Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus that does not produce any results


  • This topic is locked This topic is locked
42 replies to this topic

#1 JennyPrevost

JennyPrevost

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 24 October 2011 - 08:17 PM

I am in desperate need of help! I have some kind of virus on my computer that whenever I run a virus scan it produces no results/no viruses are detected. I can't use the any internet browsers except Google Chrome. Whenever I boot up my computer Microsoft Windows pop up start opening saying certain things can't run and need to be closed. Also when I open my task manager there are multiple random processes running. I close the ones I know how nothing to do with anything I have on my computer (the ones I suspect to be the viruses) and after all of those are closed there are only about 5-7 processes running but it tells me there is anywhere from 54-61 processes running. There is also an explorer.exe running, if I close this one my entire background and task bar disappear forcing me to restart my computer. Also once I open Chrome in the task manager there will be anywhere from 6-8 chrome.exe files running when I only have one open. I hope someone can PLEASE PLEASE HELP ME! I would normal just chalk this up as a loss but there are files on my computer I really need off and can't because it won't read my external hard drive! HELP! And thanks in advance for any advice!

Jenny

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,994 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:08 AM

Posted 25 October 2011 - 01:10 AM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 29 October 2011 - 08:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/424893 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 29 October 2011 - 09:33 PM

I ran the DDS but notepad will not run. Once the scan was over and DDS posted to notepad I got a message that said, "Internet Explorer not working...then Internet Explorer is restarting." The desktop then goes blank and when everything reappears, the notepad is gone. I ran the scan more than once and I can't even view the results of the scan. I am not even able to save DDS to my desktop. I also ran the GMER scan, after about running for 5-10 minutes my computer just decided to restart. I lost everything that was on the scan. After the second attempt to run the GMER scan, I got a message saying it couldn't run and closed itself after about 2 minutes. I tried one more time to run the scan, and my computer immediately shut down and restarted. I also disabled the DeFogger as prompted to do. I do not know much about my computer. It is a Dell Inspiron 1525 and runs on Windows Vista. I do believe I have my original CD, but it will take some finding. I hope this helps and someone can help me solve my issues! Thanks for everything!

Jenny I also disabled the DeFogger as prompted to do.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 30 October 2011 - 09:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.

#6 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 30 October 2011 - 11:19 AM

Thank you for your quick response! Here are the results from the scans. Also the MBR.dat on my desktop could not be moved to a compressed zipped file. I am not even able to open it. The only place it will let me "send to" is DVD RW Drive (C:). Is there another way to get you the information from that? Sorry I'm not too sure what to do. Again thank you for everything!

Jenny

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 30 October 2011 - 01:33 PM

You did good.

Can you now submit a DDS log for my review.

#8 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 30 October 2011 - 08:54 PM

I can run a DDS but I am unable to view the results. Notepad will not run. Is there something else I could try?

Jenny

#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 31 October 2011 - 08:11 AM

Print out these instructions as we may need to close every window that is open later in the fix.

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the desktop of the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

Using the infected computer or the method above download these files.

RKill Download Link

FixNCR.reg

===

This infection changes settings on your computer so that when you launch an executable, a file ending with .exe, it will instead launch the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes.

Download FixNCR.reg

Once that file is downloaded and saved on a removable devices, insert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer. You should now be able to run your normal executable programs and can proceed to the next step.

If you do not have any removable media or another clean computer that you can download the FixNCR.reg file onto, you can try and download it to your infected computer using another method. On the infected computer, right click on the Internet Explorer's icon, or any other browser's icon, and select Run As or Run as Administrator. If you are using Windows XP, you will be prompted to select a user and enter its password. It is suggested that you attempt to login as the Administrator user. For Windows 7 or Windows Vista, you will be prompted to enter your Administrator account password.

