Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect and Audio Advertisements playing


  • This topic is locked This topic is locked
19 replies to this topic

#1 gafrmrswife

gafrmrswife

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 04 November 2011 - 10:38 PM

I had the PC Performance and Stability Analysis Report pop up and followed directions on another thread to remove it. I ran rkill, SAS, MBAM, TDDS killer, and ESET online scan. Find my topic here: http://www.bleepingcomputer.com/forums/topic426019.html/page__gopid__2464127#entry2464127

I am still getting redirects in google and random audio playing advertisement when no audio program is visibly running.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by AshleeWood at 23:08:10 on 2011-11-04
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3767.1602 [GMT -4:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {982ADE23-275B-0766-37C5-DE01A484098E}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: BitDefender Antispyware *Enabled/Updated* {234B3FC7-0161-08E8-0D75-E573DF034333}
FW: BitDefender Firewall *Enabled* {A0115F06-6D34-063E-1C9A-77345A574EF5}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\Explorer.EXE
C:\Users\AshleeWood\Desktop\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv79&r=27360610n925l0464z105a4562y25n
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv79&r=27360610n925l0464z105a4562y25n
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv79&r=27360610n925l0464z105a4562y25n
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv79&r=27360610n925l0464z105a4562y25n
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [jdcSJNAXRiGFdFP.exe] C:\ProgramData\jdcSJNAXRiGFdFP.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.254.254
TCP: Interfaces\{9EF1DB85-9CD3-470F-A5C6-396EF645ACF6} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53} : DhcpNameServer = 192.168.254.254
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\3416E65637E45647 : DhcpNameServer = 168.18.216.211 168.18.216.222
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\3456E6475727974556C6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\34F6E646F6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\743575F575962756C6563737 : DhcpNameServer = 168.18.216.211 168.18.216.222
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\7594E4F553349313 : DhcpNameServer = 192.168.254.254
TCP: Interfaces\{CF79823C-E338-4FCB-AD89-F2024E306D53}\D43634F627460284F6D656 : DhcpNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: BitDefender Toolbar: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun-x64: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun-x64: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun-x64: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AshleeWood\AppData\Roaming\Mozilla\Firefox\Profiles\xgggtoqa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch+
FF - prefs.js: browser.startup.homepage - hxxp://cm.my.yahoo.com/|http://mail.google.com/mail/?zx=1458o0owoygdw&shva=1#inbox|http://acrossthebranch.blogspot.com/|http://acrossthebranch.smugmug.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Windows\system32\DRIVERS\BdfNdisf6.sys --> C:\Windows\system32\DRIVERS\BdfNdisf6.sys [?]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-1-4 89680]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-1-19 103944]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-12-17 844320]
R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-1 366152]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-10-29 255744]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-1 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-12-17 240160]
R3 BDFM;BDFM;C:\Windows\system32\DRIVERS\bdfm.sys --> C:\Windows\system32\DRIVERS\bdfm.sys [?]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-12-17 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 278224]
S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-11 30192]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-05 01:57:17 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-11-04 13:40:10 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1630B494-4451-459D-80B2-C01A9CFD0A8E}\offreg.dll
2011-11-04 13:40:05 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1630B494-4451-459D-80B2-C01A9CFD0A8E}\mpengine.dll
2011-11-03 12:53:53 -------- d-----w- C:\Program Files (x86)\ESET
2011-11-02 17:00:46 -------- d-----w- C:\Windows\System32\SPReview
2011-11-02 01:35:40 -------- d-----w- C:\Users\AshleeWood\AppData\Roaming\Malwarebytes
2011-11-02 01:35:29 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-02 01:35:24 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-02 01:35:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-02 01:28:17 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{327DAB2A-D98E-4567-8587-08A68E4E621D}
2011-11-01 22:33:25 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-11-01 20:48:13 -------- d-----w- C:\Users\AshleeWood\AppData\Roaming\SUPERAntiSpyware.com
2011-11-01 20:47:58 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-10-30 05:02:50 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{98577301-1F32-4C13-816D-0EF24713C366}
2011-10-30 05:02:10 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{A512748B-90AF-406D-B9D2-95FE5DE832A8}
2011-10-28 14:34:12 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2011-10-28 14:34:12 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2011-10-16 03:41:59 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{F9F1FA03-1C9C-41A4-97D7-809300CCA363}
2011-10-16 03:41:19 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{FD850CE9-B48D-44B6-939C-D93971FF9DB0}
2011-10-14 02:07:02 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{0CE596C1-C443-4A32-9855-0E51F2F449BC}
2011-10-14 02:06:22 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{9736E93D-8E3D-48DD-B7C4-A241C12E759A}
2011-10-14 01:27:51 19416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2011-10-14 01:27:50 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-10-14 01:27:50 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-10-14 01:27:50 125912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2011-10-14 01:27:49 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-10-14 01:27:48 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2011-10-14 01:27:48 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-10-14 01:27:48 478168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-10-14 01:27:48 269272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
2011-10-14 01:27:48 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-10-14 01:27:47 719832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
2011-10-11 18:35:57 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{ECAE4270-D9E4-44FB-9729-4EC9DC3499F1}
2011-10-11 18:35:15 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{5C81AD7D-E9DF-4C49-A2A4-D0A1995D202E}
2011-10-11 18:23:50 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-11 18:23:50 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-11 18:23:49 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-11 18:23:49 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-11 18:23:49 288256 ----a-w- C:\Windows\System32\MSNP.ax
2011-10-11 18:23:49 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax
2011-10-11 18:23:48 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax
2011-10-11 18:23:48 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax
2011-10-11 18:23:48 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2011-10-11 18:23:47 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2011-10-11 18:21:53 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-11 18:21:53 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-11 18:21:53 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-11 18:21:53 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-10 19:42:07 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{52DABE17-AE70-4BCA-8B31-E8A51EC5137E}
2011-10-10 19:41:26 -------- d-----w- C:\Users\AshleeWood\AppData\Local\{8B73A96F-0DFA-4EA8-BDA4-A38AC59EFAC3}
.
==================== Find3M ====================
.
2011-11-02 18:21:01 152064 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-11-02 18:21:00 175104 ----a-w- C:\Windows\System32\msclmd.dll
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-06 03:07:02 3134976 ----a-w- C:\Windows\System32\win32k.sys
2011-08-20 05:45:20 1197568 ----a-w- C:\Windows\System32\wininet.dll
2011-08-20 05:41:16 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-08-20 04:38:10 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-08-20 04:35:20 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-08-20 04:20:23 482816 ----a-w- C:\Windows\System32\html.iec
2011-08-20 03:26:38 386048 ----a-w- C:\Windows\SysWow64\html.iec
.
============= FINISH: 23:18:30.81 ===============

