx - ok
15:59:45.0098 3188   TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:59:45.0129 3188   TermDD - ok
15:59:45.0223 3188   tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:45.0316 3188   tssecsrv - ok
15:59:45.0410 3188   TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:59:45.0519 3188   TsUsbFlt - ok
15:59:45.0582 3188   tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:59:45.0675 3188   tunnel - ok
15:59:45.0722 3188   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:59:45.0738 3188   uagp35 - ok
15:59:45.0784 3188   UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:59:45.0800 3188   UBHelper - ok
15:59:45.0862 3188   udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:59:45.0940 3188   udfs - ok
15:59:46.0018 3188   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:59:46.0050 3188   uliagpkx - ok
15:59:46.0081 3188   umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:59:46.0143 3188   umbus - ok
15:59:46.0190 3188   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:59:46.0237 3188   UmPass - ok
15:59:46.0330 3188   usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:59:46.0424 3188   usbaudio - ok
15:59:46.0471 3188   usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:46.0533 3188   usbccgp - ok
15:59:46.0549 3188   USBCCID - ok
15:59:46.0596 3188   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:59:46.0658 3188   usbcir - ok
15:59:46.0705 3188   usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:59:46.0752 3188   usbehci - ok
15:59:46.0798 3188   usbfilter       (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
15:59:46.0830 3188   usbfilter - ok
15:59:46.0876 3188   usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:59:46.0954 3188   usbhub - ok
15:59:47.0001 3188   usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:59:47.0048 3188   usbohci - ok
15:59:47.0110 3188   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:59:47.0157 3188   usbprint - ok
15:59:47.0204 3188   USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:47.0282 3188   USBSTOR - ok
15:59:47.0313 3188   usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:59:47.0360 3188   usbuhci - ok
15:59:47.0438 3188   usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:59:47.0485 3188   usbvideo - ok
15:59:47.0532 3188   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:59:47.0547 3188   vdrvroot - ok
15:59:47.0578 3188   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:47.0625 3188   vga - ok
15:59:47.0672 3188   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:59:47.0734 3188   VgaSave - ok
15:59:48.0000 3188   vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:59:48.0062 3188   vhdmp - ok
15:59:48.0109 3188   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:59:48.0124 3188   viaide - ok
15:59:48.0171 3188   volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:59:48.0187 3188   volmgr - ok
15:59:48.0249 3188   volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:59:48.0280 3188   volmgrx - ok
15:59:48.0343 3188   volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:59:48.0358 3188   volsnap - ok
15:59:48.0421 3188   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:59:48.0436 3188   vsmraid - ok
15:59:48.0483 3188   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:59:48.0561 3188   vwifibus - ok
15:59:48.0592 3188   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:59:48.0670 3188   vwififlt - ok
15:59:48.0811 3188   VX3000          (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys
15:59:48.0920 3188   VX3000 - ok
15:59:48.0982 3188   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:59:49.0014 3188   WacomPen - ok
15:59:49.0092 3188   WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:59:49.0154 3188   WANARP - ok
15:59:49.0185 3188   Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:59:49.0232 3188   Wanarpv6 - ok
15:59:49.0326 3188   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:59:49.0341 3188   Wd - ok
15:59:49.0388 3188   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:59:49.0450 3188   Wdf01000 - ok
15:59:49.0528 3188   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:59:49.0606 3188   WfpLwf - ok
15:59:49.0622 3188   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:59:49.0669 3188   WIMMount - ok
15:59:49.0762 3188   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:59:49.0809 3188   WmiAcpi - ok
15:59:49.0872 3188   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:59:49.0996 3188   ws2ifsl - ok
15:59:50.0090 3188   WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:59:50.0152 3188   WudfPf - ok
15:59:50.0215 3188   WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:50.0293 3188   WUDFRd - ok
15:59:50.0386 3188   MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:59:50.0480 3188   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:59:50.0480 3188   \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:59:50.0558 3188   \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:59:50.0558 3188   \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:59:50.0620 3188   Boot (0x1200)   (4ae9670f027d0a89e0c7489090193fcf) \Device\Harddisk0\DR0\Partition0
15:59:50.0636 3188   \Device\Harddisk0\DR0\Partition0 - ok
15:59:50.0652 3188   Boot (0x1200)   (9d87a2e1b9d5058b8bf2c0389474ae0b) \Device\Harddisk0\DR0\Partition1
15:59:50.0652 3188   \Device\Harddisk0\DR0\Partition1 - ok
15:59:50.0652 3188   ============================================================
15:59:50.0652 3188   Scan finished
15:59:50.0652 3188   ============================================================
15:59:50.0683 1920   Detected object count: 2
15:59:50.0683 1920   Actual detected object count: 2
16:00:27.0141 1920   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
16:00:27.0141 1920   \Device\Harddisk0\DR0 - ok
16:00:27.0141 1920   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
16:00:27.0141 1920   \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:00:27.0141 1920   \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:00:34.0146 3832   Deinitialize success
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #25 on: January 10, 2012, 05:14:17 PM »
Please reboot the system now and run TDSSKiller again. Post back THAT log. Thanks!