Once you enter the password, your browser will start and you can download the above FixNCR.reg file. When saving it, make sure you save it to a folder that can be accessed by your normal account. Remember, that you will be launching the browser as another user, so if you save it to a My Documents folder, it will not be your normal My Documents folder that it is downloaded into. Instead it will be the My Documents folder that belongs to the user you ran the browser as. Once the download has finished, close your browser and find the FixNCR.reg file that you downloaded. Now double-click on it and allow the data to be merged. You should now be able to run your normal executable programs and can proceed to the next step.
===

Before we can do anything we must first end the processes that belong to Win 7 Internet Security 2011 so that it does not interfere with the cleaning procedure.

Double-click on the RKill.exe icon in order to automatically attempt to stop any processes associated with Win 7 Internet Security 2011 and other Rogue programs.
===

Do not restart the computer.

You should now be able to download Malwarebytes Anti-Malware and save it to your desktop.
  • alternate download link 2
    • Make sure you are connected to the Internet.
    • Double-click on Download_mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:[list]
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

Post back with the Malwarebytes Anti-Malware log once it's complete.

If at any time you need help to continue with these instructions please ask.

#10 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 31 October 2011 - 06:25 PM

Ugh...I still can't run executable files...:( I'm able to download the above links but can't do much with them. RKill can't show it's logs, and neither can MBAM! FixNCR doesn't want to run, or so it seems. It ask me to allow it to run, then that it can change or delete values, asks if I want to continue, I say yes, then it says it was installed successfully. I am at a loss of what to do.

Jenny

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 01 November 2011 - 08:26 AM

Try this. You have MBAM already so just rename it as suggested and see if you can run it and get a log.

  • Please download Malwarebytes' Anti-Malware from here
  • If you are unable to do this from the infected computer directly, transfer the file from another computer.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
  • Update Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Now make sure extensions are shown. To do this, please look here
  • Once Malwarebytes' Anti-Malware is installed, navigate to your Program Files\Malwarebytes' Anti-Malware folder and locate the mbam.exe in there.

    Posted Image
    Rename it to explorer.exe
    Posted Image
  • Now doubleclick iexplorer.exe to launch Malwarebytes' Anti-malware.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart, so please allow MBAM to restart.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

In case you're having problems with above instructions, let me know.

#12 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 05 November 2011 - 03:07 PM

Sorry my reply has taken so long. I tried the above steps, but was unable to produce any results! My .exe files were not hidden. I am able to run the scan, but it tells me there are no virus detected. I still cannot open my logs. Notepad will not run. I the logs are stored in the Malwarebytes' program, but I can't open them from here either. Should I try to download something like avast or avg and run a scan from there? I'm just at a loss. What if I deleted notepad? Thanks again for all of your help, and sorry again for taking so long to reply.

Jenny

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 06 November 2011 - 08:21 AM

Check if you can get to the System Restore function.

http://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/

If you can select a restore point prior to the date of the current problem.

Tell me if you could select on restore point and how is the computer performing.

#14 JennyPrevost

JennyPrevost
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 06 November 2011 - 11:59 AM

Ok I did the system restore and not much, or anything at all, has changed. I was able to figure out a way to get the logs to pull up on word and wordpad so I am attaching those results now.

This is the TDSSKiller log from today:

