Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

need help removing win32/olmarik.axs [Closed]


  • This topic is locked This topic is locked

#31
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you first run a chkdisc on that drive

From explorer right click the drive and select Properties
Select the Tools tab
Select Check Now
Tick both boxes in the next dialogue
Click start



Could you also take a screenshot of your disc management to ensure that drive is not the master

Do the following:
  • Click on the Start button and then choose Control Panel.
  • Click on the System and Security link.

    Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
  • In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
  • In the Administrative Tools window, double-click on the Computer Management icon.
  • When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

    After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

    Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply.
  • 0

Advertisements


#32
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
i completely forgot that disk d and e are on the same harddrive so no i cant format it but i could format the partion the one thing tho is after running multi virus scans it shwos nothing on d and e only one physical disk 2 which is the one with my os

Posted Image
  • 0

#33
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
also I wanted to state thanks foy your help so far and your continued help
  • 0

#34
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That is rather confusing as the Active OS is according to disc management on drive 2 which is the infected one

This drive is set to dual boot of windows 7 and XP is that correct ?

The option here is to replace the dual boot MBR with a single windows 7 boot. This means you will no longer be able to boot the XP partition

One way of doing that from within windows 7 is to follow the directions here

Once that is done we can replace the windows 7 MBR with a fresh copy
  • 0

#35
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
sweet ill get work on that right now im perfectly fine not being able to dual boot
  • 0

#36
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
okay i got it removed it took 2 tries tho for somereason before it finaly didnt show up again in bcdedit
  • 0

#37
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK next trick - a quick scan with eset to see if we need to replace the MBR
  • 0

#38
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
so far from the scan its the exact same as all the other times i've scanned it
  • 0

#39
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK do you have the windows CD ?

If not we can create a recovery console disc

Create a Windows 7 System Repair Disc

Note: the below can only be done if your machine has a a type of CD/R or DVD/R optical drive installed. Also depending on the exact type of OEM your machine has you may be unable to actually create a SRD.

  • Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box, then copy/paste the following command into the box and click on OK:

    recdisc.exe

  • Allow the UAC(User Account Control) prompt via selecting Yes.
  • You should now see a menu like the below:-
Posted Image

  • Put a blank rewritable CD/DVD in your optical(CD/DVD) drive and then click on Create disc.
  • Note: If a AutoPlay window pops up, just close it.
  • When the SRD has been created you will see the below:-
Posted Image

  • Now click on Close >> OK. Leave the disc in the drive as we will be using it shortly.
  • You now have a Windows 7 System Repair Disc.




When you reboot you will see this although yours will say windows 7. Click repair my computer
Posted Image

Select your operating system
Posted Image

Select Command prompt
Posted Image

At the command prompt type the following

  • Bootrec.exe /FixMbr
  • Once finished type Exit


Reboot to normal windows and run TDSSKiller again please
  • 0

#40
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
2 problems i currently do not have a dvd/ cd installed on my comp for my old one stoped working and i dont have the original cd's for windows in fact in a few days i was planning on buying a usb and making it a windows boot
  • 0

Advertisements


#41
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We may be able to use TDSSKiller now