Attached Files


Edited by gafrmrswife, 04 November 2011 - 10:38 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:37 AM

Posted 09 November 2011 - 10:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/426397 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 10 November 2011 - 03:09 PM

Hi,

please try to run TDSSKiller next:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 November 2011 - 09:46 PM

21:42:02.0086 0984 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
21:42:04.0098 0984 ============================================================
21:42:04.0098 0984 Current date / time: 2011/11/10 21:42:04.0098
21:42:04.0098 0984 SystemInfo:
21:42:04.0098 0984
21:42:04.0098 0984 OS Version: 6.1.7600 ServicePack: 0.0
21:42:04.0098 0984 Product type: Workstation
21:42:04.0098 0984 ComputerName: ASHLEEWOOD-PC
21:42:04.0098 0984 UserName: AshleeWood
21:42:04.0098 0984 Windows directory: C:\Windows
21:42:04.0098 0984 System windows directory: C:\Windows
21:42:04.0098 0984 Running under WOW64
21:42:04.0098 0984 Processor architecture: Intel x64
21:42:04.0098 0984 Number of processors: 4
21:42:04.0098 0984 Page size: 0x1000
21:42:04.0098 0984 Boot type: Normal boot
21:42:04.0098 0984 ============================================================
21:42:12.0912 0984 Initialize success
21:42:17.0967 4392 ============================================================
21:42:17.0967 4392 Scan started
21:42:17.0967 4392 Mode: Manual;
21:42:17.0967 4392 ============================================================
21:42:20.0166 4392 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
21:42:20.0197 4392 1394ohci - ok
21:42:20.0353 4392 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
21:42:20.0369 4392 ACPI - ok
21:42:20.0525 4392 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
21:42:20.0525 4392 AcpiPmi - ok
21:42:20.0884 4392 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:42:20.0931 4392 adp94xx - ok
21:42:21.0102 4392 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:42:21.0165 4392 adpahci - ok
21:42:21.0243 4392 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:42:21.0274 4392 adpu320 - ok
21:42:21.0617 4392 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
21:42:21.0633 4392 AFD - ok
21:42:21.0820 4392 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:42:21.0835 4392 agp440 - ok
21:42:22.0350 4392 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:42:22.0381 4392 aliide - ok
21:42:22.0522 4392 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:42:22.0537 4392 amdide - ok
21:42:22.0600 4392 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:42:22.0615 4392 AmdK8 - ok
21:42:22.0756 4392 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:42:22.0803 4392 AmdPPM - ok
21:42:22.0974 4392 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:42:22.0990 4392 amdsata - ok
21:42:23.0037 4392 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:42:23.0037 4392 amdsbs - ok
21:42:23.0177 4392 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:42:23.0193 4392 amdxata - ok
21:42:23.0239 4392 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:42:23.0255 4392 AppID - ok
21:42:23.0520 4392 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:42:23.0520 4392 arc - ok
21:42:23.0614 4392 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:42:23.0661 4392 arcsas - ok
21:42:23.0739 4392 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:42:23.0754 4392 AsyncMac - ok
21:42:23.0910 4392 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:42:23.0926 4392 atapi - ok
21:42:24.0191 4392 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
21:42:24.0238 4392 athr - ok
21:42:25.0080 4392 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
21:42:25.0299 4392 atikmdag - ok
21:42:25.0595 4392 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:42:25.0626 4392 b06bdrv - ok
21:42:25.0969 4392 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:42:26.0001 4392 b57nd60a - ok
21:42:26.0110 4392 BDFM (f050e487a787239c182c279ca97e8cf4) C:\Windows\system32\DRIVERS\bdfm.sys
21:42:26.0110 4392 BDFM - ok
21:42:26.0235 4392 BdfNdisf (cd211cfa62cab0d4c18b5cb8337f57c2) C:\Windows\system32\DRIVERS\BdfNdisf6.sys
21:42:26.0266 4392 BdfNdisf - ok
21:42:26.0375 4392 bdfsfltr (abd97bfb299713a51fe36aaab71f73a2) C:\Windows\system32\DRIVERS\bdfsfltr.sys
21:42:26.0406 4392 bdfsfltr - ok
21:42:26.0640 4392 bdfwfpf (1d634cdb4f742ac282d5265d46829ff6) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
21:42:26.0640 4392 bdfwfpf - ok
21:42:26.0890 4392 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys
21:42:26.0921 4392 BDVEDISK - ok
21:42:27.0015 4392 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:42:27.0030 4392 Beep - ok
21:42:27.0186 4392 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:42:27.0202 4392 blbdrive - ok
21:42:27.0420 4392 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:42:27.0451 4392 bowser - ok