10:17:04.0821 3376 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
10:17:05.0710 3376 ============================================================
10:17:05.0710 3376 Current date / time: 2011/11/06 10:17:05.0710
10:17:05.0710 3376 SystemInfo:
10:17:05.0710 3376
10:17:05.0710 3376 OS Version: 6.0.6002 ServicePack: 2.0
10:17:05.0710 3376 Product type: Workstation
10:17:05.0710 3376 ComputerName: JENNY-PC
10:17:05.0710 3376 UserName: Jenny
10:17:05.0710 3376 Windows directory: C:\Windows
10:17:05.0710 3376 System windows directory: C:\Windows
10:17:05.0710 3376 Processor architecture: Intel x86
10:17:05.0710 3376 Number of processors: 2
10:17:05.0710 3376 Page size: 0x1000
10:17:05.0710 3376 Boot type: Normal boot
10:17:05.0710 3376 ============================================================
10:17:06.0350 3376 Initialize success
10:17:10.0234 2200 ============================================================
10:17:10.0234 2200 Scan started
10:17:10.0234 2200 Mode: Manual;
10:17:10.0234 2200 ============================================================
10:17:11.0045 2200 138699B - ok
10:17:11.0092 2200 178735B - ok
10:17:11.0139 2200 178A801 - ok
10:17:11.0170 2200 261862F - ok
10:17:11.0186 2200 412637 - ok
10:17:11.0232 2200 9633F60 - ok
10:17:11.0279 2200 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:17:11.0279 2200 ACPI - ok
10:17:11.0498 2200 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:17:11.0513 2200 adp94xx - ok
10:17:11.0560 2200 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:17:11.0576 2200 adpahci - ok
10:17:11.0607 2200 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:17:11.0607 2200 adpu160m - ok
10:17:11.0669 2200 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:17:11.0669 2200 adpu320 - ok
10:17:11.0732 2200 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
10:17:11.0747 2200 AFD - ok
10:17:11.0778 2200 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:17:11.0778 2200 agp440 - ok
10:17:11.0810 2200 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:17:11.0810 2200 aic78xx - ok
10:17:11.0872 2200 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:17:11.0872 2200 aliide - ok
10:17:11.0888 2200 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:17:11.0888 2200 amdagp - ok
10:17:11.0934 2200 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:17:11.0934 2200 amdide - ok
10:17:11.0966 2200 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:17:11.0966 2200 AmdK7 - ok
10:17:11.0997 2200 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:17:12.0012 2200 AmdK8 - ok
10:17:12.0059 2200 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
10:17:12.0059 2200 ApfiltrService - ok
10:17:12.0106 2200 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:17:12.0122 2200 arc - ok
10:17:12.0153 2200 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:17:12.0153 2200 arcsas - ok
10:17:12.0215 2200 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:17:12.0215 2200 AsyncMac - ok
10:17:12.0262 2200 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:17:12.0262 2200 atapi - ok
10:17:12.0387 2200 AVGIDSDriver (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
10:17:12.0387 2200 AVGIDSDriver - ok
10:17:12.0449 2200 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
10:17:12.0449 2200 AVGIDSEH - ok
10:17:12.0465 2200 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
10:17:12.0465 2200 AVGIDSFilter - ok
10:17:12.0496 2200 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
10:17:12.0496 2200 AVGIDSShim - ok
10:17:12.0558 2200 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
10:17:12.0558 2200 Avgldx86 - ok
10:17:12.0590 2200 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
10:17:12.0590 2200 Avgmfx86 - ok
10:17:12.0652 2200 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
10:17:12.0668 2200 Avgrkx86 - ok
10:17:12.0699 2200 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
10:17:12.0714 2200 Avgtdix - ok
10:17:12.0730 2200 BCM42RLY - ok
10:17:12.0824 2200 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
10:17:12.0855 2200 BCM43XX - ok
10:17:12.0902 2200 Beep - ok
10:17:12.0964 2200 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:17:12.0980 2200 blbdrive - ok
10:17:13.0026 2200 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
10:17:13.0026 2200 bowser - ok
10:17:13.0058 2200 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:17:13.0058 2200 BrFiltLo - ok
10:17:13.0104 2200 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:17:13.0104 2200 BrFiltUp - ok
10:17:13.0151 2200 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:17:13.0167 2200 Brserid - ok
10:17:13.0214 2200 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:17:13.0229 2200 BrSerWdm - ok
10:17:13.0245 2200 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:17:13.0245 2200 BrUsbMdm - ok
