Jump to content


Photo
- - - - -

Google Redirect Virus

Google Redirect Virus

  • This topic is locked This topic is locked
13 replies to this topic

#1 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 07 March 2012 - 03:31 PM

I go to google and attempt to search a topic. When I click on a link I'm am constantly being redirected to other sites such as "askthecrew" and others. I've ran malawarebytes and the issue remains. Thank you in advance for your help.


-Juan Briones

Attached File  DDS.txt   17.24KB   6 downloads

Attached File  Attach.txt   9.67KB   5 downloads

#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 07 March 2012 - 03:44 PM

Hello xknightx and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictlya and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.


In your next post, please include:

  • TDSSKiller log
  • ComboFix log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 07 March 2012 - 05:24 PM

ComboFix 12-03-07.05 - WONTON 03/07/2012 16:50:50.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.595 [GMT -5:00]
Running from: c:\users\WONTON\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\root
c:\users\WONTON\AppData\Roaming\2K Sports\2K Sports\xiuzb.dll
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))))
.
.
2012-03-07 17:17 . 2012-03-07 17:17 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-03-07 04:47 . 2012-03-07 04:47 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0C23402-23B9-446E-821F-C28ADBABD8A9}\offreg.dll
2012-03-06 14:15 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0C23402-23B9-446E-821F-C28ADBABD8A9}\mpengine.dll
2012-02-29 21:39 . 2012-02-29 21:39 -------- d-----w- c:\users\WONTON\AppData\Roaming\Red Kawa
2012-02-26 13:20 . 2012-02-26 13:20 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-02-26 13:20 . 2012-02-26 13:20 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-02-26 13:20 . 2012-02-26 13:20 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-02-26 13:20 . 2012-02-26 13:20 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-02-16 19:17 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 19:17 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-16 19:17 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 19:17 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-16 19:17 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 19:17 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 19:17 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 19:17 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 17:16 . 2011-05-30 16:04 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-23 14:18 . 2011-05-30 16:08 279656 ------w- c:\windows\system32\MpSigStub.exe
2011-12-14 18:48 . 2011-12-14 18:48 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-12-14 18:48 . 2011-12-14 18:48 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-10 20:24 . 2011-07-19 14:08 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-14 137536]
"Akamai NetSession Interface"="c:\users\WONTON\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe"
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
R3 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2010-02-05 98208]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-12 19968]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacom\amd64\novacomd.exe [2010-01-12 46080]
S2 SCManager;SafeConnect Manager;c:\program files (x86)\SafeConnect\scManager.sys servicestart [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1631037071-2651441403-472913841-1002Core.job
- c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-14 00:10]
.
2012-03-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1631037071-2651441403-472913841-1002UA.job
- c:\users\WONTON\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-14 00:10]
.
2012-02-22 c:\windows\Tasks\HPCeeScheduleForWONTON.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-05-30 6489704]
"RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2010-02-05 995840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
FF - ProfilePath - c:\users\WONTON\AppData\Roaming\Mozilla\Firefox\Profiles\gqwtsqxc.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-HP webOS® Doctor™ Build Sprint.275.271, webOS 1.4.5 - c:\windows\system32\javaws.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\SafeConnect\scManager.sys
.
**************************************************************************
.
Completion time: 2012-03-07 17:16:58 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-07 22:16
.
Pre-Run: 80,117,207,040 bytes free
Post-Run: 80,828,416,000 bytes free
.
- - End Of File - - 12D568554FC1A0CFE11A5D5DA5C49920

#4 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 07 March 2012 - 05:26 PM