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #26 on: January 10, 2012, 05:15:46 PM »
Okay I will do that right now. On a side note, after I ran that scan I loaded up the other programs you suggested to me to see if it would load up, aswMBR loaded right away (I didn't start a scan) but BDRemoval said that it could not load trufosalt.sys, so looks like there hope afterall.
Logged

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #27 on: January 10, 2012, 05:20:58 PM »
Here ya go:

16:18:00.0256 3848   TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
16:18:02.0128 3848   ============================================================
16:18:02.0128 3848   Current date / time: 2012/01/10 16:18:02.0128
16:18:02.0128 3848   SystemInfo:
16:18:02.0128 3848   
16:18:02.0128 3848   OS Version: 6.1.7601 ServicePack: 1.0
16:18:02.0128 3848   Product type: Workstation
16:18:02.0128 3848   ComputerName: SAM-PC
16:18:02.0128 3848   UserName: Sam
16:18:02.0128 3848   Windows directory: C:\Windows
16:18:02.0128 3848   System windows directory: C:\Windows
16:18:02.0128 3848   Running under WOW64
16:18:02.0128 3848   Processor architecture: Intel x64
16:18:02.0128 3848   Number of processors: 1
16:18:02.0128 3848   Page size: 0x1000
16:18:02.0128 3848   Boot type: Normal boot
16:18:02.0128 3848   ============================================================
16:18:04.0343 3848   Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000, SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
16:18:04.0390 3848   Initialize success
16:18:11.0878 3896   ============================================================
16:18:11.0878 3896   Scan started
16:18:11.0878 3896   Mode: Manual; SigCheck; TDLFS;
16:18:11.0878 3896   ============================================================
16:18:14.0078 3896   1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:18:14.0249 3896   1394ohci - ok
16:18:14.0327 3896   ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:18:14.0343 3896   ACPI - ok
16:18:14.0390 3896   AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:18:14.0515 3896   AcpiPmi - ok
16:18:14.0608 3896   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:18:14.0639 3896   adp94xx - ok
16:18:14.0686 3896   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:18:14.0717 3896   adpahci - ok
16:18:14.0749 3896   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:18:14.0764 3896   adpu320 - ok
16:18:14.0858 3896   AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
16:18:15.0014 3896   AFD - ok
16:18:15.0061 3896   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:18:15.0076 3896   agp440 - ok
16:18:15.0139 3896   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:18:15.0154 3896   aliide - ok
16:18:15.0232 3896   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:18:15.0248 3896   amdide - ok
16:18:15.0326 3896   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:18:15.0435 3896   AmdK8 - ok
16:18:15.0466 3896   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:18:15.0529 3896   AmdPPM - ok
16:18:15.0591 3896   amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:18:15.0622 3896   amdsata - ok
16:18:15.0653 3896   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:18:15.0685 3896   amdsbs - ok
16:18:15.0731 3896   amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:18:15.0747 3896   amdxata - ok
16:18:15.0809 3896   ApfiltrService  (c79c86a0395689045710e24d64e5e086) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:18:15.0981 3896   ApfiltrService - ok
16:18:16.0090 3896   AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:18:16.0371 3896   AppID - ok
16:18:16.0480 3896   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:18:16.0527 3896   arc - ok
16:18:16.0589 3896   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:18:16.0605 3896   arcsas - ok
16:18:16.0652 3896   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:18:16.0839 3896   AsyncMac - ok
16:18:16.0886 3896   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:18:16.0886 3896   atapi - ok
16:18:17.0135 3896   atikmdag        (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:18:17.0401 3896   atikmdag - ok
16:18:17.0463 3896   AtiPcie         (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:18:17.0479 3896   AtiPcie - ok
16:18:17.0588 3896   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:18:17.0681 3896   b06bdrv - ok
16:18:17.0759 3896   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:18:17.0806 3896   b57nd60a - ok