10:17:13.0307 2200 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:17:13.0307 2200 BrUsbSer - ok
10:17:13.0354 2200 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:17:13.0370 2200 BTHMODEM - ok
10:17:13.0416 2200 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:17:13.0432 2200 cdfs - ok
10:17:13.0494 2200 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:17:13.0494 2200 cdrom - ok
10:17:13.0557 2200 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:17:13.0572 2200 circlass - ok
10:17:13.0666 2200 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:17:13.0682 2200 CLFS - ok
10:17:13.0775 2200 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:17:13.0775 2200 CmBatt - ok
10:17:13.0806 2200 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:17:13.0806 2200 cmdide - ok
10:17:13.0822 2200 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:17:13.0838 2200 Compbatt - ok
10:17:13.0853 2200 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:17:13.0869 2200 crcdisk - ok
10:17:13.0900 2200 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:17:13.0916 2200 Crusoe - ok
10:17:14.0025 2200 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
10:17:14.0025 2200 DfsC - ok
10:17:14.0072 2200 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:17:14.0072 2200 disk - ok
10:17:14.0165 2200 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:17:14.0165 2200 Dot4 - ok
10:17:14.0196 2200 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:17:14.0212 2200 Dot4Print - ok
10:17:14.0228 2200 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:17:14.0243 2200 dot4usb - ok
10:17:14.0274 2200 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:17:14.0290 2200 drmkaud - ok
10:17:14.0352 2200 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
10:17:14.0368 2200 DXGKrnl - ok
10:17:14.0415 2200 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
10:17:14.0430 2200 e1express - ok
10:17:14.0446 2200 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:17:14.0462 2200 E1G60 - ok
10:17:14.0508 2200 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:17:14.0508 2200 Ecache - ok
10:17:14.0555 2200 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:17:14.0571 2200 elxstor - ok
10:17:14.0602 2200 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:17:14.0618 2200 ErrDev - ok
10:17:14.0649 2200 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:17:14.0664 2200 exfat - ok
10:17:14.0711 2200 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:17:14.0711 2200 fastfat - ok
10:17:14.0758 2200 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:17:14.0774 2200 fdc - ok
10:17:14.0805 2200 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:17:14.0820 2200 FileInfo - ok
10:17:14.0836 2200 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:17:14.0852 2200 Filetrace - ok
10:17:14.0867 2200 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:17:14.0867 2200 flpydisk - ok
10:17:14.0898 2200 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:17:14.0898 2200 FltMgr - ok
10:17:14.0930 2200 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:17:14.0930 2200 Fs_Rec - ok
10:17:14.0976 2200 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:17:14.0976 2200 gagp30kx - ok
10:17:15.0008 2200 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:17:15.0008 2200 GEARAspiWDM - ok
10:17:15.0023 2200 gfbvwjov - ok
10:17:15.0148 2200 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:17:15.0179 2200 HDAudBus - ok
10:17:15.0242 2200 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:17:15.0242 2200 HidBth - ok
10:17:15.0273 2200 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:17:15.0288 2200 HidIr - ok
10:17:15.0320 2200 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:17:15.0335 2200 HidUsb - ok
10:17:15.0351 2200 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:17:15.0366 2200 HpCISSs - ok
10:17:15.0429 2200 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:17:15.0460 2200 HSF_DPV - ok
10:17:15.0491 2200 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:17:15.0507 2200 HSXHWAZL - ok
10:17:15.0585 2200 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:17:15.0600 2200 HTTP - ok
10:17:15.0632 2200 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:17:15.0647 2200 i2omp - ok
10:17:15.0663 2200 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:17:15.0663 2200 i8042prt - ok
10:17:15.0710 2200 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
10:17:15.0710 2200 iaStor - ok
10:17:15.0756 2200 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:17:15.0772 2200 iaStorV - ok
10:17:15.0897 2200 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:17:15.0959 2200 igfx - ok
10:17:15.0990 2200 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:17:16.0006 2200 iirsp - ok
10:17:16.0068 2200 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