Could you re-run it and see if it will remove it
  • 0

#42
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
no option to cure

16:53:55.0681 1808 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
16:53:57.0682 1808 ============================================================
16:53:57.0682 1808 Current date / time: 2011/12/11 16:53:57.0682
16:53:57.0682 1808 SystemInfo:
16:53:57.0682 1808
16:53:57.0682 1808 OS Version: 6.1.7601 ServicePack: 1.0
16:53:57.0682 1808 Product type: Workstation
16:53:57.0682 1808 ComputerName: JC-PC
16:53:57.0682 1808 UserName: jc
16:53:57.0682 1808 Windows directory: C:\Windows
16:53:57.0682 1808 System windows directory: C:\Windows
16:53:57.0682 1808 Running under WOW64
16:53:57.0682 1808 Processor architecture: Intel x64
16:53:57.0683 1808 Number of processors: 3
16:53:57.0683 1808 Page size: 0x1000
16:53:57.0683 1808 Boot type: Normal boot
16:53:57.0683 1808 ============================================================
16:54:07.0127 1808 Initialize success
16:54:36.0585 4896 ============================================================
16:54:36.0585 4896 Scan started
16:54:36.0585 4896 Mode: Manual; SigCheck; TDLFS;
16:54:36.0585 4896 ============================================================
16:54:40.0619 4896 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:54:40.0700 4896 1394ohci - ok
16:54:40.0917 4896 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:54:40.0978 4896 ACPI - ok
16:54:41.0241 4896 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:54:41.0335 4896 AcpiPmi - ok
16:54:41.0692 4896 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:54:41.0720 4896 adp94xx - ok
16:54:41.0987 4896 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:54:42.0013 4896 adpahci - ok
16:54:42.0094 4896 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:54:42.0131 4896 adpu320 - ok
16:54:42.0259 4896 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
16:54:42.0367 4896 AFD - ok
16:54:42.0561 4896 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:54:42.0578 4896 agp440 - ok
16:54:42.0692 4896 Aken - ok
16:54:42.0939 4896 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:54:42.0955 4896 aliide - ok
16:54:43.0342 4896 ALSysIO - ok
16:54:43.0637 4896 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:54:43.0655 4896 amdide - ok
16:54:43.0904 4896 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:54:43.0963 4896 AmdK8 - ok
16:54:44.0151 4896 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:54:44.0211 4896 AmdPPM - ok
16:54:44.0376 4896 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
16:54:44.0397 4896 amdsata - ok
16:54:44.0518 4896 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:54:44.0656 4896 amdsbs - ok
16:54:44.0938 4896 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
16:54:45.0013 4896 amdxata - ok
16:54:45.0130 4896 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:54:45.0230 4896 AppID - ok
16:54:45.0477 4896 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:54:45.0506 4896 arc - ok
16:54:45.0527 4896 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:54:45.0539 4896 arcsas - ok
16:54:45.0641 4896 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:54:46.0662 4896 AsyncMac - ok
16:54:46.0844 4896 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:54:46.0854 4896 atapi - ok
16:54:47.0039 4896 atksgt (54494b93bb5ad74c807100144ec30d64) C:\Windows\system32\DRIVERS\atksgt.sys
16:54:47.0090 4896 atksgt - ok
16:54:47.0411 4896 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:54:47.0486 4896 b06bdrv - ok
16:54:47.0712 4896 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:54:47.0790 4896 b57nd60a - ok
16:54:48.0022 4896 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:54:48.0098 4896 Beep - ok
16:54:48.0387 4896 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:54:48.0495 4896 blbdrive - ok
16:54:48.0792 4896 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:54:48.0909 4896 bowser - ok
16:54:49.0159 4896 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:54:49.0336 4896 BrFiltLo - ok
16:54:49.0494 4896 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:54:49.0536 4896 BrFiltUp - ok
16:54:49.0598 4896 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:54:49.0670 4896 Brserid - ok
16:54:49.0929 4896 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:54:50.0015 4896 BrSerWdm - ok
16:54:50.0142 4896 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:54:50.0222 4896 BrUsbMdm - ok
16:54:50.0321 4896 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:54:50.0364 4896 BrUsbSer - ok