16:18:17.0947 3896   BCM43XX         (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:18:18.0025 3896   BCM43XX - ok
16:18:18.0071 3896   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:18:18.0149 3896   Beep - ok
16:18:18.0227 3896   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:18:18.0274 3896   blbdrive - ok
16:18:18.0321 3896   bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:18:18.0399 3896   bowser - ok
16:18:18.0461 3896   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:18:18.0586 3896   BrFiltLo - ok
16:18:18.0617 3896   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:18:18.0649 3896   BrFiltUp - ok
16:18:18.0695 3896   BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:18:18.0773 3896   BridgeMP - ok
16:18:18.0820 3896   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:18:18.0914 3896   Brserid - ok
16:18:18.0961 3896   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:18:19.0023 3896   BrSerWdm - ok
16:18:19.0070 3896   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:18:19.0148 3896   BrUsbMdm - ok
16:18:19.0148 3896   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:18:19.0210 3896   BrUsbSer - ok
16:18:19.0257 3896   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:18:19.0304 3896   BTHMODEM - ok
16:18:19.0382 3896   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:18:19.0444 3896   cdfs - ok
16:18:19.0538 3896   cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:18:19.0709 3896   cdrom - ok
16:18:19.0865 3896   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:18:19.0912 3896   circlass - ok
16:18:19.0975 3896   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:18:20.0006 3896   CLFS - ok
16:18:20.0084 3896   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:18:20.0146 3896   CmBatt - ok
16:18:20.0193 3896   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:18:20.0209 3896   cmdide - ok
16:18:20.0271 3896   CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
16:18:20.0318 3896   CNG - ok
16:18:20.0349 3896   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:18:20.0380 3896   Compbatt - ok
16:18:20.0505 3896   CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:18:20.0567 3896   CompositeBus - ok
16:18:20.0630 3896   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:18:20.0645 3896   crcdisk - ok
16:18:20.0755 3896   DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:18:20.0817 3896   DfsC - ok
16:18:20.0864 3896   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:18:20.0926 3896   discache - ok
16:18:20.0989 3896   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:18:21.0004 3896   Disk - ok
16:18:21.0113 3896   DKbFltr         (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
16:18:21.0160 3896   DKbFltr - ok
16:18:21.0223 3896   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:18:21.0269 3896   drmkaud - ok
16:18:21.0332 3896   DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:18:21.0379 3896   DXGKrnl - ok
16:18:21.0503 3896   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:18:21.0675 3896   ebdrv - ok
16:18:21.0753 3896   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:18:21.0784 3896   elxstor - ok
16:18:21.0878 3896   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:18:21.0956 3896   ErrDev - ok
16:18:22.0034 3896   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:18:22.0112 3896   exfat - ok
16:18:22.0159 3896   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:18:22.0221 3896   fastfat - ok
16:18:22.0268 3896   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:18:22.0330 3896   fdc - ok
16:18:22.0393 3896   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:18:22.0408 3896   FileInfo - ok
16:18:22.0439 3896   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:18:22.0517 3896   Filetrace - ok
16:18:22.0549 3896   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:18:22.0580 3896   flpydisk - ok
16:18:22.0642 3896   FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:18:22.0720 3896   FltMgr - ok
16:18:22.0767 3896   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:18:22.0783 3896   FsDepends - ok
16:18:22.0798 3896   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:18:22.0829 3896   Fs_Rec - ok
16:18:22.0892 3896   fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:18:22.0907 3896   fvevol - ok
16:18:22.0954 3896   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:18:22.0970 3896   gagp30kx - ok
16:18:23.0032 3896   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:18:23.0110 3896   hcw85cir - ok