10:17:16.0068 2200 IntcHdmiAddService - ok
10:17:16.0084 2200 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
10:17:16.0100 2200 intelide - ok
10:17:16.0115 2200 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:17:16.0115 2200 intelppm - ok
10:17:16.0146 2200 IpInIp - ok
10:17:16.0178 2200 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:17:16.0178 2200 IPMIDRV - ok
10:17:16.0193 2200 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:17:16.0209 2200 IPNAT - ok
10:17:16.0256 2200 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:17:16.0271 2200 IRENUM - ok
10:17:16.0287 2200 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:17:16.0287 2200 isapnp - ok
10:17:16.0334 2200 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:17:16.0349 2200 iScsiPrt - ok
10:17:16.0365 2200 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:17:16.0365 2200 iteatapi - ok
10:17:16.0380 2200 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:17:16.0396 2200 iteraid - ok
10:17:16.0490 2200 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:17:16.0490 2200 kbdclass - ok
10:17:16.0521 2200 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:17:16.0521 2200 kbdhid - ok
10:17:16.0568 2200 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:17:16.0599 2200 KSecDD - ok
10:17:16.0677 2200 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:17:16.0677 2200 lltdio - ok
10:17:16.0755 2200 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:17:16.0755 2200 LSI_FC - ok
10:17:16.0802 2200 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:17:16.0817 2200 LSI_SAS - ok
10:17:16.0848 2200 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:17:16.0848 2200 LSI_SCSI - ok
10:17:16.0880 2200 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:17:16.0895 2200 luafv - ok
10:17:16.0942 2200 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:17:16.0942 2200 mdmxsdk - ok
10:17:17.0004 2200 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:17:17.0004 2200 megasas - ok
10:17:17.0067 2200 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:17:17.0082 2200 MegaSR - ok
10:17:17.0129 2200 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:17:17.0129 2200 Modem - ok
10:17:17.0160 2200 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:17:17.0160 2200 monitor - ok
10:17:17.0207 2200 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:17:17.0207 2200 mouclass - ok
10:17:17.0238 2200 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:17:17.0238 2200 mouhid - ok
10:17:17.0301 2200 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:17:17.0301 2200 MountMgr - ok
10:17:17.0332 2200 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:17:17.0348 2200 mpio - ok
10:17:17.0394 2200 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:17:17.0394 2200 mpsdrv - ok
10:17:17.0472 2200 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:17:17.0472 2200 Mraid35x - ok
10:17:17.0519 2200 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:17:17.0519 2200 MRxDAV - ok
10:17:17.0566 2200 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:17:17.0566 2200 mrxsmb - ok
10:17:17.0628 2200 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:17:17.0628 2200 mrxsmb10 - ok
10:17:17.0675 2200 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:17:17.0675 2200 mrxsmb20 - ok
10:17:17.0753 2200 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:17:17.0753 2200 msahci - ok
10:17:17.0816 2200 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:17:17.0816 2200 msdsm - ok
10:17:17.0862 2200 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:17:17.0878 2200 Msfs - ok
10:17:17.0894 2200 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:17:17.0909 2200 msisadrv - ok
10:17:17.0940 2200 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:17:17.0940 2200 MSKSSRV - ok
10:17:17.0956 2200 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:17:17.0956 2200 MSPCLOCK - ok
10:17:17.0987 2200 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:17:17.0987 2200 MSPQM - ok
10:17:18.0034 2200 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:17:18.0050 2200 MsRPC - ok
10:17:18.0081 2200 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:17:18.0081 2200 mssmbios - ok
10:17:18.0112 2200 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:17:18.0112 2200 MSTEE - ok
10:17:18.0159 2200 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:17:18.0174 2200 Mup - ok
10:17:18.0221 2200 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:17:18.0221 2200 NativeWifiP - ok
10:17:18.0299 2200 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:17:18.0315 2200 NDIS - ok
10:17:18.0346 2200 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:17:18.0346 2200 NdisTapi - ok
10:17:18.0362 2200 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:17:18.0362 2200 Ndisuio - ok