21:42:27.0483 4392 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:42:27.0483 4392 BrFiltLo - ok
21:42:27.0529 4392 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:42:27.0529 4392 BrFiltUp - ok
21:42:27.0654 4392 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:42:27.0685 4392 Brserid - ok
21:42:27.0951 4392 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:42:27.0966 4392 BrSerWdm - ok
21:42:28.0091 4392 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:42:28.0107 4392 BrUsbMdm - ok
21:42:28.0185 4392 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:42:28.0200 4392 BrUsbSer - ok
21:42:28.0294 4392 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:42:28.0309 4392 BTHMODEM - ok
21:42:28.0575 4392 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
21:42:28.0621 4392 CAXHWAZL - ok
21:42:28.0746 4392 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:42:28.0746 4392 cdfs - ok
21:42:28.0824 4392 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys
21:42:28.0840 4392 cdrom - ok
21:42:29.0058 4392 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:42:29.0058 4392 circlass - ok
21:42:29.0167 4392 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:42:29.0183 4392 CLFS - ok
21:42:29.0339 4392 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:42:29.0339 4392 CmBatt - ok
21:42:29.0448 4392 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:42:29.0464 4392 cmdide - ok
21:42:29.0557 4392 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
21:42:29.0573 4392 CNG - ok
21:42:29.0651 4392 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:42:29.0667 4392 Compbatt - ok
21:42:29.0760 4392 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
21:42:29.0776 4392 CompositeBus - ok
21:42:29.0807 4392 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:42:29.0823 4392 crcdisk - ok
21:42:30.0010 4392 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:42:30.0025 4392 DfsC - ok
21:42:30.0150 4392 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:42:30.0150 4392 discache - ok
21:42:30.0213 4392 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:42:30.0213 4392 Disk - ok
21:42:30.0384 4392 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
21:42:30.0384 4392 DKbFltr - ok
21:42:30.0540 4392 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:42:30.0540 4392 drmkaud - ok
21:42:30.0665 4392 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:42:30.0696 4392 DXGKrnl - ok
21:42:30.0899 4392 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:42:31.0039 4392 ebdrv - ok
21:42:31.0180 4392 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:42:31.0195 4392 elxstor - ok
21:42:31.0336 4392 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:42:31.0351 4392 ErrDev - ok
21:42:31.0476 4392 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:42:31.0476 4392 exfat - ok
21:42:31.0507 4392 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:42:31.0539 4392 fastfat - ok
21:42:31.0648 4392 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:42:31.0663 4392 fdc - ok
21:42:31.0741 4392 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:42:31.0741 4392 FileInfo - ok
21:42:31.0773 4392 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:42:31.0773 4392 Filetrace - ok
21:42:31.0866 4392 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:42:31.0897 4392 flpydisk - ok
21:42:31.0929 4392 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:42:31.0944 4392 FltMgr - ok
21:42:32.0085 4392 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys
21:42:32.0116 4392 FlyUsb - ok
21:42:32.0163 4392 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:42:32.0178 4392 FsDepends - ok
21:42:32.0225 4392 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:42:32.0225 4392 Fs_Rec - ok
21:42:32.0287 4392 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:42:32.0303 4392 fvevol - ok
21:42:32.0381 4392 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:42:32.0397 4392 gagp30kx - ok
21:42:32.0459 4392 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:42:32.0459 4392 GEARAspiWDM - ok
21:42:32.0693 4392 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:42:32.0693 4392 hcw85cir - ok
21:42:32.0755 4392 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:42:32.0755 4392 HdAudAddService - ok
21:42:32.0833 4392 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
21:42:32.0833 4392 HDAudBus - ok
21:42:32.0911 4392 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:42:32.0911 4392 HECIx64 - ok
21:42:32.0943 4392 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:42:32.0958 4392 HidBatt - ok
21:42:32.0989 4392 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:42:33.0005 4392 HidBth - ok
21:42:33.0130 4392 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:42:33.0161 4392 HidIr - ok
21:42:33.0286 4392 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys
21:42:33.0286 4392 HidUsb - ok
21:42:33.0411 4392 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