16:54:50.0549 4896 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:54:50.0613 4896 BTHMODEM - ok
16:54:50.0780 4896 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:54:50.0874 4896 cdfs - ok
16:54:51.0057 4896 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:54:51.0129 4896 cdrom - ok
16:54:51.0437 4896 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:54:51.0512 4896 circlass - ok
16:54:51.0662 4896 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:54:51.0689 4896 CLFS - ok
16:54:52.0020 4896 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:54:52.0075 4896 CmBatt - ok
16:54:52.0226 4896 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:54:52.0236 4896 cmdide - ok
16:54:52.0327 4896 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
16:54:52.0464 4896 CNG - ok
16:54:52.0646 4896 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:54:52.0671 4896 Compbatt - ok
16:54:52.0801 4896 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:54:52.0878 4896 CompositeBus - ok
16:54:53.0106 4896 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:54:53.0119 4896 crcdisk - ok
16:54:53.0281 4896 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:54:53.0387 4896 CSC - ok
16:54:53.0699 4896 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:54:53.0754 4896 DfsC - ok
16:54:53.0901 4896 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:54:54.0027 4896 discache - ok
16:54:54.0226 4896 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:54:54.0247 4896 Disk - ok
16:54:54.0338 4896 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:54:54.0376 4896 drmkaud - ok
16:54:54.0525 4896 dump_wmimmc - ok
16:54:54.0699 4896 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:54:54.0799 4896 DXGKrnl - ok
16:54:55.0022 4896 EagleX64 - ok
16:54:55.0107 4896 eamon (082dab566f704d258d35ba89f21239ca) C:\Windows\system32\DRIVERS\eamon.sys
16:54:55.0146 4896 eamon - ok
16:54:55.0572 4896 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:54:55.0775 4896 ebdrv - ok
16:54:56.0008 4896 ehdrv (4ff6f92f170550e226b4595766c4d6a6) C:\Windows\system32\DRIVERS\ehdrv.sys
16:54:56.0036 4896 ehdrv - ok
16:54:56.0354 4896 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:54:56.0434 4896 elxstor - ok
16:54:56.0591 4896 epfwwfpr (71c8cbde6b18f90f19e9c7cb884f87c8) C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:54:56.0630 4896 epfwwfpr - ok
16:54:56.0674 4896 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:54:56.0731 4896 ErrDev - ok
16:54:56.0838 4896 EuMusDesignVirtualAudioCableWdm (7b0785cf5c9776d0590ab7d50bdc8b01) C:\Windows\system32\DRIVERS\vrtaucbl.sys
16:54:56.0869 4896 EuMusDesignVirtualAudioCableWdm - ok
16:54:56.0988 4896 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:54:57.0091 4896 exfat - ok
16:54:57.0214 4896 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:54:57.0301 4896 fastfat - ok
16:54:57.0404 4896 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:54:57.0512 4896 fdc - ok
16:54:57.0682 4896 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:54:57.0721 4896 FileInfo - ok
16:54:57.0759 4896 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:54:57.0868 4896 Filetrace - ok
16:54:57.0977 4896 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:54:58.0000 4896 flpydisk - ok
16:54:58.0250 4896 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:54:58.0331 4896 FltMgr - ok
16:54:58.0503 4896 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:54:58.0541 4896 FsDepends - ok
16:54:58.0588 4896 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:54:58.0599 4896 Fs_Rec - ok
16:54:58.0752 4896 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:54:58.0808 4896 fvevol - ok
16:54:58.0925 4896 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:54:58.0972 4896 gagp30kx - ok
16:54:59.0087 4896 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:54:59.0121 4896 hcw85cir - ok
16:54:59.0260 4896 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:54:59.0308 4896 HdAudAddService - ok
16:54:59.0542 4896 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:54:59.0597 4896 HDAudBus - ok
16:54:59.0665 4896 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:54:59.0704 4896 HidBatt - ok
16:54:59.0727 4896 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:54:59.0778 4896 HidBth - ok
16:54:59.0841 4896 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:54:59.0984 4896 HidIr - ok
16:55:00.0412 4896 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:55:00.0480 4896 HidUsb - ok