10:17:18.0408 2200 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:17:18.0408 2200 NdisWan - ok
10:17:18.0440 2200 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:17:18.0440 2200 NDProxy - ok
10:17:18.0471 2200 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:17:18.0471 2200 NetBIOS - ok
10:17:18.0518 2200 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:17:18.0518 2200 netbt - ok
10:17:18.0611 2200 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:17:18.0611 2200 nfrd960 - ok
10:17:18.0689 2200 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:17:18.0689 2200 Npfs - ok
10:17:18.0736 2200 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:17:18.0736 2200 nsiproxy - ok
10:17:18.0876 2200 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:17:18.0908 2200 Ntfs - ok
10:17:18.0939 2200 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:17:18.0939 2200 ntrigdigi - ok
10:17:18.0970 2200 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:17:18.0970 2200 Null - ok
10:17:19.0001 2200 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:17:19.0001 2200 nvraid - ok
10:17:19.0032 2200 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:17:19.0048 2200 nvstor - ok
10:17:19.0079 2200 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:17:19.0079 2200 nv_agp - ok
10:17:19.0095 2200 NwlnkFlt - ok
10:17:19.0110 2200 NwlnkFwd - ok
10:17:19.0204 2200 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
10:17:19.0204 2200 OEM02Dev - ok
10:17:19.0220 2200 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
10:17:19.0220 2200 OEM02Vfx - ok
10:17:19.0266 2200 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
10:17:19.0266 2200 ohci1394 - ok
10:17:19.0313 2200 Parport (4050007acf93c6b2d2abd3e58f3cda98) C:\Windows\system32\drivers\parport.sys
10:17:19.0313 2200 Parport - ok
10:17:19.0344 2200 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:17:19.0360 2200 partmgr - ok
10:17:19.0376 2200 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:17:19.0391 2200 Parvdm - ok
10:17:19.0438 2200 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:17:19.0438 2200 pci - ok
10:17:19.0469 2200 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:17:19.0469 2200 pciide - ok
10:17:19.0532 2200 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:17:19.0532 2200 pcmcia - ok
10:17:19.0610 2200 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:17:19.0641 2200 PEAUTH - ok
10:17:19.0750 2200 pnarp (3de33bce4a930edf57bd1f742823bcd8) C:\Windows\system32\DRIVERS\pnarp.sys
10:17:19.0750 2200 pnarp - ok
10:17:19.0797 2200 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:17:19.0812 2200 PptpMiniport - ok
10:17:19.0844 2200 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:17:19.0844 2200 Processor - ok
10:17:19.0922 2200 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:17:19.0922 2200 PSched - ok
10:17:19.0953 2200 purendis (53efa6066e7ffaa1ad91c7fb40ffd2ec) C:\Windows\system32\DRIVERS\purendis.sys
10:17:19.0953 2200 purendis - ok
10:17:20.0000 2200 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
10:17:20.0000 2200 PxHelp20 - ok
10:17:20.0062 2200 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:17:20.0109 2200 ql2300 - ok
10:17:20.0171 2200 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:17:20.0187 2200 ql40xx - ok
10:17:20.0218 2200 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:17:20.0218 2200 QWAVEdrv - ok
10:17:20.0343 2200 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
10:17:20.0452 2200 R300 - ok
10:17:20.0514 2200 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:17:20.0514 2200 RasAcd - ok
10:17:20.0561 2200 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:17:20.0561 2200 Rasl2tp - ok
10:17:20.0655 2200 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:17:20.0655 2200 RasPppoe - ok
10:17:20.0733 2200 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:17:20.0733 2200 RasSstp - ok
10:17:20.0873 2200 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:17:20.0873 2200 rdbss - ok
10:17:20.0982 2200 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:17:20.0982 2200 RDPCDD - ok
10:17:21.0029 2200 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:17:21.0029 2200 rdpdr - ok
10:17:21.0060 2200 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:17:21.0060 2200 RDPENCDD - ok
10:17:21.0107 2200 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:17:21.0107 2200 RDPWD - ok
10:17:21.0185 2200 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
10:17:21.0201 2200 rimmptsk - ok
10:17:21.0216 2200 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
10:17:21.0216 2200 rimsptsk - ok
10:17:21.0232 2200 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
10:17:21.0248 2200 rismxdp - ok
10:17:21.0279 2200 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:17:21.0279 2200 rspndr - ok