16:39:57.0877 4884 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
16:39:58.0235 4884 ============================================================
16:39:58.0235 4884 Current date / time: 2012/03/07 16:39:58.0235
16:39:58.0235 4884 SystemInfo:
16:39:58.0235 4884
16:39:58.0235 4884 OS Version: 6.1.7601 ServicePack: 1.0
16:39:58.0235 4884 Product type: Workstation
16:39:58.0235 4884 ComputerName: JUANBRIONES-PC
16:39:58.0235 4884 UserName: WONTON
16:39:58.0235 4884 Windows directory: C:\Windows
16:39:58.0235 4884 System windows directory: C:\Windows
16:39:58.0235 4884 Running under WOW64
16:39:58.0235 4884 Processor architecture: Intel x64
16:39:58.0235 4884 Number of processors: 1
16:39:58.0235 4884 Page size: 0x1000
16:39:58.0235 4884 Boot type: Normal boot
16:39:58.0235 4884 ============================================================
16:40:00.0622 4884 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:00.0622 4884 \Device\Harddisk0\DR0:
16:40:00.0622 4884 MBR used
16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B608000
16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B66C000, BlocksNum 0x1B25800
16:40:00.0622 4884 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
16:40:00.0716 4884 Initialize success
16:40:00.0716 4884 ============================================================
16:40:14.0725 2840 ============================================================
16:40:14.0725 2840 Scan started
16:40:14.0725 2840 Mode: Manual; SigCheck; TDLFS;
16:40:14.0725 2840 ============================================================
16:40:16.0503 2840 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:40:16.0675 2840 1394ohci - ok
16:40:16.0815 2840 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:40:16.0831 2840 ACPI - ok
16:40:16.0893 2840 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:40:16.0987 2840 AcpiPmi - ok
16:40:17.0111 2840 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:40:17.0143 2840 adp94xx - ok
16:40:17.0174 2840 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:40:17.0189 2840 adpahci - ok
16:40:17.0236 2840 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:40:17.0252 2840 adpu320 - ok
16:40:17.0408 2840 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:40:17.0486 2840 AFD - ok
16:40:17.0595 2840 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:40:17.0611 2840 agp440 - ok
16:40:18.0001 2840 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:40:18.0016 2840 aliide - ok
16:40:18.0157 2840 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:40:18.0157 2840 amdide - ok
16:40:18.0219 2840 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:40:18.0297 2840 AmdK8 - ok
16:40:18.0578 2840 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys
16:40:18.0890 2840 amdkmdag - ok
16:40:19.0030 2840 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys
16:40:19.0093 2840 amdkmdap - ok
16:40:19.0155 2840 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:40:19.0202 2840 AmdPPM - ok
16:40:19.0311 2840 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
16:40:19.0342 2840 amdsata - ok
16:40:19.0405 2840 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:40:19.0420 2840 amdsbs - ok
16:40:19.0451 2840 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
16:40:19.0467 2840 amdxata - ok
16:40:19.0545 2840 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:40:19.0748 2840 AppID - ok
16:40:19.0873 2840 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:40:19.0888 2840 arc - ok
16:40:19.0935 2840 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:40:19.0951 2840 arcsas - ok
16:40:20.0060 2840 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
16:40:20.0075 2840 aswFsBlk - ok
16:40:20.0200 2840 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
16:40:20.0216 2840 aswMonFlt - ok
16:40:20.0231 2840 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
16:40:20.0247 2840 aswRdr - ok
16:40:20.0278 2840 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
16:40:20.0294 2840 aswSnx - ok
16:40:20.0325 2840 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
16:40:20.0341 2840 aswSP - ok
16:40:20.0372 2840 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
16:40:20.0387 2840 aswTdi - ok
16:40:20.0434 2840 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:40:20.0606 2840 AsyncMac - ok
16:40:20.0715 2840 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:40:20.0731 2840 atapi - ok
16:40:20.0855 2840 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
16:40:20.0980 2840 athr - ok
16:40:21.0089 2840 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:40:21.0105 2840 AtiPcie - ok
16:40:21.0245 2840 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:40:21.0292 2840 b06bdrv - ok
16:40:21.0417 2840 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:40:21.0495 2840 b57nd60a - ok
16:40:21.0542 2840 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:40:21.0620 2840 Beep - ok
16:40:21.0807 2840 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:40:21.0838 2840 blbdrive - ok
16:40:21.0901 2840 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:40:21.0979 2840 bowser - ok
16:40:22.0103 2840 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:40:22.0181 2840 BrFiltLo - ok
16:40:22.0291 2840 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:40:22.0306 2840 BrFiltUp - ok
16:40:22.0337 2840 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:40:22.0400 2840 Brserid - ok
16:40:22.0493 2840 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:40:22.0540 2840 BrSerWdm - ok
16:40:22.0587 2840 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:40:22.0618 2840 BrUsbMdm - ok
16:40:22.0649 2840 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:40:22.0681 2840 BrUsbSer - ok