21:42:33.0411 4392 HpSAMD - ok
21:42:33.0613 4392 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
21:42:33.0629 4392 HSF_DPV - ok
21:42:33.0754 4392 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:42:33.0769 4392 HTTP - ok
21:42:33.0785 4392 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:42:33.0785 4392 hwpolicy - ok
21:42:33.0910 4392 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:42:33.0941 4392 i8042prt - ok
21:42:34.0003 4392 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys
21:42:34.0019 4392 iaStor - ok
21:42:34.0159 4392 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:42:34.0159 4392 iaStorV - ok
21:42:34.0674 4392 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:42:34.0955 4392 igfx - ok
21:42:35.0127 4392 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:42:35.0142 4392 iirsp - ok
21:42:35.0251 4392 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
21:42:35.0267 4392 Impcd - ok
21:42:35.0361 4392 IntcAzAudAddService (492cd3a94913d753b4591cd9e29ec843) C:\Windows\system32\drivers\RTKVHD64.sys
21:42:35.0392 4392 IntcAzAudAddService - ok
21:42:35.0485 4392 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:42:35.0501 4392 IntcDAud - ok
21:42:35.0548 4392 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:42:35.0563 4392 intelide - ok
21:42:35.0766 4392 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:42:35.0766 4392 intelppm - ok
21:42:35.0844 4392 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:42:35.0844 4392 IpFilterDriver - ok
21:42:35.0985 4392 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
21:42:36.0031 4392 IPMIDRV - ok
21:42:36.0141 4392 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:42:36.0172 4392 IPNAT - ok
21:42:36.0343 4392 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:42:36.0375 4392 IRENUM - ok
21:42:36.0406 4392 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:42:36.0421 4392 isapnp - ok
21:42:36.0593 4392 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
21:42:36.0624 4392 iScsiPrt - ok
21:42:36.0874 4392 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:42:36.0889 4392 k57nd60a - ok
21:42:37.0139 4392 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:42:37.0170 4392 kbdclass - ok
21:42:37.0373 4392 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
21:42:37.0373 4392 kbdhid - ok
21:42:37.0607 4392 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
21:42:37.0607 4392 KSecDD - ok
21:42:37.0669 4392 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
21:42:37.0685 4392 KSecPkg - ok
21:42:37.0841 4392 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:42:37.0872 4392 ksthunk - ok
21:42:38.0169 4392 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:42:38.0184 4392 lltdio - ok
21:42:38.0746 4392 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:42:38.0761 4392 LSI_FC - ok
21:42:38.0886 4392 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:42:38.0886 4392 LSI_SAS - ok
21:42:38.0917 4392 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:42:38.0917 4392 LSI_SAS2 - ok
21:42:38.0949 4392 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:42:38.0964 4392 LSI_SCSI - ok
21:42:39.0027 4392 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:42:39.0042 4392 luafv - ok
21:42:39.0151 4392 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:42:39.0151 4392 MBAMProtector - ok
21:42:39.0245 4392 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:42:39.0245 4392 mdmxsdk - ok
21:42:39.0292 4392 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:42:39.0307 4392 megasas - ok
21:42:39.0573 4392 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:42:39.0588 4392 MegaSR - ok
21:42:39.0775 4392 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:42:39.0775 4392 Modem - ok
21:42:40.0197 4392 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:42:40.0197 4392 monitor - ok
21:42:40.0368 4392 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:42:40.0415 4392 mouclass - ok
21:42:40.0587 4392 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:42:40.0587 4392 mouhid - ok
21:42:40.0649 4392 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:42:40.0649 4392 mountmgr - ok
21:42:40.0868 4392 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
21:42:40.0914 4392 mpio - ok
21:42:41.0258 4392 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:42:41.0273 4392 mpsdrv - ok
21:42:41.0694 4392 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:42:41.0710 4392 MRxDAV - ok
21:42:42.0022 4392 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:42:42.0069 4392 mrxsmb - ok
21:42:42.0303 4392 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:42:42.0318 4392 mrxsmb10 - ok
21:42:42.0537 4392 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:42:42.0552 4392 mrxsmb20 - ok
21:42:42.0896 4392 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
21:42:42.0927 4392 msahci - ok