10:17:21.0326 2200 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:17:21.0341 2200 sbp2port - ok
10:17:21.0388 2200 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
10:17:21.0404 2200 sdbus - ok
10:17:21.0435 2200 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:17:21.0450 2200 secdrv - ok
10:17:21.0482 2200 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:17:21.0497 2200 Serenum - ok
10:17:21.0528 2200 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:17:21.0544 2200 Serial - ok
10:17:21.0591 2200 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:17:21.0591 2200 sermouse - ok
10:17:21.0669 2200 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
10:17:21.0669 2200 sffdisk - ok
10:17:21.0700 2200 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:17:21.0716 2200 sffp_mmc - ok
10:17:21.0778 2200 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:17:21.0778 2200 sffp_sd - ok
10:17:21.0856 2200 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:17:21.0856 2200 sfloppy - ok
10:17:21.0934 2200 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:17:21.0950 2200 sisagp - ok
10:17:22.0012 2200 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:17:22.0012 2200 SiSRaid2 - ok
10:17:22.0074 2200 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:17:22.0074 2200 SiSRaid4 - ok
10:17:22.0152 2200 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:17:22.0152 2200 Smb - ok
10:17:22.0215 2200 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:17:22.0230 2200 spldr - ok
10:17:22.0277 2200 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
10:17:22.0293 2200 srv - ok
10:17:22.0324 2200 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
10:17:22.0324 2200 srv2 - ok
10:17:22.0371 2200 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
10:17:22.0386 2200 srvnet - ok
10:17:22.0433 2200 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
10:17:22.0464 2200 STHDA - ok
10:17:22.0527 2200 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:17:22.0527 2200 swenum - ok
10:17:22.0620 2200 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:17:22.0636 2200 Symc8xx - ok
10:17:22.0667 2200 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:17:22.0667 2200 Sym_hi - ok
10:17:22.0761 2200 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:17:22.0761 2200 Sym_u3 - ok
10:17:22.0886 2200 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
10:17:22.0917 2200 Tcpip - ok
10:17:22.0964 2200 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
10:17:22.0964 2200 Tcpip6 - ok
10:17:23.0042 2200 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:17:23.0042 2200 tcpipreg - ok
10:17:23.0088 2200 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:17:23.0088 2200 TDPIPE - ok
10:17:23.0120 2200 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:17:23.0120 2200 TDTCP - ok
10:17:23.0166 2200 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:17:23.0166 2200 tdx - ok
10:17:23.0213 2200 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:17:23.0213 2200 TermDD - ok
10:17:23.0291 2200 tmcomm (4d2f1c657fab4707c33832154d8b7cbf) C:\Windows\system32\DRIVERS\tmcomm.sys
10:17:23.0291 2200 tmcomm - ok
10:17:23.0354 2200 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:17:23.0354 2200 tssecsrv - ok
10:17:23.0385 2200 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:17:23.0385 2200 tunmp - ok
10:17:23.0416 2200 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:17:23.0416 2200 tunnel - ok
10:17:23.0463 2200 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:17:23.0463 2200 uagp35 - ok
10:17:23.0510 2200 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:17:23.0525 2200 udfs - ok
10:17:23.0572 2200 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:17:23.0572 2200 uliagpkx - ok
10:17:23.0634 2200 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:17:23.0650 2200 uliahci - ok
10:17:23.0681 2200 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:17:23.0681 2200 UlSata - ok
10:17:23.0712 2200 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:17:23.0712 2200 ulsata2 - ok
10:17:23.0744 2200 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:17:23.0744 2200 umbus - ok
10:17:23.0806 2200 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:17:23.0806 2200 usbccgp - ok
10:17:23.0853 2200 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:17:23.0853 2200 usbcir - ok
10:17:23.0946 2200 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:17:23.0946 2200 usbehci - ok
10:17:23.0993 2200 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:17:23.0993 2200 usbhub - ok
10:17:24.0056 2200 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:17:24.0056 2200 usbohci - ok
10:17:24.0087 2200 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:17:24.0102 2200 usbprint - ok