16:55:00.0807 4896 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:55:00.0853 4896 HpSAMD - ok
16:55:01.0124 4896 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:55:01.0197 4896 HTTP - ok
16:55:01.0366 4896 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:55:01.0407 4896 hwpolicy - ok
16:55:01.0596 4896 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:55:01.0629 4896 i8042prt - ok
16:55:01.0829 4896 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
16:55:01.0849 4896 iaStorV - ok
16:55:02.0057 4896 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:55:02.0099 4896 iirsp - ok
16:55:02.0525 4896 IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
16:55:02.0679 4896 IntcAzAudAddService - ok
16:55:02.0880 4896 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:55:02.0890 4896 intelide - ok
16:55:02.0998 4896 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:55:03.0055 4896 intelppm - ok
16:55:03.0336 4896 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:55:03.0391 4896 IpFilterDriver - ok
16:55:03.0446 4896 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:55:03.0482 4896 IPMIDRV - ok
16:55:03.0523 4896 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:55:03.0591 4896 IPNAT - ok
16:55:04.0141 4896 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:55:04.0195 4896 IRENUM - ok
16:55:04.0228 4896 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:55:04.0236 4896 isapnp - ok
16:55:04.0264 4896 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:55:04.0276 4896 iScsiPrt - ok
16:55:04.0309 4896 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:55:04.0318 4896 kbdclass - ok
16:55:04.0359 4896 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:55:04.0369 4896 kbdhid - ok
16:55:04.0408 4896 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
16:55:04.0418 4896 KSecDD - ok
16:55:04.0453 4896 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
16:55:04.0464 4896 KSecPkg - ok
16:55:04.0518 4896 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:55:04.0571 4896 ksthunk - ok
16:55:04.0639 4896 lirsgt (8e4ca9afd55ef6b509c80a8715abf8c6) C:\Windows\system32\DRIVERS\lirsgt.sys
16:55:04.0657 4896 lirsgt - ok
16:55:04.0712 4896 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:55:04.0772 4896 lltdio - ok
16:55:05.0111 4896 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:55:05.0152 4896 LSI_FC - ok
16:55:05.0177 4896 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:55:05.0197 4896 LSI_SAS - ok
16:55:05.0211 4896 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:55:05.0219 4896 LSI_SAS2 - ok
16:55:05.0268 4896 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:55:05.0277 4896 LSI_SCSI - ok
16:55:05.0343 4896 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:55:05.0388 4896 luafv - ok
16:55:05.0724 4896 LVRS64 (8bb169810c66b32364886a8751325181) C:\Windows\system32\DRIVERS\lvrs64.sys
16:55:05.0750 4896 LVRS64 - ok
16:55:06.0073 4896 LVUVC64 (d49858fb1432a0601fce2a9e452d6bc9) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:55:06.0499 4896 LVUVC64 - ok
16:55:06.0653 4896 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
16:55:06.0661 4896 MBAMProtector - ok
16:55:06.0731 4896 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:55:06.0739 4896 megasas - ok
16:55:06.0774 4896 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:55:06.0800 4896 MegaSR - ok
16:55:06.0849 4896 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:55:06.0896 4896 Modem - ok
16:55:06.0950 4896 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:55:06.0993 4896 monitor - ok
16:55:07.0109 4896 MotioninJoyXFilter (fc44ad48746ffa5fd640ef1260ab5ec2) C:\Windows\system32\DRIVERS\MijXfilt.sys
16:55:07.0156 4896 MotioninJoyXFilter - ok
16:55:07.0386 4896 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:55:07.0414 4896 mouclass - ok
16:55:07.0708 4896 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:55:07.0774 4896 mouhid - ok
16:55:08.0251 4896 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:55:08.0272 4896 mountmgr - ok
16:55:08.0311 4896 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:55:08.0321 4896 mpio - ok
16:55:08.0376 4896 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:55:08.0415 4896 mpsdrv - ok
16:55:08.0473 4896 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:55:08.0533 4896 MRxDAV - ok
16:55:08.0568 4896 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:55:08.0633 4896 mrxsmb - ok
16:55:08.0667 4896 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:55:08.0705 4896 mrxsmb10 - ok
16:55:08.0734 4896 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:55:08.0774 4896 mrxsmb20 - ok