16:40:22.0743 2840 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:40:22.0774 2840 BTHMODEM - ok
16:40:22.0915 2840 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:40:22.0977 2840 cdfs - ok
16:40:23.0164 2840 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:40:23.0227 2840 cdrom - ok
16:40:23.0383 2840 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:40:23.0429 2840 circlass - ok
16:40:23.0476 2840 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:40:23.0507 2840 CLFS - ok
16:40:23.0601 2840 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:40:23.0632 2840 CmBatt - ok
16:40:23.0726 2840 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:40:23.0741 2840 cmdide - ok
16:40:23.0804 2840 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:40:23.0835 2840 CNG - ok
16:40:23.0975 2840 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:40:23.0991 2840 Compbatt - ok
16:40:24.0053 2840 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:40:24.0100 2840 CompositeBus - ok
16:40:24.0241 2840 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:40:24.0256 2840 crcdisk - ok
16:40:24.0397 2840 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:40:24.0459 2840 DfsC - ok
16:40:24.0490 2840 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:40:24.0553 2840 discache - ok
16:40:24.0693 2840 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:40:24.0709 2840 Disk - ok
16:40:24.0802 2840 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:40:24.0833 2840 drmkaud - ok
16:40:25.0099 2840 dump_wmimmc - ok
16:40:25.0239 2840 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:40:25.0270 2840 DXGKrnl - ok
16:40:25.0379 2840 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:40:25.0504 2840 ebdrv - ok
16:40:25.0660 2840 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:40:25.0691 2840 elxstor - ok
16:40:25.0738 2840 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:40:25.0785 2840 ErrDev - ok
16:40:25.0941 2840 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:40:26.0003 2840 exfat - ok
16:40:26.0035 2840 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:40:26.0113 2840 fastfat - ok
16:40:26.0253 2840 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:40:26.0300 2840 fdc - ok
16:40:26.0425 2840 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:40:26.0440 2840 FileInfo - ok
16:40:26.0456 2840 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:40:26.0534 2840 Filetrace - ok
16:40:26.0659 2840 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:40:26.0674 2840 flpydisk - ok
16:40:26.0752 2840 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:40:26.0768 2840 FltMgr - ok
16:40:26.0846 2840 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:40:26.0846 2840 FsDepends - ok
16:40:26.0877 2840 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:40:26.0877 2840 Fs_Rec - ok
16:40:26.0955 2840 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:40:26.0971 2840 fvevol - ok
16:40:27.0111 2840 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:40:27.0111 2840 gagp30kx - ok
16:40:27.0220 2840 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:40:27.0283 2840 hcw85cir - ok
16:40:27.0423 2840 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:40:27.0439 2840 HdAudAddService - ok
16:40:27.0470 2840 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:40:27.0517 2840 HDAudBus - ok
16:40:27.0563 2840 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:40:27.0595 2840 HidBatt - ok
16:40:27.0626 2840 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:40:27.0688 2840 HidBth - ok
16:40:27.0735 2840 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:40:27.0782 2840 HidIr - ok
16:40:27.0907 2840 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:40:27.0969 2840 HidUsb - ok
16:40:28.0187 2840 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:40:28.0203 2840 HpSAMD - ok
16:40:28.0297 2840 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:40:28.0375 2840 HTTP - ok
16:40:28.0421 2840 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:40:28.0437 2840 hwpolicy - ok
16:40:28.0515 2840 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:40:28.0531 2840 i8042prt - ok
16:40:28.0593 2840 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:40:28.0624 2840 iaStorV - ok
16:40:28.0952 2840 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:40:29.0233 2840 igfx - ok
16:40:29.0389 2840 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:40:29.0404 2840 iirsp - ok
16:40:29.0498 2840 IntcAzAudAddService (d311e2dd59a34079d89c249b2a4d9fdb) C:\Windows\system32\drivers\RTKVHD64.sys
16:40:29.0607 2840 IntcAzAudAddService - ok
16:40:29.0732 2840 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:40:29.0732 2840 intelide - ok
16:40:29.0794 2840 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:40:29.0825 2840 intelppm - ok
16:40:29.0981 2840 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:40:30.0028 2840 IpFilterDriver - ok
16:40:30.0091 2840 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:40:30.0122 2840 IPMIDRV - ok
16:40:30.0184 2840 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:40:30.0278 2840 IPNAT - ok
16:40:30.0325 2840 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:40:30.0418 2840 IRENUM - ok
16:40:30.0512 2840 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:40:30.0527 2840 isapnp - ok
16:40:30.0590 2840 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:40:30.0605 2840 iScsiPrt - ok
16:40:30.0652 2840 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:40:30.0668 2840 kbdclass - ok
16:40:30.0761 2840 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:40:30.0793 2840 kbdhid - ok
16:40:30.0855 2840 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:40:30.0871 2840 KSecDD - ok