16:18:23.0188 3896   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:18:23.0251 3896   HdAudAddService - ok
16:18:23.0313 3896   HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:18:23.0360 3896   HDAudBus - ok
16:18:23.0391 3896   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:18:23.0422 3896   HidBatt - ok
16:18:23.0453 3896   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:18:23.0500 3896   HidBth - ok
16:18:23.0547 3896   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:18:23.0578 3896   HidIr - ok
16:18:23.0656 3896   HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:18:23.0703 3896   HidUsb - ok
16:18:23.0781 3896   HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:18:23.0797 3896   HpSAMD - ok
16:18:23.0875 3896   HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:18:23.0953 3896   HTTP - ok
16:18:23.0999 3896   hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:18:24.0015 3896   hwpolicy - ok
16:18:24.0062 3896   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:18:24.0109 3896   i8042prt - ok
16:18:24.0171 3896   iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:18:24.0202 3896   iaStorV - ok
16:18:24.0249 3896   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:18:24.0280 3896   iirsp - ok
16:18:24.0374 3896   IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
16:18:24.0530 3896   IntcAzAudAddService - ok
16:18:24.0577 3896   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:18:24.0592 3896   intelide - ok
16:18:24.0639 3896   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:18:24.0686 3896   intelppm - ok
16:18:24.0748 3896   IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:18:24.0826 3896   IpFilterDriver - ok
16:18:24.0889 3896   IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:18:24.0935 3896   IPMIDRV - ok
16:18:24.0967 3896   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:18:25.0045 3896   IPNAT - ok
16:18:25.0091 3896   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:18:25.0232 3896   IRENUM - ok
16:18:25.0279 3896   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:18:25.0294 3896   isapnp - ok
16:18:25.0357 3896   iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:18:25.0372 3896   iScsiPrt - ok
16:18:25.0435 3896   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:18:25.0450 3896   kbdclass - ok
16:18:25.0544 3896   kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:18:25.0606 3896   kbdhid - ok
16:18:25.0700 3896   KL1             (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
16:18:25.0731 3896   KL1 - ok
16:18:25.0762 3896   kl2             (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
16:18:25.0778 3896   kl2 - ok
16:18:25.0871 3896   KLIF            (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys
16:18:25.0887 3896   KLIF - ok
16:18:25.0934 3896   KLIM6           (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys
16:18:25.0949 3896   KLIM6 - ok
16:18:25.0981 3896   klmouflt        (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
16:18:25.0996 3896   klmouflt - ok
16:18:26.0043 3896   KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
16:18:26.0059 3896   KSecDD - ok
16:18:26.0121 3896   KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
16:18:26.0152 3896   KSecPkg - ok
16:18:26.0215 3896   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:18:26.0293 3896   ksthunk - ok
16:18:26.0371 3896   L1C             (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
16:18:26.0449 3896   L1C - ok
16:18:26.0573 3896   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:18:26.0651 3896   lltdio - ok
16:18:26.0714 3896   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:18:26.0745 3896   LSI_FC - ok
16:18:26.0776 3896   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:18:26.0792 3896   LSI_SAS - ok
16:18:26.0823 3896   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:18:26.0839 3896   LSI_SAS2 - ok
16:18:26.0885 3896   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:18:26.0901 3896   LSI_SCSI - ok
16:18:26.0948 3896   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:18:27.0026 3896   luafv - ok
16:18:27.0073 3896   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:18:27.0088 3896   megasas - ok
16:18:27.0119 3896   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:18:27.0151 3896   MegaSR - ok
16:18:27.0182 3896   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:18:27.0260 3896   Modem - ok
16:18:27.0307 3896   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:18:27.0353 3896   monitor - ok