21:42:43.0660 4392 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
21:42:43.0691 4392 msdsm - ok
21:42:44.0128 4392 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:42:44.0222 4392 Msfs - ok
21:42:44.0643 4392 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:42:44.0705 4392 mshidkmdf - ok
21:42:45.0158 4392 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:42:45.0236 4392 msisadrv - ok
21:42:45.0860 4392 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:42:45.0906 4392 MSKSSRV - ok
21:42:46.0359 4392 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:42:46.0390 4392 MSPCLOCK - ok
21:42:46.0733 4392 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:42:46.0749 4392 MSPQM - ok
21:42:47.0186 4392 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:42:47.0201 4392 MsRPC - ok
21:42:47.0669 4392 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:42:47.0669 4392 mssmbios - ok
21:42:48.0246 4392 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:42:48.0309 4392 MSTEE - ok
21:42:48.0746 4392 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:42:48.0761 4392 MTConfig - ok
21:42:49.0026 4392 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:42:49.0042 4392 Mup - ok
21:42:49.0682 4392 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:42:49.0806 4392 NativeWifiP - ok
21:42:50.0430 4392 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
21:42:50.0555 4392 NDIS - ok
21:42:51.0023 4392 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:42:51.0054 4392 NdisCap - ok
21:42:51.0460 4392 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:42:51.0569 4392 NdisTapi - ok
21:42:52.0178 4392 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:42:52.0209 4392 Ndisuio - ok
21:42:52.0677 4392 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:42:52.0708 4392 NdisWan - ok
21:42:53.0160 4392 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:42:53.0160 4392 NDProxy - ok
21:42:53.0332 4392 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:42:53.0348 4392 NetBIOS - ok
21:42:53.0441 4392 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:42:53.0472 4392 NetBT - ok
21:42:53.0816 4392 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:42:53.0831 4392 nfrd960 - ok
21:42:54.0081 4392 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:42:54.0112 4392 Npfs - ok
21:42:54.0486 4392 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:42:54.0486 4392 nsiproxy - ok
21:42:55.0188 4392 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:42:55.0266 4392 Ntfs - ok
21:42:56.0171 4392 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
21:42:56.0187 4392 NTIDrvr - ok
21:42:56.0717 4392 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:42:56.0811 4392 Null - ok
21:42:57.0482 4392 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:42:57.0528 4392 nvraid - ok
21:42:57.0981 4392 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:42:58.0074 4392 nvstor - ok
21:42:58.0418 4392 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:42:58.0496 4392 nv_agp - ok
21:42:58.0932 4392 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:42:59.0010 4392 ohci1394 - ok
21:42:59.0541 4392 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:42:59.0650 4392 Parport - ok
21:43:00.0056 4392 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
21:43:00.0071 4392 partmgr - ok
21:43:00.0570 4392 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
21:43:00.0648 4392 pci - ok
21:43:01.0070 4392 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:43:01.0163 4392 pciide - ok
21:43:01.0662 4392 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:43:01.0709 4392 pcmcia - ok
21:43:02.0130 4392 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:43:02.0208 4392 pcw - ok
21:43:02.0801 4392 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:43:02.0864 4392 PEAUTH - ok
21:43:03.0456 4392 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:43:03.0566 4392 PptpMiniport - ok
21:43:04.0049 4392 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:43:04.0080 4392 Processor - ok
21:43:04.0829 4392 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:43:04.0829 4392 Psched - ok
21:43:05.0360 4392 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:43:05.0438 4392 PxHlpa64 - ok
21:43:06.0498 4392 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:43:06.0623 4392 ql2300 - ok
21:43:06.0701 4392 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:43:06.0701 4392 ql40xx - ok
21:43:06.0748 4392 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:43:06.0764 4392 QWAVEdrv - ok
21:43:06.0795 4392 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:43:06.0795 4392 RasAcd - ok
21:43:07.0060 4392 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:43:07.0076 4392 RasAgileVpn - ok
21:43:07.0278 4392 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:43:07.0294 4392 Rasl2tp - ok
21:43:07.0528 4392 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:43:07.0544 4392 RasPppoe - ok