16:40:30.0902 2840 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:40:30.0917 2840 KSecPkg - ok
16:40:30.0980 2840 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:40:31.0058 2840 ksthunk - ok
16:40:31.0214 2840 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:40:31.0229 2840 LHidFilt - ok
16:40:31.0495 2840 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:40:31.0541 2840 lltdio - ok
16:40:31.0666 2840 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:40:31.0682 2840 LMouFilt - ok
16:40:31.0760 2840 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:40:31.0775 2840 LSI_FC - ok
16:40:31.0900 2840 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:40:31.0916 2840 LSI_SAS - ok
16:40:32.0056 2840 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:40:32.0072 2840 LSI_SAS2 - ok
16:40:32.0103 2840 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:40:32.0119 2840 LSI_SCSI - ok
16:40:32.0165 2840 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:40:32.0228 2840 luafv - ok
16:40:32.0353 2840 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
16:40:32.0368 2840 mcdbus - ok
16:40:32.0431 2840 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:40:32.0446 2840 megasas - ok
16:40:32.0493 2840 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:40:32.0509 2840 MegaSR - ok
16:40:32.0618 2840 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:40:32.0727 2840 Modem - ok
16:40:33.0148 2840 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:40:33.0195 2840 monitor - ok
16:40:33.0335 2840 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:40:33.0351 2840 mouclass - ok
16:40:33.0476 2840 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:40:33.0507 2840 mouhid - ok
16:40:33.0601 2840 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:40:33.0647 2840 mountmgr - ok
16:40:34.0583 2840 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:40:34.0599 2840 mpio - ok
16:40:34.0927 2840 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:40:35.0129 2840 mpsdrv - ok
16:40:35.0379 2840 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:40:35.0473 2840 MRxDAV - ok
16:40:35.0582 2840 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:40:35.0644 2840 mrxsmb - ok
16:40:35.0691 2840 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:40:35.0722 2840 mrxsmb10 - ok
16:40:35.0785 2840 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:40:35.0800 2840 mrxsmb20 - ok
16:40:35.0847 2840 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:40:35.0863 2840 msahci - ok
16:40:35.0909 2840 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:40:35.0925 2840 msdsm - ok
16:40:35.0987 2840 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:40:36.0034 2840 Msfs - ok
16:40:36.0143 2840 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:40:36.0221 2840 mshidkmdf - ok
16:40:36.0284 2840 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:40:36.0299 2840 msisadrv - ok
16:40:36.0377 2840 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:40:36.0502 2840 MSKSSRV - ok
16:40:37.0064 2840 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:40:37.0126 2840 MSPCLOCK - ok
16:40:37.0267 2840 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:40:37.0329 2840 MSPQM - ok
16:40:37.0828 2840 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:40:37.0859 2840 MsRPC - ok
16:40:37.0922 2840 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:40:37.0937 2840 mssmbios - ok
16:40:38.0000 2840 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:40:38.0140 2840 MSTEE - ok
16:40:38.0530 2840 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:40:38.0671 2840 MTConfig - ok
16:40:38.0764 2840 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:40:38.0780 2840 Mup - ok
16:40:39.0435 2840 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:40:39.0497 2840 NativeWifiP - ok
16:40:39.0622 2840 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:40:39.0653 2840 NDIS - ok
16:40:39.0731 2840 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:40:39.0794 2840 NdisCap - ok
16:40:39.0919 2840 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:40:39.0981 2840 NdisTapi - ok
16:40:40.0121 2840 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:40:40.0184 2840 Ndisuio - ok
16:40:40.0231 2840 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:40:40.0293 2840 NdisWan - ok
16:40:40.0340 2840 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:40:40.0418 2840 NDProxy - ok
16:40:40.0480 2840 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:40:40.0543 2840 NetBIOS - ok
16:40:40.0605 2840 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:40:40.0667 2840 NetBT - ok
16:40:40.0917 2840 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
16:40:41.0135 2840 netw5v64 - ok
16:40:41.0245 2840 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:40:41.0260 2840 nfrd960 - ok
16:40:41.0307 2840 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:40:41.0385 2840 Npfs - ok
16:40:41.0479 2840 NPPTNT2 - ok
16:40:41.0557 2840 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:40:41.0619 2840 nsiproxy - ok
16:40:41.0822 2840 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:40:41.0916 2840 Ntfs - ok
16:40:41.0931 2840 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:40:42.0009 2840 Null - ok
16:40:42.0399 2840 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:40:42.0415 2840 nvraid - ok
16:40:42.0493 2840 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:40:42.0508 2840 nvstor - ok
16:40:42.0555 2840 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:40:42.0571 2840 nv_agp - ok
16:40:42.0649 2840 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:40:42.0711 2840 ohci1394 - ok