16:18:27.0416 3896   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:18:27.0431 3896   mouclass - ok
16:18:27.0463 3896   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:18:27.0509 3896   mouhid - ok
16:18:27.0556 3896   mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:18:27.0587 3896   mountmgr - ok
16:18:27.0634 3896   mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:18:27.0665 3896   mpio - ok
16:18:27.0697 3896   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:18:27.0759 3896   mpsdrv - ok
16:18:27.0821 3896   MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:18:27.0931 3896   MRxDAV - ok
16:18:27.0962 3896   mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:28.0040 3896   mrxsmb - ok
16:18:28.0087 3896   mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:28.0196 3896   mrxsmb10 - ok
16:18:28.0243 3896   mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:28.0274 3896   mrxsmb20 - ok
16:18:28.0305 3896   msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:18:28.0321 3896   msahci - ok
16:18:28.0414 3896   msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:18:28.0430 3896   msdsm - ok
16:18:28.0508 3896   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:18:28.0555 3896   Msfs - ok
16:18:28.0601 3896   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:18:28.0679 3896   mshidkmdf - ok
16:18:28.0711 3896   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:18:28.0726 3896   msisadrv - ok
16:18:28.0789 3896   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:18:28.0867 3896   MSKSSRV - ok
16:18:28.0913 3896   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:28.0976 3896   MSPCLOCK - ok
16:18:29.0023 3896   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:18:29.0085 3896   MSPQM - ok
16:18:29.0163 3896   MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:18:29.0194 3896   MsRPC - ok
16:18:29.0225 3896   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:18:29.0241 3896   mssmbios - ok
16:18:29.0335 3896   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:18:29.0413 3896   MSTEE - ok
16:18:29.0444 3896   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:18:29.0506 3896   MTConfig - ok
16:18:29.0553 3896   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:18:29.0569 3896   Mup - ok
16:18:29.0631 3896   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:18:29.0678 3896   NativeWifiP - ok
16:18:29.0756 3896   NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:18:29.0818 3896   NDIS - ok
16:18:29.0865 3896   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:18:29.0912 3896   NdisCap - ok
16:18:29.0943 3896   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:30.0021 3896   NdisTapi - ok
16:18:30.0099 3896   Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:30.0193 3896   Ndisuio - ok
16:18:30.0271 3896   NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:30.0380 3896   NdisWan - ok
16:18:30.0427 3896   NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:18:30.0536 3896   NDProxy - ok
16:18:30.0614 3896   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:18:30.0676 3896   NetBIOS - ok
16:18:30.0754 3896   NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:18:30.0863 3896   NetBT - ok
16:18:31.0129 3896   netr7364        (621559a521682a888d83db34c6ec0bf8) C:\Windows\system32\DRIVERS\netr7364.sys
16:18:31.0191 3896   netr7364 - ok
16:18:31.0300 3896   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:18:31.0316 3896   nfrd960 - ok
16:18:31.0534 3896   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:18:31.0659 3896   Npfs - ok
16:18:31.0909 3896   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:18:32.0002 3896   nsiproxy - ok
16:18:32.0127 3896   Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:18:32.0221 3896   Ntfs - ok
16:18:32.0470 3896   NTIDrvr         (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
16:18:32.0501 3896   NTIDrvr - ok
16:18:32.0564 3896   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:18:32.0673 3896   Null - ok
16:18:32.0798 3896   nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:18:32.0845 3896   nvraid - ok
16:18:32.0907 3896   nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:18:32.0954 3896   nvstor - ok
16:18:33.0016 3896   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:18:33.0032 3896   nv_agp - ok
16:18:33.0063 3896   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:18:33.0157 3896   ohci1394 - ok
16:18:33.0843 3896   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:18:33.0937 3896   Parport - ok