21:43:07.0590 4392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:43:07.0606 4392 RasSstp - ok
21:43:07.0871 4392 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:43:07.0871 4392 rdbss - ok
21:43:08.0058 4392 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:43:08.0074 4392 rdpbus - ok
21:43:08.0277 4392 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:43:08.0277 4392 RDPCDD - ok
21:43:08.0402 4392 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:43:08.0417 4392 RDPENCDD - ok
21:43:08.0589 4392 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:43:08.0589 4392 RDPREFMP - ok
21:43:08.0745 4392 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
21:43:08.0745 4392 RDPWD - ok
21:43:08.0838 4392 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
21:43:08.0854 4392 rdyboost - ok
21:43:09.0104 4392 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:43:09.0119 4392 rspndr - ok
21:43:09.0213 4392 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
21:43:09.0213 4392 RSUSBSTOR - ok
21:43:09.0400 4392 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
21:43:09.0400 4392 RTHDMIAzAudService - ok
21:43:09.0540 4392 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:43:09.0540 4392 SASDIFSV - ok
21:43:09.0618 4392 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:43:09.0650 4392 SASKUTIL - ok
21:43:09.0868 4392 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
21:43:09.0884 4392 sbp2port - ok
21:43:10.0055 4392 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:43:10.0071 4392 scfilter - ok
21:43:10.0289 4392 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:43:10.0289 4392 secdrv - ok
21:43:10.0508 4392 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:43:10.0523 4392 Serenum - ok
21:43:10.0742 4392 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:43:10.0757 4392 Serial - ok
21:43:11.0147 4392 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:43:11.0178 4392 sermouse - ok
21:43:11.0522 4392 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:43:11.0522 4392 sffdisk - ok
21:43:11.0693 4392 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:43:11.0693 4392 sffp_mmc - ok
21:43:11.0818 4392 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
21:43:11.0865 4392 sffp_sd - ok
21:43:11.0927 4392 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:43:11.0927 4392 sfloppy - ok
21:43:12.0068 4392 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:43:12.0083 4392 SiSRaid2 - ok
21:43:12.0114 4392 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:43:12.0130 4392 SiSRaid4 - ok
21:43:12.0177 4392 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:43:12.0177 4392 Smb - ok
21:43:12.0458 4392 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:43:12.0473 4392 spldr - ok
21:43:12.0645 4392 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:43:12.0660 4392 srv - ok
21:43:12.0863 4392 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:43:12.0863 4392 srv2 - ok
21:43:13.0113 4392 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:43:13.0144 4392 SrvHsfHDA - ok
21:43:13.0799 4392 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:43:13.0877 4392 SrvHsfV92 - ok
21:43:14.0189 4392 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:43:14.0220 4392 SrvHsfWinac - ok
21:43:14.0392 4392 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:43:14.0439 4392 srvnet - ok
21:43:14.0532 4392 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:43:14.0548 4392 stexstor - ok
21:43:14.0610 4392 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:43:14.0626 4392 swenum - ok
21:43:14.0891 4392 SynTP (ecb9097c86db32bf3940590e0e1792c3) C:\Windows\system32\DRIVERS\SynTP.sys
21:43:14.0907 4392 SynTP - ok
21:43:15.0640 4392 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
21:43:15.0734 4392 Tcpip - ok
21:43:16.0404 4392 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
21:43:16.0467 4392 TCPIP6 - ok
21:43:16.0576 4392 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:43:16.0592 4392 tcpipreg - ok
21:43:16.0638 4392 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:43:16.0654 4392 TDPIPE - ok
21:43:16.0685 4392 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:43:16.0716 4392 TDTCP - ok
21:43:16.0888 4392 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:43:16.0919 4392 tdx - ok
21:43:17.0091 4392 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
21:43:17.0106 4392 TermDD - ok
21:43:17.0356 4392 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:43:17.0356 4392 tssecsrv - ok
21:43:17.0465 4392 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:43:17.0496 4392 tunnel - ok
21:43:17.0684 4392 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:43:17.0715 4392 uagp35 - ok
21:43:17.0777 4392 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
21:43:17.0777 4392 UBHelper - ok
21:43:17.0871 4392 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
21:43:17.0886 4392 udfs - ok