16:55:08.0822 4896 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:55:08.0830 4896 msahci - ok
16:55:08.0859 4896 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:55:08.0869 4896 msdsm - ok
16:55:08.0911 4896 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:55:08.0937 4896 Msfs - ok
16:55:08.0954 4896 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:55:09.0007 4896 mshidkmdf - ok
16:55:09.0083 4896 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:55:09.0134 4896 msisadrv - ok
16:55:09.0348 4896 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:55:09.0394 4896 MSKSSRV - ok
16:55:09.0437 4896 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:55:09.0477 4896 MSPCLOCK - ok
16:55:09.0515 4896 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:55:09.0573 4896 MSPQM - ok
16:55:09.0618 4896 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:55:09.0633 4896 MsRPC - ok
16:55:09.0674 4896 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:55:09.0682 4896 mssmbios - ok
16:55:09.0806 4896 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:55:09.0868 4896 MSTEE - ok
16:55:09.0907 4896 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:55:09.0988 4896 MTConfig - ok
16:55:10.0304 4896 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
16:55:10.0326 4896 MTsensor - ok
16:55:10.0388 4896 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:55:10.0397 4896 Mup - ok
16:55:10.0482 4896 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:55:10.0778 4896 NativeWifiP - ok
16:55:11.0053 4896 ncvet.dll - ok
16:55:11.0176 4896 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:55:11.0214 4896 NDIS - ok
16:55:11.0261 4896 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:55:11.0312 4896 NdisCap - ok
16:55:11.0353 4896 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:55:11.0391 4896 NdisTapi - ok
16:55:11.0428 4896 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:55:11.0465 4896 Ndisuio - ok
16:55:11.0504 4896 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:55:11.0560 4896 NdisWan - ok
16:55:11.0934 4896 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:55:12.0009 4896 NDProxy - ok
16:55:12.0069 4896 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:55:12.0123 4896 NetBIOS - ok
16:55:12.0183 4896 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:55:12.0241 4896 NetBT - ok
16:55:12.0598 4896 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:55:12.0633 4896 nfrd960 - ok
16:55:13.0259 4896 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:55:13.0433 4896 Npfs - ok
16:55:13.0537 4896 NPPTNT2 - ok
16:55:13.0555 4896 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:55:13.0600 4896 nsiproxy - ok
16:55:13.0665 4896 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
16:55:13.0734 4896 Ntfs - ok
16:55:13.0753 4896 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:55:13.0803 4896 Null - ok
16:55:13.0857 4896 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:55:13.0866 4896 nusb3hub - ok
16:55:13.0893 4896 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:55:13.0924 4896 nusb3xhc - ok
16:55:13.0986 4896 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
16:55:14.0008 4896 NVHDA - ok
16:55:15.0534 4896 nvlddmkm (aa043614b7f65eaf7fa83068286d5981) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:55:15.0959 4896 nvlddmkm - ok
16:55:16.0108 4896 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
16:55:16.0118 4896 nvraid - ok
16:55:16.0156 4896 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
16:55:16.0166 4896 nvstor - ok
16:55:16.0231 4896 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:55:16.0252 4896 nv_agp - ok
16:55:16.0272 4896 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:55:16.0300 4896 ohci1394 - ok
16:55:16.0335 4896 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:55:16.0375 4896 Parport - ok
16:55:16.0496 4896 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:55:16.0543 4896 partmgr - ok
16:55:16.0738 4896 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:55:16.0753 4896 pci - ok
16:55:16.0774 4896 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:55:16.0782 4896 pciide - ok
16:55:16.0822 4896 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:55:16.0846 4896 pcmcia - ok
16:55:16.0868 4896 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:55:16.0876 4896 pcw - ok
16:55:16.0903 4896 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:55:16.0959 4896 PEAUTH - ok
16:55:17.0044 4896 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:55:17.0117 4896 PptpMiniport - ok