16:18:33.0999 3896   partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:18:34.0046 3896   partmgr - ok
16:18:34.0108 3896   pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:18:34.0280 3896   pci - ok
16:18:34.0420 3896   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:18:34.0467 3896   pciide - ok
16:18:34.0576 3896   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:18:34.0592 3896   pcmcia - ok
16:18:34.0685 3896   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:18:34.0701 3896   pcw - ok
16:18:34.0748 3896   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:18:34.0857 3896   PEAUTH - ok
16:18:35.0013 3896   PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:18:35.0091 3896   PptpMiniport - ok
16:18:35.0231 3896   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:18:35.0309 3896   Processor - ok
16:18:35.0403 3896   Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:18:35.0481 3896   Psched - ok
16:18:35.0575 3896   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:18:35.0653 3896   ql2300 - ok
16:18:35.0684 3896   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:18:35.0699 3896   ql40xx - ok
16:18:35.0731 3896   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:18:35.0777 3896   QWAVEdrv - ok
16:18:35.0809 3896   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:18:35.0871 3896   RasAcd - ok
16:18:35.0918 3896   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:18:35.0965 3896   RasAgileVpn - ok
16:18:36.0027 3896   Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:18:36.0105 3896   Rasl2tp - ok
16:18:36.0152 3896   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:18:36.0230 3896   RasPppoe - ok
16:18:36.0277 3896   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:18:36.0355 3896   RasSstp - ok
16:18:36.0401 3896   rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:18:36.0479 3896   rdbss - ok
16:18:36.0526 3896   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:18:36.0557 3896   rdpbus - ok
16:18:36.0589 3896   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:18:36.0667 3896   RDPCDD - ok
16:18:36.0713 3896   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:18:36.0791 3896   RDPENCDD - ok
16:18:36.0807 3896   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:18:36.0869 3896   RDPREFMP - ok
16:18:36.0916 3896   RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:18:36.0979 3896   RDPWD - ok
16:18:37.0041 3896   rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:18:37.0119 3896   rdyboost - ok
16:18:37.0353 3896   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:18:37.0587 3896   rspndr - ok
16:18:37.0790 3896   RSUSBSTOR       (b1d04ed92d148b54169499d9568a3c55) C:\Windows\system32\Drivers\RtsUStor.sys
16:18:38.0024 3896   RSUSBSTOR - ok
16:18:38.0164 3896   RtsUIR - ok
16:18:38.0242 3896   sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:18:38.0258 3896   sbp2port - ok
16:18:38.0320 3896   scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:18:38.0383 3896   scfilter - ok
16:18:38.0461 3896   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:18:38.0507 3896   secdrv - ok
16:18:38.0554 3896   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:18:38.0601 3896   Serenum - ok
16:18:38.0663 3896   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:18:38.0695 3896   Serial - ok
16:18:38.0741 3896   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:18:38.0788 3896   sermouse - ok
16:18:38.0866 3896   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:18:38.0929 3896   sffdisk - ok
16:18:38.0944 3896   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:18:38.0991 3896   sffp_mmc - ok
16:18:39.0022 3896   sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:18:39.0069 3896   sffp_sd - ok
16:18:39.0116 3896   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:18:39.0225 3896   sfloppy - ok
16:18:39.0287 3896   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:18:39.0365 3896   SiSRaid2 - ok
16:18:39.0412 3896   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:18:39.0428 3896   SiSRaid4 - ok
16:18:39.0459 3896   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:18:39.0537 3896   Smb - ok
16:18:39.0599 3896   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:18:39.0615 3896   spldr - ok
16:18:39.0677 3896   srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:18:39.0755 3896   srv - ok
16:18:39.0818 3896   srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:18:39.0849 3896   srv2 - ok