21:43:18.0011 4392 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:43:18.0042 4392 uliagpkx - ok
21:43:18.0183 4392 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\drivers\umbus.sys
21:43:18.0214 4392 umbus - ok
21:43:18.0370 4392 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:43:18.0417 4392 UmPass - ok
21:43:18.0635 4392 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
21:43:18.0651 4392 usbccgp - ok
21:43:18.0869 4392 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:43:18.0885 4392 usbcir - ok
21:43:18.0994 4392 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
21:43:19.0010 4392 usbehci - ok
21:43:19.0103 4392 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
21:43:19.0103 4392 usbhub - ok
21:43:19.0275 4392 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
21:43:19.0306 4392 usbohci - ok
21:43:19.0556 4392 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:43:19.0587 4392 usbprint - ok
21:43:19.0712 4392 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:43:19.0743 4392 usbscan - ok
21:43:19.0805 4392 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
21:43:19.0821 4392 USBSTOR - ok
21:43:19.0961 4392 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
21:43:19.0992 4392 usbuhci - ok
21:43:20.0133 4392 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
21:43:20.0133 4392 usbvideo - ok
21:43:20.0226 4392 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:43:20.0242 4392 vdrvroot - ok
21:43:20.0367 4392 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:43:20.0398 4392 vga - ok
21:43:20.0632 4392 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:43:20.0648 4392 VgaSave - ok
21:43:20.0975 4392 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
21:43:21.0006 4392 vhdmp - ok
21:43:21.0225 4392 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:43:21.0240 4392 viaide - ok
21:43:21.0287 4392 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
21:43:21.0287 4392 volmgr - ok
21:43:21.0334 4392 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:43:21.0365 4392 volmgrx - ok
21:43:21.0693 4392 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
21:43:21.0708 4392 volsnap - ok
21:43:21.0833 4392 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:43:21.0864 4392 vsmraid - ok
21:43:21.0896 4392 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:43:21.0896 4392 vwifibus - ok
21:43:21.0974 4392 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:43:22.0005 4392 vwififlt - ok
21:43:22.0052 4392 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:43:22.0083 4392 WacomPen - ok
21:43:22.0208 4392 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:43:22.0223 4392 WANARP - ok
21:43:22.0239 4392 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:43:22.0239 4392 Wanarpv6 - ok
21:43:22.0504 4392 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:43:22.0520 4392 Wd - ok
21:43:22.0956 4392 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:43:22.0988 4392 Wdf01000 - ok
21:43:23.0237 4392 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:43:23.0253 4392 WfpLwf - ok
21:43:23.0378 4392 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:43:23.0393 4392 WIMMount - ok
21:43:23.0690 4392 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
21:43:23.0721 4392 winachsf - ok
21:43:23.0939 4392 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
21:43:23.0970 4392 WinUsb - ok
21:43:24.0158 4392 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:43:24.0158 4392 WmiAcpi - ok
21:43:24.0314 4392 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:43:24.0345 4392 ws2ifsl - ok
21:43:24.0438 4392 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:43:24.0532 4392 WudfPf - ok
21:43:24.0672 4392 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:43:24.0688 4392 WUDFRd - ok
21:43:24.0969 4392 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
21:43:25.0031 4392 XAudio - ok
21:43:25.0468 4392 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:43:25.0530 4392 \Device\Harddisk0\DR0 - ok
21:43:25.0530 4392 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
21:43:25.0546 4392 \Device\Harddisk1\DR1 - ok
21:43:25.0562 4392 Boot (0x1200) (26e78d6fa159ad74322e53e20740faab) \Device\Harddisk0\DR0\Partition0
21:43:25.0562 4392 \Device\Harddisk0\DR0\Partition0 - ok
21:43:25.0577 4392 Boot (0x1200) (22579ca2804f6ff0665c2930a3129f33) \Device\Harddisk0\DR0\Partition1
21:43:25.0593 4392 \Device\Harddisk0\DR0\Partition1 - ok
21:43:25.0593 4392 Boot (0x1200) (c8bee2558fc0a40ba4e2e494518a1606) \Device\Harddisk1\DR1\Partition0
21:43:25.0593 4392 \Device\Harddisk1\DR1\Partition0 - ok
21:43:25.0593 4392 ============================================================
21:43:25.0593 4392 Scan finished
21:43:25.0593 4392 ============================================================
21:43:25.0608 4208 Detected object count: 0
21:43:25.0608 4208 Actual detected object count: 0
21:43:37.0761 1412 Deinitialize success