16:55:17.0222 4896 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:55:17.0299 4896 Processor - ok
16:55:17.0465 4896 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:55:17.0594 4896 Psched - ok
16:55:17.0670 4896 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:55:17.0721 4896 ql2300 - ok
16:55:17.0814 4896 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:55:17.0880 4896 ql40xx - ok
16:55:18.0126 4896 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:55:18.0160 4896 QWAVEdrv - ok
16:55:18.0184 4896 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:55:18.0234 4896 RasAcd - ok
16:55:18.0314 4896 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:55:18.0342 4896 RasAgileVpn - ok
16:55:18.0498 4896 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:55:18.0662 4896 Rasl2tp - ok
16:55:19.0011 4896 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:55:19.0057 4896 RasPppoe - ok
16:55:19.0085 4896 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:55:19.0127 4896 RasSstp - ok
16:55:19.0194 4896 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:55:19.0296 4896 rdbss - ok
16:55:19.0337 4896 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:55:19.0385 4896 rdpbus - ok
16:55:19.0415 4896 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:55:19.0493 4896 RDPCDD - ok
16:55:19.0691 4896 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:55:19.0761 4896 RDPDR - ok
16:55:19.0836 4896 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:55:20.0032 4896 RDPENCDD - ok
16:55:20.0085 4896 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:55:20.0123 4896 RDPREFMP - ok
16:55:20.0169 4896 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
16:55:20.0207 4896 RdpVideoMiniport - ok
16:55:20.0243 4896 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:55:20.0300 4896 RDPWD - ok
16:55:20.0361 4896 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:55:20.0374 4896 rdyboost - ok
16:55:20.0435 4896 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:55:20.0509 4896 rspndr - ok
16:55:20.0590 4896 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:55:20.0644 4896 RTL8167 - ok
16:55:20.0724 4896 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:55:20.0757 4896 s3cap - ok
16:55:21.0126 4896 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:55:21.0139 4896 sbp2port - ok
16:55:21.0194 4896 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:55:21.0233 4896 scfilter - ok
16:55:21.0275 4896 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:55:21.0313 4896 secdrv - ok
16:55:21.0346 4896 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:55:21.0365 4896 Serenum - ok
16:55:21.0382 4896 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:55:21.0444 4896 Serial - ok
16:55:21.0476 4896 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:55:21.0500 4896 sermouse - ok
16:55:21.0545 4896 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:55:21.0566 4896 sffdisk - ok
16:55:21.0589 4896 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:55:21.0616 4896 sffp_mmc - ok
16:55:21.0645 4896 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:55:21.0667 4896 sffp_sd - ok
16:55:21.0698 4896 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:55:21.0730 4896 sfloppy - ok
16:55:21.0764 4896 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:55:21.0794 4896 SiSRaid2 - ok
16:55:21.0948 4896 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:55:22.0049 4896 SiSRaid4 - ok
16:55:22.0118 4896 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:55:22.0162 4896 Smb - ok
16:55:22.0196 4896 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:55:22.0203 4896 spldr - ok
16:55:22.0441 4896 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
16:55:22.0441 4896 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
16:55:22.0469 4896 sptd ( LockedFile.Multi.Generic ) - warning
16:55:22.0469 4896 sptd - detected LockedFile.Multi.Generic (1)
16:55:22.0709 4896 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
16:55:22.0820 4896 srv - ok
16:55:23.0018 4896 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
16:55:23.0060 4896 srv2 - ok
16:55:23.0107 4896 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
16:55:23.0119 4896 srvnet - ok
16:55:23.0461 4896 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:55:23.0489 4896 stexstor - ok
16:55:23.0895 4896 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
16:55:23.0904 4896 storflt - ok
16:55:23.0923 4896 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:55:23.0931 4896 storvsc - ok