16:18:39.0911 3896   srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:18:39.0958 3896   srvnet - ok
16:18:40.0036 3896   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:18:40.0052 3896   stexstor - ok
16:18:40.0114 3896   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:18:40.0130 3896   swenum - ok
16:18:40.0255 3896   Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:18:40.0395 3896   Tcpip - ok
16:18:40.0535 3896   TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:18:40.0582 3896   TCPIP6 - ok
16:18:40.0645 3896   tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:18:40.0738 3896   tcpipreg - ok
16:18:40.0816 3896   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:18:40.0879 3896   TDPIPE - ok
16:18:40.0910 3896   TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:18:40.0972 3896   TDTCP - ok
16:18:41.0019 3896   tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:18:41.0081 3896   tdx - ok
16:18:41.0128 3896   TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:18:41.0144 3896   TermDD - ok
16:18:41.0222 3896   tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:18:41.0284 3896   tssecsrv - ok
16:18:41.0378 3896   TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:18:41.0456 3896   TsUsbFlt - ok
16:18:41.0549 3896   tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:18:41.0627 3896   tunnel - ok
16:18:41.0690 3896   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:18:41.0705 3896   uagp35 - ok
16:18:41.0737 3896   UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
16:18:41.0752 3896   UBHelper - ok
16:18:41.0815 3896   udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:18:41.0924 3896   udfs - ok
16:18:42.0002 3896   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:18:42.0049 3896   uliagpkx - ok
16:18:42.0095 3896   umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:18:42.0142 3896   umbus - ok
16:18:42.0189 3896   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:18:42.0236 3896   UmPass - ok
16:18:42.0314 3896   usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:18:42.0361 3896   usbaudio - ok
16:18:42.0407 3896   usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:18:42.0485 3896   usbccgp - ok
16:18:42.0532 3896   USBCCID - ok
16:18:42.0579 3896   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:18:42.0610 3896   usbcir - ok
16:18:42.0673 3896   usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:18:42.0704 3896   usbehci - ok
16:18:42.0766 3896   usbfilter       (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
16:18:42.0782 3896   usbfilter - ok
16:18:42.0829 3896   usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:18:42.0875 3896   usbhub - ok
16:18:42.0938 3896   usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:18:42.0969 3896   usbohci - ok
16:18:43.0031 3896   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:18:43.0078 3896   usbprint - ok
16:18:43.0125 3896   USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:18:43.0187 3896   USBSTOR - ok
16:18:43.0219 3896   usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:18:43.0265 3896   usbuhci - ok
16:18:43.0343 3896   usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:18:43.0406 3896   usbvideo - ok
16:18:43.0468 3896   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:18:43.0484 3896   vdrvroot - ok
16:18:43.0515 3896   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:18:43.0546 3896   vga - ok
16:18:43.0577 3896   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:18:43.0624 3896   VgaSave - ok
16:18:43.0655 3896   vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:18:43.0687 3896   vhdmp - ok
16:18:43.0702 3896   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:18:43.0718 3896   viaide - ok
16:18:43.0749 3896   volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:18:43.0765 3896   volmgr - ok
16:18:43.0827 3896   volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:18:43.0843 3896   volmgrx - ok
16:18:43.0905 3896   volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:18:43.0921 3896   volsnap - ok
16:18:43.0967 3896   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:18:43.0999 3896   vsmraid - ok
16:18:44.0030 3896   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:18:44.0077 3896   vwifibus - ok
16:18:44.0123 3896   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:18:44.0155 3896   vwififlt - ok
16:18:44.0264 3896   VX3000          (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys
16:18:44.0357 3896   VX3000 - ok