#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 12 November 2011 - 06:56 AM

Hi,

i think we need to do some checks from outside your OS:
Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • It will install a little bootable OS on your USB
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Download xPUDtestdisk.exe and save it to the USB device
  • Double click xPUDtestdisk.exe to extract the contents to your USB device
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Press Tool at the top
  • Choose Open Terminal
  • Type in: dd if=/dev/sda of=MBRbackup.zip bs=512 count=1 and hit Enter.

MBRbackup.zip should be created on your flash drive, please attach it to your next reply.

regard smyrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 13 November 2011 - 03:05 PM

I'm so sorry. Each time you've replied has been the morning of a day I was out of town for the day.

I can't get this to work. I followed the instructions to prepare the flash drive on my husband's computer. I did it twice. Then on mine, I couldn't get F12 to work, so I went to the boot menu in setup and put USB: Flash Memory as the first boot. I tried the flash drive in all four USB ports and get this error message each time.

cannot find kernel image: linux
boot:

What am I doing wrong? I'm so frustrated and am ready to wipe the thing clean and start over. I would really like to know what this virus/malware is though. I feel like I can't use my computer because I don't want to do anything that requires paswords.

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 13 November 2011 - 04:22 PM

Hi,

did you download the iso seperately and select it in the installer to create the flash drive?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 13 November 2011 - 05:02 PM

I had not done that. Now on boot it showssays the languagegame menu then it says loading xpud and loading media. Ready. Then it goes to a black screen.

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 13 November 2011 - 05:59 PM

Hi,

is the screen entirely black or do you see a command prompt?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 13 November 2011 - 06:11 PM

Just black. No prompt.

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 13 November 2011 - 06:22 PM

Tha'ts unfortunate. Did you get any error messages during creating the flash drive?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 13 November 2011 - 06:38 PM

No i didn't. I can try it one more time.

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 13 November 2011 - 07:34 PM

Yes, please do.


Do you have experience with other linux OS? Ubuntu for example?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 gafrmrswife

gafrmrswife
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 15 November 2011 - 05:00 PM

I don't have any experience with anything else but windows. I did the whole process over again and still get the black screen.

#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:37 AM

Posted 16 November 2011 - 03:17 AM

Hi,

the black screen suggests that xpud is incompatible with your hardware, I would suggest trying ubuntu next, as it has a wider range of supported software. However the download is somewhat bigger than 600Mb. Is this a problem?

If not please try this: http://www.pendrivelinux.com/put-kubuntu-10-04-on-a-flash-drive-using-windows/

If it is a problem let me know and we'll try something else.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users