16:40:42.0774 2840 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:40:42.0789 2840 Parport - ok
16:40:42.0852 2840 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:40:42.0852 2840 partmgr - ok
16:40:42.0945 2840 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:40:42.0961 2840 pci - ok
16:40:43.0008 2840 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:40:43.0039 2840 pciide - ok
16:40:43.0070 2840 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:40:43.0086 2840 pcmcia - ok
16:40:43.0117 2840 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:40:43.0117 2840 pcw - ok
16:40:43.0164 2840 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:40:43.0242 2840 PEAUTH - ok
16:40:43.0366 2840 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:40:43.0444 2840 PptpMiniport - ok
16:40:43.0491 2840 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:40:43.0538 2840 Processor - ok
16:40:43.0632 2840 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:40:43.0694 2840 Psched - ok
16:40:43.0772 2840 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:40:43.0834 2840 ql2300 - ok
16:40:44.0006 2840 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:40:44.0022 2840 ql40xx - ok
16:40:44.0053 2840 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:40:44.0115 2840 QWAVEdrv - ok
16:40:44.0131 2840 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:40:44.0287 2840 RasAcd - ok
16:40:44.0334 2840 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:40:44.0380 2840 RasAgileVpn - ok
16:40:44.0443 2840 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:44.0536 2840 Rasl2tp - ok
16:40:44.0646 2840 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:44.0817 2840 RasPppoe - ok
16:40:45.0192 2840 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:40:45.0270 2840 RasSstp - ok
16:40:45.0379 2840 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:40:45.0441 2840 rdbss - ok
16:40:45.0488 2840 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:40:45.0691 2840 rdpbus - ok
16:40:45.0847 2840 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:45.0925 2840 RDPCDD - ok
16:40:46.0065 2840 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:40:46.0143 2840 RDPENCDD - ok
16:40:46.0190 2840 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:40:46.0221 2840 RDPREFMP - ok
16:40:46.0284 2840 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:40:46.0330 2840 RDPWD - ok
16:40:46.0393 2840 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:40:46.0408 2840 rdyboost - ok
16:40:46.0486 2840 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:40:46.0549 2840 rspndr - ok
16:40:46.0674 2840 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\system32\Drivers\RtsUStor.sys
16:40:46.0689 2840 RSUSBSTOR - ok
16:40:46.0830 2840 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:40:46.0845 2840 RTL8167 - ok
16:40:47.0001 2840 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:40:47.0017 2840 sbp2port - ok
16:40:47.0110 2840 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:40:47.0188 2840 scfilter - ok
16:40:47.0485 2840 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:40:47.0547 2840 sdbus - ok
16:40:47.0672 2840 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:40:47.0781 2840 secdrv - ok
16:40:47.0906 2840 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:40:47.0968 2840 Serenum - ok
16:40:48.0015 2840 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:40:48.0031 2840 Serial - ok
16:40:48.0093 2840 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:40:48.0140 2840 sermouse - ok
16:40:48.0234 2840 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:40:48.0296 2840 sffdisk - ok
16:40:48.0343 2840 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:40:48.0374 2840 sffp_mmc - ok
16:40:48.0405 2840 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:40:48.0483 2840 sffp_sd - ok
16:40:48.0530 2840 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:40:48.0530 2840 sfloppy - ok
16:40:48.0592 2840 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:40:48.0608 2840 SiSRaid2 - ok
16:40:48.0624 2840 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:40:48.0639 2840 SiSRaid4 - ok
16:40:48.0686 2840 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:40:48.0748 2840 Smb - ok
16:40:48.0889 2840 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:40:48.0889 2840 spldr - ok
16:40:48.0967 2840 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:40:49.0076 2840 srv - ok
16:40:49.0201 2840 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:40:49.0232 2840 srv2 - ok
16:40:49.0294 2840 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:40:49.0341 2840 SrvHsfHDA - ok
16:40:49.0388 2840 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:40:49.0482 2840 SrvHsfV92 - ok
16:40:49.0591 2840 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:40:49.0622 2840 SrvHsfWinac - ok
16:40:49.0684 2840 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:40:49.0716 2840 srvnet - ok
16:40:49.0872 2840 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:40:49.0887 2840 stexstor - ok
16:40:50.0028 2840 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:40:50.0043 2840 swenum - ok
16:40:50.0230 2840 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
16:40:50.0246 2840 SynTP - ok
16:40:50.0386 2840 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
16:40:50.0386 2840 tbhsd - ok
16:40:50.0480 2840 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:40:50.0558 2840 Tcpip - ok
16:40:50.0714 2840 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:40:50.0745 2840 TCPIP6 - ok
16:40:50.0823 2840 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:40:50.0870 2840 tcpipreg - ok
16:40:50.0979 2840 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:40:51.0057 2840 TDPIPE - ok