16:18:44.0404 3896   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:18:44.0451 3896   WacomPen - ok
16:18:44.0513 3896   WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:44.0591 3896   WANARP - ok
16:18:44.0654 3896   Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:44.0701 3896   Wanarpv6 - ok
16:18:44.0779 3896   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:18:44.0794 3896   Wd - ok
16:18:44.0825 3896   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:18:44.0872 3896   Wdf01000 - ok
16:18:44.0950 3896   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:18:44.0997 3896   WfpLwf - ok
16:18:45.0028 3896   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:18:45.0044 3896   WIMMount - ok
16:18:45.0169 3896   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:18:45.0200 3896   WmiAcpi - ok
16:18:45.0262 3896   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:18:45.0340 3896   ws2ifsl - ok
16:18:45.0418 3896   WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:18:45.0465 3896   WudfPf - ok
16:18:45.0527 3896   WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:18:45.0590 3896   WUDFRd - ok
16:18:45.0683 3896   MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:18:45.0871 3896   \Device\Harddisk0\DR0 - ok
16:18:45.0871 3896   Boot (0x1200)   (4ae9670f027d0a89e0c7489090193fcf) \Device\Harddisk0\DR0\Partition0
16:18:45.0871 3896   \Device\Harddisk0\DR0\Partition0 - ok
16:18:45.0917 3896   Boot (0x1200)   (9d87a2e1b9d5058b8bf2c0389474ae0b) \Device\Harddisk0\DR0\Partition1
16:18:45.0917 3896   \Device\Harddisk0\DR0\Partition1 - ok
16:18:45.0917 3896   ============================================================
16:18:45.0917 3896   Scan finished
16:18:45.0917 3896   ============================================================
16:18:45.0949 3888   Detected object count: 0
16:18:45.0949 3888   Actual detected object count: 0
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #28 on: January 10, 2012, 05:31:11 PM »
Thanks! Please run the aswMBR scan now and post the results.
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline JerichoX

  • Bronze Member
  • Posts: 36
Re: [Resolved] Started as Win 7 virus, morphed to redirects and desktop pop ups
« Reply #29 on: January 10, 2012, 05:47:20 PM »
Looks like it found something

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-10 16:37:52
-----------------------------
16:37:52.931    OS Version: Windows x64 6.1.7601 Service Pack 1
16:37:52.931    Number of processors: 1 586 0x7C02
16:37:52.931    ComputerName: SAM-PC  UserName: Sam
16:37:53.913    Initialize success
16:37:59.732    AVAST engine defs: 12011001
16:38:02.649    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:38:02.649    Disk 0 Vendor: WDC_WD1600BEVT-22ZCT0 11.01A11 Size: 152627MB BusType: 11
16:38:02.759    Disk 0 MBR read successfully
16:38:02.759    Disk 0 MBR scan
16:38:02.759    Disk 0 Windows 7 default MBR code
16:38:02.759    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12291 MB offset 63
16:38:02.790    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          101 MB offset 25173855
16:38:02.805    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       140232 MB offset 25382700
16:38:02.821    Service scanning
16:38:03.757    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
16:38:03.773    Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
16:38:03.773    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
16:38:03.773    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
16:38:04.553    Modules scanning
16:38:04.568    Disk 0 trace - called modules:
16:38:04.584    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:38:04.599    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003115790]
16:38:04.599    3 CLASSPNP.SYS[fffff880021ce43f] -> nt!IofCallDriver -> [0xfffffa80030a2650]
16:38:04.615    5 ACPI.sys[fffff88000e527a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800305f680]
16:38:05.691    AVAST engine scan C:\Windows
16:38:07.033    File: C:\Windows\PEV.exe  **INFECTED** Win32:Rootkit-gen [Rtk]
16:38:08.843    AVAST engine scan C:\Windows\system32
16:40:22.566    AVAST engine scan C:\Windows\system32\drivers
16:40:36.372    AVAST engine scan C:\Users\Sam
16:42:34.527    AVAST engine scan C:\ProgramData
16:43:47.394    Scan finished successfully
16:44:38.110    Disk 0 MBR has been saved successfully to "C:\Users\Sam\Desktop\MBR.dat"
16:44:38.126    The log file has been saved successfully to "C:\Users\Sam\Desktop\aswMBR.txt"
Logged
Pages: 1 [2] 3 4 5   Go Up
« previous next »