View Single Post
  #22  
Old January 16th, 2019, 05:20 PM
sportsfan7702 sportsfan7702 is offline
Senior Member
 
Join Date: Sep 2008
Posts: 295
10:17:29.0943 0x1360 TDSS rootkit removing tool 3.1.0.26 Jan 16 2019 18:20:35
10:17:29.0943 0x1360 UEFI system
10:17:33.0154 0x1360 ================================================== ==========
10:17:33.0154 0x1360 Current date / time: 2019/01/16 10:17:33.0154
10:17:33.0154 0x1360 SystemInfo:
10:17:33.0154 0x1360
10:17:33.0154 0x1360 OS Version: 10.0.17134 ServicePack: 0.0
10:17:33.0185 0x1360 Product type: Workstation
10:17:33.0185 0x1360 ComputerName: DESKTOP-3JLMS2K
10:17:33.0185 0x1360 UserName: MattS
10:17:33.0185 0x1360 Windows directory: C:\WINDOWS
10:17:33.0185 0x1360 System windows directory: C:\WINDOWS
10:17:33.0185 0x1360 Running under WOW64
10:17:33.0185 0x1360 Processor architecture: Intel x64
10:17:33.0185 0x1360 Number of processors: 4
10:17:33.0185 0x1360 Page size: 0x1000
10:17:33.0185 0x1360 Boot type: Normal boot
10:17:33.0185 0x1360 CodeIntegrityOptions = 0x0000C001
10:17:33.0185 0x1360 ================================================== ==========
10:17:33.0455 0x1360 KLMD registered as C:\WINDOWS\system32\drivers\12228054.sys
10:17:33.0455 0x1360 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
10:17:33.0502 0x1360 System UUID: {B1DE3543-88AF-5FAD-4334-F25C24DB44B6}
10:17:33.0703 0x1360 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:17:33.0703 0x1360 ================================================== ==========
10:17:33.0703 0x1360 \Device\Harddisk0\DR0:
10:17:33.0703 0x1360 GPT partitions:
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {67899F6A-63A2-467D-9814-D6B89580224B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AC955B8F-D529-45D2-ACA4-57C6610BEA79}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5ABD902E-BE9B-4E80-A853-0697A2089DA7}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {61F99D7F-8A72-4686-9320-CA2F0365C00A}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x53EE0B30
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {34479B69-3F08-4EEC-A65E-94AFAA7F4487}, Name: , StartLBA 0x540E8800, BlocksNum 0x1EC000
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {96761440-6B60-46FA-8D5E-9EBC07D780E3}, Name: , StartLBA 0x542D4800, BlocksNum 0x1B0800
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DB0FD788-F90D-4D26-BD8A-23CC33437550}, Name: , StartLBA 0x54485000, BlocksNum 0x1AD000
10:17:33.0703 0x1360 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EBFA6802-5E90-40B6-A3BC-FB3EBA231109}, Name: Basic data partition, StartLBA 0x54632000, BlocksNum 0x2F11800
10:17:33.0703 0x1360 MBR partitions:
10:17:33.0703 0x1360 ================================================== ==========
10:17:33.0718 0x1360 C: <-> \Device\Harddisk0\DR0\Partition4
10:17:33.0756 0x1360 D: <-> \Device\Harddisk0\DR0\Partition8
10:17:33.0756 0x1360 ================================================== ==========
10:17:33.0756 0x1360 Initialize success
10:17:33.0756 0x1360 ================================================== ==========
10:18:02.0805 0x1c54 ================================================== ==========
10:18:02.0805 0x1c54 Scan started
10:18:02.0805 0x1c54 Mode: Manual;
10:18:02.0805 0x1c54 ================================================== ==========
10:18:02.0805 0x1c54 KSN ping started
10:18:02.0890 0x1c54 KSN ping finished: true
10:18:04.0194 0x1c54 ================ Scan BIOS =================================
10:18:04.0194 0x1c54 BIOS info: vendor = Insyde, version = F.34, releaseDate = 12/19/2014
10:18:04.0194 0x1c54 Base board info: manufacturer = Hewlett-Packard, product = 227F, version = 77.35
10:18:05.0112 0x1c54 [ 76091A759A7EC88E2A4B637D0963159B, 477258D5B825A0EBC0A3FA3B9208FDE8DA69DBA36273D6DA47 69EBEA7163E459 ] BIOS
10:18:05.0955 0x1c54 BIOS - ok
10:18:05.0955 0x1c54 ================ Scan system memory ========================
10:18:05.0955 0x1c54 System memory - ok
10:18:05.0955 0x1c54 ================ Scan services =============================
10:18:06.0118 0x1c54 [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC 9B2351B5E042DC ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
10:18:06.0134 0x1c54 1394ohci - ok
10:18:06.0156 0x1c54 [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB029250 90B68F8C73B1FB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
10:18:06.0156 0x1c54 3ware - ok
10:18:06.0172 0x1c54 [ CF36B2E893DFAAFAB2254A0F2B3A80B1, A659FECA1636206295BBD64CB9CF6678C4B97E717AFD89ADD7 AB693E2A6EBF66 ] Accelerometer C:\WINDOWS\System32\drivers\Accelerometer.sys
10:18:06.0172 0x1c54 Accelerometer - ok
10:18:06.0203 0x1c54 [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A31 8626A0A198F91F ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
10:18:06.0203 0x1c54 ACPI - ok
10:18:06.0218 0x1c54 [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39D F973AFA8FA1567 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
10:18:06.0218 0x1c54 AcpiDev - ok
10:18:06.0241 0x1c54 [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E 89442D4A5569CE ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
10:18:06.0241 0x1c54 acpiex - ok
10:18:06.0256 0x1c54 [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01A B2B1550D06C737 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
10:18:06.0256 0x1c54 acpipagr - ok
10:18:06.0288 0x1c54 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB 2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
10:18:06.0288 0x1c54 AcpiPmi - ok
10:18:06.0319 0x1c54 [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F 9130DAD11D15F2 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
10:18:06.0319 0x1c54 acpitime - ok
10:18:06.0403 0x1c54 [ B7770C77C7D25D08BCF32CDCDD7403DC, 6698775E8337B41D9EB35E98E3BD036BB80C0E0B14C3F02157 4C66C4FBD3171B ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
10:18:06.0403 0x1c54 AdobeFlashPlayerUpdateSvc - ok
10:18:06.0441 0x1c54 [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED 5F1003DF368290 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:18:06.0457 0x1c54 ADP80XX - ok
10:18:06.0504 0x1c54 [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434 C857DE249559EE ] AFD C:\WINDOWS\system32\drivers\afd.sys
10:18:06.0504 0x1c54 AFD - ok
10:18:06.0535 0x1c54 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2 F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
10:18:06.0535 0x1c54 afunix - ok
10:18:06.0557 0x1c54 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC91 0D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:18:06.0557 0x1c54 ahcache - ok
10:18:06.0588 0x1c54 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261 B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
Reply With Quote