16:40:51.0166 2840 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:40:51.0229 2840 TDTCP - ok
16:40:51.0307 2840 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:40:51.0338 2840 tdx - ok
16:40:51.0400 2840 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:40:51.0416 2840 TermDD - ok
16:40:51.0510 2840 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:40:51.0588 2840 tssecsrv - ok
16:40:51.0666 2840 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:40:51.0697 2840 TsUsbFlt - ok
16:40:51.0822 2840 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:40:51.0900 2840 tunnel - ok
16:40:51.0946 2840 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:40:51.0962 2840 uagp35 - ok
16:40:52.0024 2840 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:40:52.0087 2840 udfs - ok
16:40:52.0149 2840 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:40:52.0165 2840 uliagpkx - ok
16:40:52.0227 2840 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:40:52.0290 2840 umbus - ok
16:40:52.0352 2840 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:40:52.0414 2840 UmPass - ok
16:40:52.0508 2840 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:40:52.0539 2840 usbccgp - ok
16:40:52.0602 2840 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:40:52.0648 2840 usbcir - ok
16:40:52.0742 2840 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:40:52.0789 2840 usbehci - ok
16:40:52.0867 2840 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
16:40:52.0882 2840 usbfilter - ok
16:40:52.0960 2840 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:40:53.0007 2840 usbhub - ok
16:40:53.0054 2840 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:40:53.0085 2840 usbohci - ok
16:40:53.0132 2840 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:40:53.0179 2840 usbprint - ok
16:40:53.0241 2840 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:40:53.0288 2840 USBSTOR - ok
16:40:53.0304 2840 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:40:53.0350 2840 usbuhci - ok
16:40:53.0491 2840 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:40:53.0522 2840 usbvideo - ok
16:40:53.0600 2840 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:40:53.0616 2840 vdrvroot - ok
16:40:53.0662 2840 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:40:53.0678 2840 vga - ok
16:40:53.0709 2840 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:40:53.0772 2840 VgaSave - ok
16:40:53.0834 2840 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:40:53.0850 2840 vhdmp - ok
16:40:53.0865 2840 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:40:53.0881 2840 viaide - ok
16:40:53.0928 2840 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:40:53.0943 2840 volmgr - ok
16:40:54.0006 2840 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:40:54.0021 2840 volmgrx - ok
16:40:54.0052 2840 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:40:54.0068 2840 volsnap - ok
16:40:54.0130 2840 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:40:54.0146 2840 vsmraid - ok
16:40:54.0177 2840 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:40:54.0208 2840 vwifibus - ok
16:40:54.0255 2840 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:40:54.0318 2840 vwififlt - ok
16:40:54.0427 2840 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:40:54.0458 2840 vwifimp - ok
16:40:54.0489 2840 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:40:54.0536 2840 WacomPen - ok
16:40:54.0614 2840 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:40:54.0676 2840 WANARP - ok
16:40:54.0708 2840 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:40:54.0739 2840 Wanarpv6 - ok
16:40:54.0879 2840 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:40:54.0879 2840 Wd - ok
16:40:54.0926 2840 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:40:54.0957 2840 Wdf01000 - ok
16:40:55.0144 2840 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:40:55.0176 2840 WfpLwf - ok
16:40:55.0207 2840 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:40:55.0222 2840 WIMMount - ok
16:40:55.0425 2840 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:40:55.0488 2840 WinUsb - ok
16:40:55.0534 2840 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:40:55.0581 2840 WmiAcpi - ok
16:40:55.0644 2840 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:40:55.0706 2840 ws2ifsl - ok
16:40:55.0784 2840 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:40:55.0846 2840 WudfPf - ok
16:40:55.0987 2840 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:40:56.0065 2840 WUDFRd - ok
16:40:56.0158 2840 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
16:40:56.0205 2840 yukonw7 - ok
16:40:56.0283 2840 MBR (0x1B8) (c7c5a62a86001f377a0ba5fd78832cb9) \Device\Harddisk0\DR0
16:40:56.0361 2840 \Device\Harddisk0\DR0 - ok
16:40:56.0408 2840 Boot (0x1200) (f9f904bdb3f62284fa5a3469b7bb1f57) \Device\Harddisk0\DR0\Partition0
16:40:56.0408 2840 \Device\Harddisk0\DR0\Partition0 - ok
16:40:56.0424 2840 Boot (0x1200) (479558340bf6f6aa3a07fb4de2a3dcc9) \Device\Harddisk0\DR0\Partition1
16:40:56.0424 2840 \Device\Harddisk0\DR0\Partition1 - ok
16:40:56.0455 2840 Boot (0x1200) (82fd8e2bb8025e546e693a680478f8df) \Device\Harddisk0\DR0\Partition2
16:40:56.0470 2840 \Device\Harddisk0\DR0\Partition2 - ok
16:40:56.0486 2840 Boot (0x1200) (9419597aa33157577c1bc23e78202911) \Device\Harddisk0\DR0\Partition3
16:40:56.0486 2840 \Device\Harddisk0\DR0\Partition3 - ok
16:40:56.0502 2840 ============================================================
16:40:56.0502 2840 Scan finished
16:40:56.0502 2840 ============================================================
16:40:56.0517 2872 Detected object count: 0
16:40:56.0517 2872 Actual detected object count: 0
16:41:53.0083 4548 Deinitialize success

#5 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 07 March 2012 - 05:33 PM

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#6 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 07 March 2012 - 09:29 PM

It did not detect anything. Here is exactly what was in the log.


ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

#7 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 08 March 2012 - 08:29 AM

How are things now?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#8 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 08 March 2012 - 08:37 AM

It's gone! Thank you very much good sir.

#9 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 08 March 2012 - 08:44 AM

Glad I could help! :)

Please uninstall ComboFix:
www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, uninstall ESET Online Scanner and manually delete DDS and TDSSKiller.

Some malware prevention tips here:
http://forums.malwar...=0


Safe surfing! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#10 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 08 March 2012 - 08:51 AM

Could you please show or explain to me exactly where or what the infection was?

#11 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 08 March 2012 - 09:49 AM

Most likely rootkit. Probelemat is that neither TDSSKiller, nor opened ComboFix or remove something to show exactly what is the infection. At startup, ComboFix restore some settings that most malware changed. I guess that is what had an effect.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#12 xknightx

xknightx

    New Member

  • Members
  • Pip
  • 7 posts

Posted 08 March 2012 - 10:10 AM

I will donate a small amount to express my gratitude. I don't have very much money though so it will be a small amount.

#13 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,410 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 08 March 2012 - 11:34 AM

Thanks a lot, really appreciate the gesture! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#14 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 08 March 2012 - 08:36 PM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users