16:55:23.0962 4896 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:55:23.0980 4896 swenum - ok
16:55:24.0031 4896 Synth3dVsc - ok
16:55:24.0126 4896 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
16:55:24.0188 4896 Tcpip - ok
16:55:24.0251 4896 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
16:55:24.0278 4896 TCPIP6 - ok
16:55:24.0333 4896 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:55:24.0386 4896 tcpipreg - ok
16:55:24.0457 4896 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:55:24.0540 4896 TDPIPE - ok
16:55:24.0629 4896 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:55:24.0676 4896 TDTCP - ok
16:55:24.0729 4896 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:55:24.0767 4896 tdx - ok
16:55:24.0800 4896 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:55:24.0821 4896 TermDD - ok
16:55:24.0870 4896 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:55:24.0911 4896 tssecsrv - ok
16:55:25.0000 4896 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:55:25.0025 4896 TsUsbFlt - ok
16:55:25.0036 4896 tsusbhub - ok
16:55:25.0125 4896 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:55:25.0199 4896 tunnel - ok
16:55:25.0445 4896 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:55:25.0470 4896 uagp35 - ok
16:55:25.0814 4896 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:55:25.0866 4896 udfs - ok
16:55:25.0939 4896 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:55:25.0947 4896 uliagpkx - ok
16:55:25.0984 4896 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:55:26.0017 4896 umbus - ok
16:55:26.0051 4896 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:55:26.0073 4896 UmPass - ok
16:55:26.0156 4896 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:55:26.0238 4896 usbaudio - ok
16:55:26.0496 4896 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
16:55:26.0589 4896 usbccgp - ok
16:55:27.0073 4896 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:55:27.0099 4896 usbcir - ok
16:55:27.0159 4896 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
16:55:27.0188 4896 usbehci - ok
16:55:27.0242 4896 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
16:55:27.0287 4896 usbhub - ok
16:55:27.0317 4896 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:55:27.0336 4896 usbohci - ok
16:55:27.0354 4896 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:55:27.0383 4896 usbprint - ok
16:55:27.0420 4896 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:55:27.0441 4896 USBSTOR - ok
16:55:27.0468 4896 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:55:27.0491 4896 usbuhci - ok
16:55:27.0528 4896 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:55:27.0542 4896 usbvideo - ok
16:55:27.0588 4896 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:55:27.0596 4896 vdrvroot - ok
16:55:27.0640 4896 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:55:27.0652 4896 vga - ok
16:55:27.0698 4896 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:55:27.0745 4896 VgaSave - ok
16:55:27.0967 4896 VGPU - ok
16:55:28.0177 4896 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:55:28.0189 4896 vhdmp - ok
16:55:28.0243 4896 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:55:28.0250 4896 viaide - ok
16:55:28.0285 4896 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
16:55:28.0296 4896 vmbus - ok
16:55:28.0321 4896 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:55:28.0342 4896 VMBusHID - ok
16:55:28.0373 4896 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:55:28.0383 4896 volmgr - ok
16:55:28.0598 4896 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:55:28.0677 4896 volmgrx - ok
16:55:28.0958 4896 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:55:29.0042 4896 volsnap - ok
16:55:29.0114 4896 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
16:55:29.0129 4896 Vsdatant - ok
16:55:29.0171 4896 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:55:29.0194 4896 vsmraid - ok
16:55:29.0211 4896 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:55:29.0243 4896 vwifibus - ok
16:55:29.0294 4896 wacmoumonitor (fe75777289278a4941fe6139e82b3bd9) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:55:29.0351 4896 wacmoumonitor - ok
16:55:29.0440 4896 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:55:29.0534 4896 wacommousefilter - ok
16:55:29.0576 4896 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:55:29.0586 4896 WacomPen - ok
16:55:29.0625 4896 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
16:55:29.0642 4896 wacomvhid - ok