10:17:24.0134 2200 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:17:24.0134 2200 usbscan - ok
10:17:24.0180 2200 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:17:24.0180 2200 USBSTOR - ok
10:17:24.0212 2200 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:17:24.0227 2200 usbuhci - ok
10:17:24.0274 2200 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:17:24.0274 2200 vga - ok
10:17:24.0305 2200 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:17:24.0305 2200 VgaSave - ok
10:17:24.0336 2200 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:17:24.0336 2200 viaagp - ok
10:17:24.0399 2200 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:17:24.0399 2200 ViaC7 - ok
10:17:24.0430 2200 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:17:24.0430 2200 viaide - ok
10:17:24.0461 2200 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:17:24.0477 2200 volmgr - ok
10:17:24.0508 2200 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:17:24.0524 2200 volmgrx - ok
10:17:24.0570 2200 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
10:17:24.0586 2200 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
10:17:24.0586 2200 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
10:17:24.0586 2200 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
10:17:24.0617 2200 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:17:24.0617 2200 vsmraid - ok
10:17:24.0664 2200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:17:24.0680 2200 WacomPen - ok
10:17:24.0695 2200 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:17:24.0695 2200 Wanarp - ok
10:17:24.0711 2200 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:17:24.0711 2200 Wanarpv6 - ok
10:17:24.0773 2200 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:17:24.0773 2200 Wd - ok
10:17:24.0836 2200 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:17:24.0851 2200 Wdf01000 - ok
10:17:24.0945 2200 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:17:24.0976 2200 winachsf - ok
10:17:25.0085 2200 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:17:25.0085 2200 WmiAcpi - ok
10:17:25.0148 2200 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:17:25.0148 2200 ws2ifsl - ok
10:17:25.0194 2200 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:17:25.0210 2200 WUDFRd - ok
10:17:25.0241 2200 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
10:17:25.0241 2200 XAudio - ok
10:17:25.0319 2200 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
10:17:25.0319 2200 yukonwlh - ok
10:17:25.0350 2200 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
10:17:25.0444 2200 \Device\Harddisk0\DR0 - ok
10:17:25.0460 2200 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
10:17:25.0460 2200 \Device\Harddisk0\DR0\Partition0 - ok
10:17:25.0460 2200 Boot (0x1200) (6eb823f88d298c188019456d43267234) \Device\Harddisk0\DR0\Partition1
10:17:25.0460 2200 \Device\Harddisk0\DR0\Partition1 - ok
10:17:25.0460 2200 ============================================================
10:17:25.0460 2200 Scan finished
10:17:25.0460 2200 ============================================================
10:17:25.0475 0660 Detected object count: 1
10:17:25.0475 0660 Actual detected object count: 1
10:17:54.0829 0660 Backup copy found, using it..
10:17:54.0861 0660 C:\Windows\system32\drivers\volsnap.sys - will be cured on reboot
10:17:54.0861 0660 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure
10:18:06.0077 2424 Deinitialize success


Here are the RKill log results from today:


This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 11/06/2011 at 10:29:08.
Operating System: Windows Vista ™ Home Premium


Processes terminated by Rkill or while it was running:

\\?\C:\Windows\system32\wbem\WMIADAP.EXE


Rkill completed on 11/06/2011 at 10:29:14.


Here are the Malwarebytes' results:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8097

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

11/6/2011 10:57:21 AM
mbam-log-2011-11-06 (10-57-21).txt

Scan type: Quick scan
Objects scanned: 169327
Time elapsed: 10 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I hope this will help! :)

Jenny

#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,962 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:08 AM

Posted 06 November 2011 - 01:50 PM

Good work. The Rootkit infection is solved.

Now for your Notepad not working.
Search the computer for NotePad.exe
If you found the file click the .exe file and see it it will open.

If it does it probably means that your .txt file association is damaged.

Go to this page.
http://www.winhelponline.com/articles/105/1/File-association-fixes-for-Windows-Vista.html

Click the .txt box. Download and run the .zip file extracted.
Extract the file and run the suggested program.

How is it now.

===


Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users