16:55:29.0694 4896 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:55:29.0739 4896 WANARP - ok
16:55:29.0761 4896 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:55:29.0785 4896 Wanarpv6 - ok
16:55:30.0149 4896 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:55:30.0177 4896 Wd - ok
16:55:30.0320 4896 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:55:30.0386 4896 Wdf01000 - ok
16:55:30.0503 4896 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:55:30.0571 4896 WfpLwf - ok
16:55:30.0655 4896 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:55:30.0667 4896 WIMMount - ok
16:55:30.0776 4896 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:55:30.0826 4896 WmiAcpi - ok
16:55:30.0938 4896 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:55:30.0983 4896 ws2ifsl - ok
16:55:31.0091 4896 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:55:31.0171 4896 WudfPf - ok
16:55:31.0483 4896 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:55:31.0557 4896 WUDFRd - ok
16:55:31.0802 4896 X6va005 - ok
16:55:32.0043 4896 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
16:55:32.0075 4896 xusb21 - ok
16:55:32.0118 4896 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:55:32.0222 4896 \Device\Harddisk0\DR0 - ok
16:55:32.0234 4896 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
16:55:32.0325 4896 \Device\Harddisk1\DR1 - ok
16:55:32.0353 4896 MBR (0x1B8) (0cc5f3a208a7a4c2ec4e3166af187de4) \Device\Harddisk2\DR2
16:55:32.0488 4896 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - warning
16:55:32.0488 4896 \Device\Harddisk2\DR2 - detected Rootkit.Win32.BackBoot.gen (1)
16:55:32.0698 4896 \Device\Harddisk2\DR2 ( TDSS File System ) - warning
16:55:32.0698 4896 \Device\Harddisk2\DR2 - detected TDSS File System (1)
16:55:32.0710 4896 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
16:55:32.0981 4896 \Device\Harddisk3\DR3 - ok
16:55:32.0985 4896 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
16:55:33.0228 4896 \Device\Harddisk4\DR4 - ok
16:55:33.0239 4896 Boot (0x1200) (a96060f91eb29c7dbd2a534dbf1b8c44) \Device\Harddisk0\DR0\Partition0
16:55:33.0240 4896 \Device\Harddisk0\DR0\Partition0 - ok
16:55:33.0242 4896 Boot (0x1200) (68bbc478a5a2fbd98607ce31f0236df1) \Device\Harddisk1\DR1\Partition0
16:55:33.0243 4896 \Device\Harddisk1\DR1\Partition0 - ok
16:55:33.0245 4896 Boot (0x1200) (458bd5e80b062e40ddd2387ca6da3089) \Device\Harddisk1\DR1\Partition1
16:55:33.0246 4896 \Device\Harddisk1\DR1\Partition1 - ok
16:55:33.0270 4896 Boot (0x1200) (5bda2e858090b2fae11d4413ab988dc4) \Device\Harddisk2\DR2\Partition0
16:55:33.0271 4896 \Device\Harddisk2\DR2\Partition0 - ok
16:55:33.0274 4896 Boot (0x1200) (5f7c331d3d55194afbdb1907fdf16ec9) \Device\Harddisk3\DR3\Partition0
16:55:33.0276 4896 \Device\Harddisk3\DR3\Partition0 - ok
16:55:33.0279 4896 Boot (0x1200) (1d69c3080f9beeece14c5630ffb8e48a) \Device\Harddisk4\DR4\Partition0
16:55:33.0281 4896 \Device\Harddisk4\DR4\Partition0 - ok
16:55:33.0281 4896 ============================================================
16:55:33.0281 4896 Scan finished
16:55:33.0281 4896 ============================================================
16:55:33.0289 3952 Detected object count: 3
16:55:33.0289 3952 Actual detected object count: 3
16:55:53.0297 3952 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:55:53.0297 3952 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:55:53.0298 3952 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
16:55:53.0298 3952 \Device\Harddisk2\DR2 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
16:55:53.0300 3952 \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
16:55:53.0300 3952 \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip
16:55:56.0384 2772 Deinitialize success
  • 0

#43
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
it dose give option to delete
  • 0

#44
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Before we do the delete could you restart the computer to the safe mode menu and see if there is a repair my computer option there

If there is then allow TDSSKiller to delete
On restart you may need to go to repair my computer and select start up repair
  • 0

#45
MrJc

MrJc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
okay on safe mode there is a repair my computer option. before i do anything i want to make sure of what yur asking ha. so you want me to delete using tdsskiller and than in start up to repair my computer if prompted?

also for what im deleting with tdsskiller you want me to delete all3 files?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP