Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with google redirect


  • This topic is locked This topic is locked
13 replies to this topic

#1 mitchell26

mitchell26

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 08 November 2011 - 10:44 AM

Hi,
it started as a google redirect thing, but now I get an "unable to connect" error for anything Google (search,maps...) and also Bing. I shut down my machine last night, and today everything runs crazy slow. 40fps programs are running at 2-3fps. There's a choppy lag when dragging windows on my desktop. it's bad :( Please help

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Run by chris kelton at 1:28:38 on 2011-11-08
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.147 [GMT -8:00]
.
AV: McAfee VirusScan *Enabled/Outdated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: Personal Firewall Plus *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Maya6.5\docs\wrapper.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Maya6.5\docs\jre\bin\java.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\Explorer.EXE
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
BHO: AutorunsDisabled - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: : {4d25f921-b9fe-4682-bf72-8ab8210d6d75} - c:\program files\mywaysa\srchasde\1.bin\deSrcAs.dll
BHO: : {56bf541c-b47a-4466-9042-ed9f112d5579} - c:\windows\system32\fkacfka.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee VirusScan: {ba52b914-b692-46c4-b683-905236f6f655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: {F5735C15-1FB2-41FE-BA12-242757E69DDE} - No File
TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\program files\netzero\Toolbar.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [VSOCheckTask] "c:\progra~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
mRun: [MCAgentExe] c:\progra~1\mcafee.com\agent\mcagent.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\McUpdate.exe
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [VirusScan Online] c:\progra~1\mcafee.com\vso\mcvsshld.exe
mRun: [MPFExe] c:\progra~1\mcafee.com\person~1\MpfTray.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [poolsv] "c:\windows\poolsv.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
StartupFolder: c:\docume~1\chrisk~1\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\docume~1\chrisk~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\documents and settings\chris kelton\start menu\programs\startup\PowerReg SchedulerV2.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\at&tse~1.lnk - c:\program files\sbc self support tool\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tabuse~1.lnk - c:\windows\system32\wtablet\TabUserW.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Display All Images with Full Quality - "c:\program files\netzero\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "c:\program files\netzero\qsacc\appres.dll/227"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Cate%20West%20-%20The%20Vanishing%20Files/Images/stg_drm.ocx
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Cate%20West%20-%20The%20Vanishing%20Files/Images/armhelper.ocx
TCP: Interfaces\{52B54A82-BC38-4B7C-99FD-1B337C2621A2} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{99BD8913-9D94-40B3-9F68-122D4B3896C3} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{9FC09AF9-A213-49AB-838D-380AA43B8529} : DhcpNameServer = 192.168.1.2 192.168.1.4
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp3.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
Hosts: 184.107.64.188 www.google.com
Hosts: 184.107.64.189 search.yahoo.com
Hosts: 184.107.64.189 www.bing.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\chris kelton\application data\mozilla\firefox\profiles\n17zsaa7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/watch?v=lArQZp30Vsw
FF - plugin: c:\documents and settings\chris kelton\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MPFIREWL;MPFIREWL;c:\windows\system32\drivers\MpFirewall.sys [2005-1-5 83325]
R1 RCFOX;SonicWALL IPsec Driver;c:\windows\system32\drivers\RCFOX.SYS [2008-10-12 86552]
R2 maya65docserver;Maya 6.5 Documentation Server;c:\maya6.5\docs\wrapper.exe -s c:\maya6.5\docs\wrapper.conf --> c:\maya6.5\docs\wrapper.exe -s

c:\maya6.5\docs\Wrapper.conf [?]
R2 McDetect.exe;McAfee WSC Integration;c:\program files\mcafee.com\agent\Mcdetect.exe [2006-7-29 126976]
R2 MCVSRte;McAfee.com VirusScan Online Realtime Engine;c:\progra~1\mcafee.com\vso\mcvsrte.exe [2005-1-5 122880]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-11-8 2253120]
R3 McShield;McAfee.com McShield;c:\progra~1\mcafee.com\vso\mcshield.exe [2005-1-5 225375]
R3 NaiFiltr;NaiFiltr;c:\windows\system32\drivers\NaiFiltr.sys [2005-1-5 23296]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-8 41272]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe [2005-1-5 245760]
S3 misalign;Data Misalignment Exception Kernel Driver;c:\windows\system32\drivers\misalign.sys [2008-10-20 8832]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\drivers\rcvpn.sys [2008-10-12 24876]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-5-14 11520]
S4 McTskshd.exe;McAfee Task Scheduler;c:\progra~1\mcafee.com\agent\mctskshd.exe [2006-7-29 122368]
.
=============== Created Last 30 ================
.
2011-11-08 09:05:30 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-08 08:20:54 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-11-08 08:20:47 286052 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-11-08 08:20:47 286052 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-11-08 08:20:47 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-11-08 08:19:53 65536 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-08 08:19:51 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-11-08 08:19:51 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-11-08 08:19:49 17240064 ----a-w- c:\windows\system32\nvcompiler.dll
2011-11-08 06:29:54 -------- d-----w- c:\documents and settings\chris kelton\local settings\application data\Western_Digital
2011-10-21 03:11:48 -------- d-----w- c:\documents and settings\chris kelton\local settings\application data\Chromium
2011-10-21 03:06:28 -------- d-----w- c:\documents and settings\chris kelton\application data\Might & Magic Heroes VI
2011-10-21 03:00:31 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-10-21 03:00:31 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-10-21 03:00:31 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-10-21 03:00:30 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-10-21 03:00:30 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-10-21 03:00:30 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-10-21 03:00:30 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-10-21 03:00:28 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
.
==================== Find3M ====================
.
2011-10-08 04:50:00 5595136 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-08 04:50:00 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-10-08 04:50:00 4226688 ----a-w- c:\windows\system32\nv4_disp.dll
2011-10-08 04:50:00 298304 ----a-w- c:\windows\system32\nvsvc32.exe
2011-10-08 04:50:00 2449408 ----a-w- c:\windows\system32\nvapi.dll
2011-10-08 04:50:00 2398016 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-08 04:50:00 220992 ----a-w- c:\windows\system32\nvcolor.exe
2011-10-08 04:50:00 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-08 04:50:00 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-08 04:50:00 17956864 ----a-w- c:\windows\system32\nvoglnt.dll
2011-10-08 04:50:00 16744256 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-08 04:50:00 12791488 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-09-01 01:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-20 00:17:37 6284664 ----a-w- C:\Silverlight.exe
2011-07-05 07:46:46 5154304 ----a-w- c:\program files\WindowsDefender.msi
2009-10-24 23:14:05 1364995 ----a-w- c:\program files\CamStudio20.exe
.
============= FINISH: 1:30:09.42 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 10 November 2011 - 01:39 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 mitchell26

mitchell26
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 11 November 2011 - 10:40 AM

Hi Gringo,
Thank you. ok, so when i run ComboFix.exe, first a window opens diplaying a list of "Extracting" files, then that window closes and a blue window with a flashing cursor opens.... and thats it, it hangs there. after giving the blue window an hour, i closed it and tried to run combofix again. i got the extracting list, and that was it, not even a blue window this time.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 11 November 2011 - 10:45 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 mitchell26

mitchell26
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 11 November 2011 - 11:14 AM

hmmm, "No Threats Found". here's the log:

09:32:57.0781 2924 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
09:32:59.0781 2924 ============================================================
09:32:59.0781 2924 Current date / time: 2011/11/11 09:32:59.0781
09:32:59.0781 2924 SystemInfo:
09:32:59.0781 2924
09:32:59.0781 2924 OS Version: 5.1.2600 ServicePack: 3.0
09:32:59.0781 2924 Product type: Workstation
09:32:59.0781 2924 ComputerName: ALYOSHA
09:32:59.0781 2924 UserName: Chris Kelson
09:32:59.0781 2924 Windows directory: C:\WINDOWS
09:32:59.0781 2924 System windows directory: C:\WINDOWS
09:32:59.0781 2924 Processor architecture: Intel x86
09:32:59.0781 2924 Number of processors: 2
09:32:59.0781 2924 Page size: 0x1000
09:32:59.0781 2924 Boot type: Normal boot
09:32:59.0781 2924 ============================================================
09:33:00.0046 2924 Initialize success
09:33:21.0921 2748 ============================================================
09:33:21.0921 2748 Scan started
09:33:21.0921 2748 Mode: Manual;
09:33:21.0921 2748 ============================================================
09:33:22.0078 2748 Abiosdsk - ok
09:33:22.0109 2748 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:33:22.0109 2748 abp480n5 - ok
09:33:22.0140 2748 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:33:22.0140 2748 ACPI - ok
09:33:22.0171 2748 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:33:22.0171 2748 ACPIEC - ok
09:33:22.0187 2748 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:33:22.0187 2748 adpu160m - ok
09:33:22.0218 2748 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:33:22.0218 2748 aec - ok
09:33:22.0265 2748 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
09:33:22.0265 2748 AFD - ok
09:33:22.0281 2748 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:33:22.0281 2748 agp440 - ok
09:33:22.0296 2748 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:33:22.0296 2748 agpCPQ - ok
09:33:22.0312 2748 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:33:22.0312 2748 Aha154x - ok
09:33:22.0328 2748 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:33:22.0343 2748 aic78u2 - ok
09:33:22.0343 2748 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:33:22.0359 2748 aic78xx - ok
09:33:22.0375 2748 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:33:22.0375 2748 AliIde - ok
09:33:22.0390 2748 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:33:22.0390 2748 alim1541 - ok
09:33:22.0390 2748 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:33:22.0406 2748 amdagp - ok
09:33:22.0406 2748 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:33:22.0406 2748 amsint - ok
09:33:22.0437 2748 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:33:22.0437 2748 Arp1394 - ok
09:33:22.0453 2748 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:33:22.0453 2748 asc - ok
09:33:22.0468 2748 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:33:22.0468 2748 asc3350p - ok
09:33:22.0484 2748 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:33:22.0484 2748 asc3550 - ok
09:33:22.0515 2748 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
09:33:22.0515 2748 ASCTRM - ok
09:33:22.0546 2748 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:33:22.0546 2748 AsyncMac - ok
09:33:22.0578 2748 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:33:22.0578 2748 atapi - ok
09:33:22.0593 2748 Atdisk - ok
09:33:22.0687 2748 ati2mtag (1bc00580219007683339b3a78b8f2232) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:33:22.0718 2748 ati2mtag - ok
09:33:22.0781 2748 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
09:33:22.0781 2748 atksgt - ok
09:33:22.0812 2748 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:33:22.0812 2748 Atmarpc - ok
09:33:22.0828 2748 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:33:22.0828 2748 audstub - ok
09:33:22.0843 2748 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:33:22.0859 2748 b57w2k - ok
09:33:22.0875 2748 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:33:22.0875 2748 Beep - ok
09:33:22.0890 2748 bvrp_pci - ok
09:33:22.0953 2748 Cap7134 (cdd70bf480385425dbdd33a9093957c2) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
09:33:22.0953 2748 Cap7134 - ok
09:33:22.0984 2748 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:33:22.0984 2748 cbidf - ok
09:33:23.0000 2748 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:33:23.0000 2748 cbidf2k - ok
09:33:23.0031 2748 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:33:23.0046 2748 CCDECODE - ok
09:33:23.0062 2748 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:33:23.0062 2748 cd20xrnt - ok
09:33:23.0078 2748 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:33:23.0078 2748 Cdaudio - ok
09:33:23.0093 2748 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:33:23.0093 2748 Cdfs - ok
09:33:23.0109 2748 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:33:23.0109 2748 Cdrom - ok
09:33:23.0125 2748 Changer - ok
09:33:23.0156 2748 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:33:23.0156 2748 CmdIde - ok
09:33:23.0171 2748 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:33:23.0171 2748 Cpqarray - ok
09:33:23.0203 2748 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:33:23.0203 2748 dac2w2k - ok
09:33:23.0218 2748 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:33:23.0218 2748 dac960nt - ok
09:33:23.0250 2748 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:33:23.0250 2748 Disk - ok
09:33:23.0328 2748 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:33:23.0343 2748 dmboot - ok
09:33:23.0375 2748 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:33:23.0390 2748 dmio - ok
09:33:23.0406 2748 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:33:23.0406 2748 dmload - ok
09:33:23.0437 2748 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:33:23.0437 2748 DMusic - ok
09:33:23.0500 2748 DNE (7efbafdec4f543d43296bdbdf912bdd4) C:\WINDOWS\system32\DRIVERS\dne2000.sys
09:33:23.0500 2748 DNE - ok
09:33:23.0531 2748 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:33:23.0531 2748 dpti2o - ok
09:33:23.0562 2748 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:33:23.0562 2748 drmkaud - ok
09:33:23.0609 2748 drvmcdb (b15f9e526ba511a48b1b1b8537815740) C:\WINDOWS\system32\drivers\drvmcdb.sys
09:33:23.0609 2748 drvmcdb - ok
09:33:23.0625 2748 drvnddm (fa4670cae95ae2bb857c68e535661145) C:\WINDOWS\system32\drivers\drvnddm.sys
09:33:23.0625 2748 drvnddm - ok
09:33:23.0640 2748 DS1410D - ok
09:33:23.0671 2748 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:33:23.0671 2748 E100B - ok
09:33:23.0718 2748 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:33:23.0718 2748 Fastfat - ok
09:33:23.0750 2748 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:33:23.0750 2748 Fdc - ok
09:33:23.0781 2748 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:33:23.0781 2748 Fips - ok
09:33:23.0812 2748 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:33:23.0812 2748 Flpydisk - ok
09:33:23.0843 2748 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:33:23.0843 2748 FltMgr - ok
09:33:23.0859 2748 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:33:23.0859 2748 Fs_Rec - ok
09:33:23.0890 2748 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:33:23.0890 2748 Ftdisk - ok
09:33:23.0921 2748 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:33:23.0921 2748 Gpc - ok
09:33:23.0953 2748 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:33:23.0953 2748 HidUsb - ok
09:33:23.0984 2748 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:33:23.0984 2748 hpn - ok
09:33:24.0000 2748 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:33:24.0015 2748 HSFHWBS2 - ok
09:33:24.0078 2748 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:33:24.0109 2748 HSF_DP - ok
09:33:24.0171 2748 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
09:33:24.0171 2748 HTTP - ok
09:33:24.0203 2748 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:33:24.0203 2748 i2omgmt - ok
09:33:24.0234 2748 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:33:24.0234 2748 i2omp - ok
09:33:24.0250 2748 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:33:24.0250 2748 i8042prt - ok
09:33:24.0281 2748 iaStor (d7731536e183b4397402ca6f9e1d52f7) C:\WINDOWS\system32\drivers\iaStor.sys
09:33:24.0281 2748 iaStor - ok
09:33:24.0312 2748 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:33:24.0312 2748 Imapi - ok
09:33:24.0328 2748 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:33:24.0328 2748 ini910u - ok
09:33:24.0359 2748 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:33:24.0359 2748 IntelIde - ok
09:33:24.0375 2748 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:33:24.0375 2748 intelppm - ok
09:33:24.0406 2748 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:33:24.0406 2748 Ip6Fw - ok
09:33:24.0421 2748 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:33:24.0421 2748 IpFilterDriver - ok
09:33:24.0437 2748 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:33:24.0437 2748 IpInIp - ok
09:33:24.0453 2748 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:33:24.0468 2748 IpNat - ok
09:33:24.0484 2748 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:33:24.0484 2748 IPSec - ok
09:33:24.0515 2748 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:33:24.0515 2748 IRENUM - ok
09:33:24.0531 2748 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:33:24.0546 2748 isapnp - ok
09:33:24.0562 2748 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:33:24.0562 2748 Kbdclass - ok
09:33:24.0593 2748 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:33:24.0609 2748 kbdhid - ok
09:33:24.0625 2748 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:33:24.0625 2748 kmixer - ok
09:33:24.0656 2748 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
09:33:24.0656 2748 KSecDD - ok
09:33:24.0671 2748 lbrtfdc - ok
09:33:24.0718 2748 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
09:33:24.0718 2748 lirsgt - ok
09:33:24.0765 2748 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
09:33:24.0765 2748 mcdbus - ok
09:33:24.0796 2748 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:33:24.0796 2748 mdmxsdk - ok
09:33:24.0843 2748 misalign (e62de4c2ee44699672f327d370f371b4) C:\WINDOWS\system32\drivers\misalign.sys
09:33:24.0843 2748 misalign - ok
09:33:24.0875 2748 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:33:24.0875 2748 mnmdd - ok
09:33:24.0906 2748 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:33:24.0906 2748 Modem - ok
09:33:24.0937 2748 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:33:24.0937 2748 MODEMCSA - ok
09:33:24.0953 2748 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:33:24.0953 2748 Mouclass - ok
09:33:25.0000 2748 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:33:25.0000 2748 mouhid - ok
09:33:25.0015 2748 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:33:25.0015 2748 MountMgr - ok
09:33:25.0046 2748 MPFIREWL (8867e5937ecae0782bdba20c8a6ad586) C:\WINDOWS\system32\Drivers\MpFirewall.sys
09:33:25.0062 2748 MPFIREWL - ok
09:33:25.0078 2748 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:33:25.0078 2748 mraid35x - ok
09:33:25.0125 2748 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:33:25.0125 2748 MRxDAV - ok
09:33:25.0171 2748 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:33:25.0187 2748 MRxSmb - ok
09:33:25.0203 2748 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:33:25.0203 2748 Msfs - ok
09:33:25.0234 2748 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:33:25.0234 2748 MSKSSRV - ok
09:33:25.0250 2748 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:33:25.0250 2748 MSPCLOCK - ok
09:33:25.0265 2748 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:33:25.0265 2748 MSPQM - ok
09:33:25.0296 2748 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:33:25.0312 2748 mssmbios - ok
09:33:25.0328 2748 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:33:25.0328 2748 MSTEE - ok
09:33:25.0343 2748 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
09:33:25.0343 2748 Mup - ok
09:33:25.0375 2748 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:33:25.0375 2748 NABTSFEC - ok
09:33:25.0390 2748 NaiFiltr (102de6d24087fb53ad47ca059a32fb66) C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
09:33:25.0406 2748 NaiFiltr - ok
09:33:25.0437 2748 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:33:25.0437 2748 NDIS - ok
09:33:25.0468 2748 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:33:25.0468 2748 NdisIP - ok
09:33:25.0484 2748 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:33:25.0484 2748 NdisTapi - ok
09:33:25.0500 2748 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:33:25.0500 2748 Ndisuio - ok
09:33:25.0531 2748 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:33:25.0531 2748 NdisWan - ok
09:33:25.0546 2748 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
09:33:25.0546 2748 NDProxy - ok
09:33:25.0578 2748 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:33:25.0578 2748 NetBIOS - ok
09:33:25.0593 2748 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:33:25.0609 2748 NetBT - ok
09:33:25.0640 2748 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:33:25.0640 2748 NIC1394 - ok
09:33:25.0656 2748 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:33:25.0656 2748 Npfs - ok
09:33:25.0703 2748 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:33:25.0703 2748 Ntfs - ok
09:33:25.0734 2748 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:33:25.0734 2748 Null - ok
09:33:26.0437 2748 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:33:27.0062 2748 nv - ok
09:33:27.0171 2748 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:33:27.0171 2748 NwlnkFlt - ok
09:33:27.0203 2748 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:33:27.0203 2748 NwlnkFwd - ok
09:33:27.0234 2748 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:33:27.0234 2748 ohci1394 - ok
09:33:27.0265 2748 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
09:33:27.0265 2748 omci - ok
09:33:27.0296 2748 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:33:27.0296 2748 Parport - ok
09:33:27.0328 2748 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:33:27.0328 2748 PartMgr - ok
09:33:27.0375 2748 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:33:27.0375 2748 ParVdm - ok
09:33:27.0390 2748 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:33:27.0390 2748 PCI - ok
09:33:27.0406 2748 PCIDump - ok
09:33:27.0453 2748 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:33:27.0453 2748 PCIIde - ok
09:33:27.0484 2748 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:33:27.0484 2748 Pcmcia - ok
09:33:27.0500 2748 PDCOMP - ok
09:33:27.0515 2748 PDFRAME - ok
09:33:27.0515 2748 PDRELI - ok
09:33:27.0531 2748 PDRFRAME - ok
09:33:27.0578 2748 PenClass (4a108cc9cc0e0605e68cce7021479879) C:\WINDOWS\system32\Drivers\PenClass.sys
09:33:27.0578 2748 PenClass - ok
09:33:27.0593 2748 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:33:27.0593 2748 perc2 - ok
09:33:27.0609 2748 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:33:27.0609 2748 perc2hib - ok
09:33:27.0671 2748 pnarp (f5ee6aceff997df5f3bf47126c745f6f) C:\WINDOWS\system32\DRIVERS\pnarp.sys
09:33:27.0671 2748 pnarp - ok
09:33:27.0703 2748 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:33:27.0703 2748 PptpMiniport - ok
09:33:27.0734 2748 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:33:27.0734 2748 PSched - ok
09:33:27.0750 2748 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:33:27.0750 2748 Ptilink - ok
09:33:27.0796 2748 purendis (182f9e6d35991c9f0f2fcf007daddcc9) C:\WINDOWS\system32\DRIVERS\purendis.sys
09:33:27.0796 2748 purendis - ok
09:33:27.0843 2748 PxHelp20 (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:33:27.0843 2748 PxHelp20 - ok
09:33:27.0859 2748 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:33:27.0859 2748 ql1080 - ok
09:33:27.0875 2748 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:33:27.0875 2748 Ql10wnt - ok
09:33:27.0890 2748 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:33:27.0890 2748 ql12160 - ok
09:33:27.0906 2748 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:33:27.0906 2748 ql1240 - ok
09:33:27.0921 2748 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:33:27.0921 2748 ql1280 - ok
09:33:27.0968 2748 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:33:27.0968 2748 RasAcd - ok
09:33:28.0000 2748 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:33:28.0000 2748 Rasl2tp - ok
09:33:28.0031 2748 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:33:28.0031 2748 RasPppoe - ok
09:33:28.0046 2748 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:33:28.0046 2748 Raspti - ok
09:33:28.0093 2748 RCFOX (8f1211a58c1bf3b63ca928878ac6deb0) C:\WINDOWS\system32\Drivers\RCFOX.sys
09:33:28.0093 2748 RCFOX - ok
09:33:28.0109 2748 rcvpn (bca39c96b11318cbc2797c4b842e22e4) C:\WINDOWS\system32\DRIVERS\rcvpn.sys
09:33:28.0109 2748 rcvpn - ok
09:33:28.0140 2748 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:33:28.0140 2748 Rdbss - ok
09:33:28.0156 2748 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:33:28.0156 2748 RDPCDD - ok
09:33:28.0187 2748 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:33:28.0187 2748 rdpdr - ok
09:33:28.0218 2748 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
09:33:28.0218 2748 RDPWD - ok
09:33:28.0234 2748 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:33:28.0234 2748 redbook - ok
09:33:28.0296 2748 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:33:28.0296 2748 Secdrv - ok
09:33:28.0359 2748 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:33:28.0359 2748 senfilt - ok
09:33:28.0406 2748 Sentinel (7a46d0a0d1e7a38ead05f7470d095d89) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
09:33:28.0406 2748 Sentinel - ok
09:33:28.0437 2748 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:33:28.0437 2748 serenum - ok
09:33:28.0468 2748 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:33:28.0468 2748 Serial - ok
09:33:28.0500 2748 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:33:28.0500 2748 Sfloppy - ok
09:33:28.0515 2748 Simbad - ok
09:33:28.0531 2748 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:33:28.0546 2748 sisagp - ok
09:33:28.0562 2748 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:33:28.0562 2748 SLIP - ok
09:33:28.0625 2748 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
09:33:28.0625 2748 smwdm - ok
09:33:28.0671 2748 Sntnlusb (87f799c486302aceff098e067d481d9c) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
09:33:28.0671 2748 Sntnlusb - ok
09:33:28.0718 2748 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:33:28.0718 2748 Sparrow - ok
09:33:28.0750 2748 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:33:28.0750 2748 splitter - ok
09:33:28.0765 2748 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:33:28.0765 2748 sr - ok
09:33:28.0812 2748 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
09:33:28.0812 2748 Srv - ok
09:33:28.0859 2748 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
09:33:28.0859 2748 sscdbhk5 - ok
09:33:28.0875 2748 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
09:33:28.0875 2748 ssrtln - ok
09:33:28.0906 2748 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:33:28.0906 2748 streamip - ok
09:33:28.0937 2748 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:33:28.0937 2748 swenum - ok
09:33:28.0953 2748 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:33:28.0953 2748 swmidi - ok
09:33:28.0968 2748 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:33:28.0968 2748 symc810 - ok
09:33:28.0984 2748 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:33:28.0984 2748 symc8xx - ok
09:33:29.0000 2748 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:33:29.0015 2748 sym_hi - ok
09:33:29.0031 2748 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:33:29.0031 2748 sym_u3 - ok
09:33:29.0062 2748 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:33:29.0062 2748 sysaudio - ok
09:33:29.0125 2748 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:33:29.0125 2748 Tcpip - ok
09:33:29.0156 2748 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:33:29.0156 2748 TDPIPE - ok
09:33:29.0187 2748 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:33:29.0187 2748 TDTCP - ok
09:33:29.0218 2748 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:33:29.0218 2748 TermDD - ok
09:33:29.0281 2748 tfsnboio (1d265cd2fb1673a0873bf8cec19ddc7f) C:\WINDOWS\system32\dla\tfsnboio.sys
09:33:29.0281 2748 tfsnboio - ok
09:33:29.0296 2748 tfsncofs (62e4901295e0467cac78e5b4b131ae5c) C:\WINDOWS\system32\dla\tfsncofs.sys
09:33:29.0296 2748 tfsncofs - ok
09:33:29.0312 2748 tfsndrct (a2f380f9252ab3464c859adf91eead9c) C:\WINDOWS\system32\dla\tfsndrct.sys
09:33:29.0328 2748 tfsndrct - ok
09:33:29.0343 2748 tfsndres (eee79bbefe9c6a2a3ce6c8753cfea950) C:\WINDOWS\system32\dla\tfsndres.sys
09:33:29.0343 2748 tfsndres - ok
09:33:29.0375 2748 tfsnifs (9d644eb11fec9487450c4cfcd63a5df4) C:\WINDOWS\system32\dla\tfsnifs.sys
09:33:29.0390 2748 tfsnifs - ok
09:33:29.0421 2748 tfsnopio (e656af05c67edb7c0e9230a5df71ed1b) C:\WINDOWS\system32\dla\tfsnopio.sys
09:33:29.0421 2748 tfsnopio - ok
09:33:29.0437 2748 tfsnpool (64fccb9cce703ca507dffc3cebf6b2cb) C:\WINDOWS\system32\dla\tfsnpool.sys
09:33:29.0437 2748 tfsnpool - ok
09:33:29.0453 2748 tfsnudf (48bc9d8ab4e4b9bff70fb18e55cec3d6) C:\WINDOWS\system32\dla\tfsnudf.sys
09:33:29.0453 2748 tfsnudf - ok
09:33:29.0484 2748 tfsnudfa (79f60822224256b49bfc855da8d651d5) C:\WINDOWS\system32\dla\tfsnudfa.sys
09:33:29.0484 2748 tfsnudfa - ok
09:33:29.0500 2748 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:33:29.0500 2748 TosIde - ok
09:33:29.0546 2748 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:33:29.0546 2748 Udfs - ok
09:33:29.0562 2748 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:33:29.0562 2748 ultra - ok
09:33:29.0625 2748 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:33:29.0625 2748 Update - ok
09:33:29.0671 2748 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:33:29.0671 2748 usbccgp - ok
09:33:29.0687 2748 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:33:29.0687 2748 usbehci - ok
09:33:29.0703 2748 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:33:29.0718 2748 usbhub - ok
09:33:29.0718 2748 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:33:29.0734 2748 USBSTOR - ok
09:33:29.0750 2748 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:33:29.0750 2748 usbuhci - ok
09:33:29.0765 2748 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:33:29.0765 2748 VgaSave - ok
09:33:29.0781 2748 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:33:29.0781 2748 viaagp - ok
09:33:29.0796 2748 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:33:29.0796 2748 ViaIde - ok
09:33:29.0812 2748 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:33:29.0812 2748 VolSnap - ok
09:33:29.0859 2748 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:33:29.0859 2748 Wanarp - ok
09:33:29.0890 2748 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
09:33:29.0890 2748 wanatw - ok
09:33:29.0921 2748 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
09:33:29.0921 2748 WDC_SAM - ok
09:33:29.0953 2748 WDICA - ok
09:33:29.0968 2748 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:33:29.0984 2748 wdmaud - ok
09:33:30.0015 2748 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:33:30.0031 2748 winachsf - ok
09:33:30.0093 2748 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:33:30.0093 2748 WSTCODEC - ok
09:33:30.0140 2748 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
09:33:30.0140 2748 \Device\Harddisk0\DR0 - ok
09:33:30.0156 2748 Boot (0x1200) (edadc84e916721c327742a541f598811) \Device\Harddisk0\DR0\Partition0
09:33:30.0156 2748 \Device\Harddisk0\DR0\Partition0 - ok
09:33:30.0156 2748 ============================================================
09:33:30.0156 2748 Scan finished
09:33:30.0156 2748 ============================================================
09:33:30.0171 3468 Detected object count: 0
09:33:30.0171 3468 Actual detected object count: 0
09:34:26.0046 3584 ============================================================
09:34:26.0046 3584 Scan started
09:34:26.0046 3584 Mode: Manual;
09:34:26.0046 3584 ============================================================
09:34:26.0187 3584 Abiosdsk - ok
09:34:26.0234 3584 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:34:26.0234 3584 abp480n5 - ok
09:34:26.0265 3584 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:34:26.0265 3584 ACPI - ok
09:34:26.0281 3584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:34:26.0281 3584 ACPIEC - ok
09:34:26.0296 3584 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:34:26.0296 3584 adpu160m - ok
09:34:26.0328 3584 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:34:26.0328 3584 aec - ok
09:34:26.0343 3584 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
09:34:26.0359 3584 AFD - ok
09:34:26.0359 3584 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:34:26.0359 3584 agp440 - ok
09:34:26.0375 3584 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:34:26.0375 3584 agpCPQ - ok
09:34:26.0390 3584 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:34:26.0390 3584 Aha154x - ok
09:34:26.0406 3584 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:34:26.0406 3584 aic78u2 - ok
09:34:26.0421 3584 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:34:26.0421 3584 aic78xx - ok
09:34:26.0437 3584 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:34:26.0437 3584 AliIde - ok
09:34:26.0453 3584 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:34:26.0453 3584 alim1541 - ok
09:34:26.0468 3584 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:34:26.0468 3584 amdagp - ok
09:34:26.0484 3584 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:34:26.0484 3584 amsint - ok
09:34:26.0515 3584 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:34:26.0515 3584 Arp1394 - ok
09:34:26.0531 3584 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:34:26.0531 3584 asc - ok
09:34:26.0531 3584 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:34:26.0531 3584 asc3350p - ok
09:34:26.0546 3584 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:34:26.0546 3584 asc3550 - ok
09:34:26.0578 3584 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
09:34:26.0578 3584 ASCTRM - ok
09:34:26.0609 3584 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:34:26.0625 3584 AsyncMac - ok
09:34:26.0656 3584 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:34:26.0656 3584 atapi - ok
09:34:26.0656 3584 Atdisk - ok
09:34:26.0750 3584 ati2mtag (1bc00580219007683339b3a78b8f2232) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:34:26.0750 3584 ati2mtag - ok
09:34:26.0796 3584 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
09:34:26.0796 3584 atksgt - ok
09:34:26.0812 3584 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:34:26.0812 3584 Atmarpc - ok
09:34:26.0843 3584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:34:26.0843 3584 audstub - ok
09:34:26.0859 3584 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:34:26.0859 3584 b57w2k - ok
09:34:26.0875 3584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:34:26.0875 3584 Beep - ok
09:34:26.0890 3584 bvrp_pci - ok
09:34:26.0953 3584 Cap7134 (cdd70bf480385425dbdd33a9093957c2) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
09:34:26.0953 3584 Cap7134 - ok
09:34:26.0968 3584 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:34:26.0968 3584 cbidf - ok
09:34:26.0968 3584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:34:26.0968 3584 cbidf2k - ok
09:34:27.0015 3584 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:34:27.0015 3584 CCDECODE - ok
09:34:27.0031 3584 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:34:27.0031 3584 cd20xrnt - ok
09:34:27.0046 3584 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:34:27.0046 3584 Cdaudio - ok
09:34:27.0062 3584 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:34:27.0078 3584 Cdfs - ok
09:34:27.0093 3584 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:34:27.0093 3584 Cdrom - ok
09:34:27.0093 3584 Changer - ok
09:34:27.0125 3584 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:34:27.0125 3584 CmdIde - ok
09:34:27.0140 3584 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:34:27.0140 3584 Cpqarray - ok
09:34:27.0171 3584 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:34:27.0171 3584 dac2w2k - ok
09:34:27.0187 3584 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:34:27.0187 3584 dac960nt - ok
09:34:27.0203 3584 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:34:27.0203 3584 Disk - ok
09:34:27.0296 3584 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:34:27.0296 3584 dmboot - ok
09:34:27.0328 3584 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:34:27.0328 3584 dmio - ok
09:34:27.0359 3584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:34:27.0359 3584 dmload - ok
09:34:27.0390 3584 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:34:27.0390 3584 DMusic - ok
09:34:27.0453 3584 DNE (7efbafdec4f543d43296bdbdf912bdd4) C:\WINDOWS\system32\DRIVERS\dne2000.sys
09:34:27.0453 3584 DNE - ok
09:34:27.0468 3584 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:34:27.0468 3584 dpti2o - ok
09:34:27.0484 3584 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:34:27.0484 3584 drmkaud - ok
09:34:27.0515 3584 drvmcdb (b15f9e526ba511a48b1b1b8537815740) C:\WINDOWS\system32\drivers\drvmcdb.sys
09:34:27.0515 3584 drvmcdb - ok
09:34:27.0546 3584 drvnddm (fa4670cae95ae2bb857c68e535661145) C:\WINDOWS\system32\drivers\drvnddm.sys
09:34:27.0546 3584 drvnddm - ok
09:34:27.0546 3584 DS1410D - ok
09:34:27.0578 3584 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:34:27.0578 3584 E100B - ok
09:34:27.0609 3584 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:34:27.0609 3584 Fastfat - ok
09:34:27.0640 3584 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:34:27.0640 3584 Fdc - ok
09:34:27.0671 3584 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:34:27.0671 3584 Fips - ok
09:34:27.0687 3584 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:34:27.0703 3584 Flpydisk - ok
09:34:27.0734 3584 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:34:27.0734 3584 FltMgr - ok
09:34:27.0750 3584 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:34:27.0750 3584 Fs_Rec - ok
09:34:27.0765 3584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:34:27.0765 3584 Ftdisk - ok
09:34:27.0796 3584 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:34:27.0796 3584 Gpc - ok
09:34:27.0828 3584 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:34:27.0828 3584 HidUsb - ok
09:34:27.0843 3584 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:34:27.0843 3584 hpn - ok
09:34:27.0859 3584 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:34:27.0859 3584 HSFHWBS2 - ok
09:34:27.0937 3584 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:34:27.0937 3584 HSF_DP - ok
09:34:27.0968 3584 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
09:34:27.0968 3584 HTTP - ok
09:34:28.0000 3584 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:34:28.0000 3584 i2omgmt - ok
09:34:28.0031 3584 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:34:28.0031 3584 i2omp - ok
09:34:28.0046 3584 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:34:28.0046 3584 i8042prt - ok
09:34:28.0078 3584 iaStor (d7731536e183b4397402ca6f9e1d52f7) C:\WINDOWS\system32\drivers\iaStor.sys
09:34:28.0078 3584 iaStor - ok
09:34:28.0093 3584 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:34:28.0093 3584 Imapi - ok
09:34:28.0109 3584 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:34:28.0109 3584 ini910u - ok
09:34:28.0140 3584 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:34:28.0140 3584 IntelIde - ok
09:34:28.0156 3584 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:34:28.0156 3584 intelppm - ok
09:34:28.0171 3584 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:34:28.0171 3584 Ip6Fw - ok
09:34:28.0187 3584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:34:28.0187 3584 IpFilterDriver - ok
09:34:28.0203 3584 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:34:28.0203 3584 IpInIp - ok
09:34:28.0234 3584 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:34:28.0234 3584 IpNat - ok
09:34:28.0250 3584 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:34:28.0250 3584 IPSec - ok
09:34:28.0281 3584 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:34:28.0281 3584 IRENUM - ok
09:34:28.0296 3584 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:34:28.0296 3584 isapnp - ok
09:34:28.0328 3584 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:34:28.0328 3584 Kbdclass - ok
09:34:28.0359 3584 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:34:28.0359 3584 kbdhid - ok
09:34:28.0375 3584 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:34:28.0390 3584 kmixer - ok
09:34:28.0406 3584 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
09:34:28.0406 3584 KSecDD - ok
09:34:28.0421 3584 lbrtfdc - ok
09:34:28.0468 3584 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
09:34:28.0468 3584 lirsgt - ok
09:34:28.0515 3584 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
09:34:28.0515 3584 mcdbus - ok
09:34:28.0546 3584 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:34:28.0546 3584 mdmxsdk - ok
09:34:28.0593 3584 misalign (e62de4c2ee44699672f327d370f371b4) C:\WINDOWS\system32\drivers\misalign.sys
09:34:28.0593 3584 misalign - ok
09:34:28.0609 3584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:34:28.0609 3584 mnmdd - ok
09:34:28.0640 3584 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:34:28.0640 3584 Modem - ok
09:34:28.0656 3584 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:34:28.0656 3584 MODEMCSA - ok
09:34:28.0671 3584 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:34:28.0671 3584 Mouclass - ok
09:34:28.0718 3584 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:34:28.0718 3584 mouhid - ok
09:34:28.0734 3584 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:34:28.0734 3584 MountMgr - ok
09:34:28.0781 3584 MPFIREWL (8867e5937ecae0782bdba20c8a6ad586) C:\WINDOWS\system32\Drivers\MpFirewall.sys
09:34:28.0781 3584 MPFIREWL - ok
09:34:28.0812 3584 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:34:28.0812 3584 mraid35x - ok
09:34:28.0828 3584 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:34:28.0828 3584 MRxDAV - ok
09:34:28.0859 3584 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:34:28.0859 3584 MRxSmb - ok
09:34:28.0875 3584 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:34:28.0890 3584 Msfs - ok
09:34:28.0921 3584 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:34:28.0921 3584 MSKSSRV - ok
09:34:28.0937 3584 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:34:28.0937 3584 MSPCLOCK - ok
09:34:28.0968 3584 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:34:28.0968 3584 MSPQM - ok
09:34:29.0015 3584 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:34:29.0015 3584 mssmbios - ok
09:34:29.0031 3584 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:34:29.0031 3584 MSTEE - ok
09:34:29.0046 3584 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
09:34:29.0046 3584 Mup - ok
09:34:29.0078 3584 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:34:29.0078 3584 NABTSFEC - ok
09:34:29.0109 3584 NaiFiltr (102de6d24087fb53ad47ca059a32fb66) C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
09:34:29.0109 3584 NaiFiltr - ok
09:34:29.0156 3584 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:34:29.0156 3584 NDIS - ok
09:34:29.0171 3584 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:34:29.0171 3584 NdisIP - ok
09:34:29.0203 3584 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:34:29.0203 3584 NdisTapi - ok
09:34:29.0218 3584 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:34:29.0218 3584 Ndisuio - ok
09:34:29.0234 3584 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:34:29.0234 3584 NdisWan - ok
09:34:29.0250 3584 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
09:34:29.0250 3584 NDProxy - ok
09:34:29.0265 3584 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:34:29.0265 3584 NetBIOS - ok
09:34:29.0296 3584 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:34:29.0296 3584 NetBT - ok
09:34:29.0328 3584 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:34:29.0328 3584 NIC1394 - ok
09:34:29.0359 3584 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:34:29.0359 3584 Npfs - ok
09:34:29.0390 3584 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:34:29.0390 3584 Ntfs - ok
09:34:29.0421 3584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:34:29.0421 3584 Null - ok
09:34:30.0125 3584 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:34:30.0187 3584 nv - ok
09:34:30.0296 3584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:34:30.0296 3584 NwlnkFlt - ok
09:34:30.0312 3584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:34:30.0312 3584 NwlnkFwd - ok
09:34:30.0343 3584 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:34:30.0343 3584 ohci1394 - ok
09:34:30.0390 3584 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
09:34:30.0390 3584 omci - ok
09:34:30.0421 3584 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:34:30.0421 3584 Parport - ok
09:34:30.0437 3584 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:34:30.0437 3584 PartMgr - ok
09:34:30.0484 3584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:34:30.0484 3584 ParVdm - ok
09:34:30.0500 3584 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:34:30.0500 3584 PCI - ok
09:34:30.0515 3584 PCIDump - ok
09:34:30.0562 3584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:34:30.0562 3584 PCIIde - ok
09:34:30.0593 3584 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:34:30.0593 3584 Pcmcia - ok
09:34:30.0593 3584 PDCOMP - ok
09:34:30.0609 3584 PDFRAME - ok
09:34:30.0625 3584 PDRELI - ok
09:34:30.0640 3584 PDRFRAME - ok
09:34:30.0671 3584 PenClass (4a108cc9cc0e0605e68cce7021479879) C:\WINDOWS\system32\Drivers\PenClass.sys
09:34:30.0687 3584 PenClass - ok
09:34:30.0687 3584 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:34:30.0687 3584 perc2 - ok
09:34:30.0703 3584 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:34:30.0703 3584 perc2hib - ok
09:34:30.0765 3584 pnarp (f5ee6aceff997df5f3bf47126c745f6f) C:\WINDOWS\system32\DRIVERS\pnarp.sys
09:34:30.0765 3584 pnarp - ok
09:34:30.0812 3584 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:34:30.0812 3584 PptpMiniport - ok
09:34:30.0828 3584 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:34:30.0828 3584 PSched - ok
09:34:30.0859 3584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:34:30.0859 3584 Ptilink - ok
09:34:30.0890 3584 purendis (182f9e6d35991c9f0f2fcf007daddcc9) C:\WINDOWS\system32\DRIVERS\purendis.sys
09:34:30.0890 3584 purendis - ok
09:34:30.0937 3584 PxHelp20 (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:34:30.0937 3584 PxHelp20 - ok
09:34:30.0968 3584 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:34:30.0968 3584 ql1080 - ok
09:34:30.0984 3584 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:34:30.0984 3584 Ql10wnt - ok
09:34:31.0000 3584 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:34:31.0000 3584 ql12160 - ok
09:34:31.0015 3584 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:34:31.0015 3584 ql1240 - ok
09:34:31.0031 3584 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:34:31.0031 3584 ql1280 - ok
09:34:31.0078 3584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:34:31.0078 3584 RasAcd - ok
09:34:31.0109 3584 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:34:31.0109 3584 Rasl2tp - ok
09:34:31.0125 3584 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:34:31.0125 3584 RasPppoe - ok
09:34:31.0140 3584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:34:31.0140 3584 Raspti - ok
09:34:31.0171 3584 RCFOX (8f1211a58c1bf3b63ca928878ac6deb0) C:\WINDOWS\system32\Drivers\RCFOX.sys
09:34:31.0171 3584 RCFOX - ok
09:34:31.0203 3584 rcvpn (bca39c96b11318cbc2797c4b842e22e4) C:\WINDOWS\system32\DRIVERS\rcvpn.sys
09:34:31.0203 3584 rcvpn - ok
09:34:31.0218 3584 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:34:31.0218 3584 Rdbss - ok
09:34:31.0234 3584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:34:31.0234 3584 RDPCDD - ok
09:34:31.0281 3584 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:34:31.0281 3584 rdpdr - ok
09:34:31.0296 3584 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
09:34:31.0296 3584 RDPWD - ok
09:34:31.0328 3584 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:34:31.0328 3584 redbook - ok
09:34:31.0375 3584 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:34:31.0375 3584 Secdrv - ok
09:34:31.0437 3584 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:34:31.0437 3584 senfilt - ok
09:34:31.0484 3584 Sentinel (7a46d0a0d1e7a38ead05f7470d095d89) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
09:34:31.0484 3584 Sentinel - ok
09:34:31.0500 3584 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:34:31.0500 3584 serenum - ok
09:34:31.0515 3584 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:34:31.0515 3584 Serial - ok
09:34:31.0531 3584 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:34:31.0531 3584 Sfloppy - ok
09:34:31.0562 3584 Simbad - ok
09:34:31.0578 3584 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:34:31.0578 3584 sisagp - ok
09:34:31.0609 3584 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:34:31.0609 3584 SLIP - ok
09:34:31.0656 3584 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
09:34:31.0671 3584 smwdm - ok
09:34:31.0703 3584 Sntnlusb (87f799c486302aceff098e067d481d9c) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
09:34:31.0703 3584 Sntnlusb - ok
09:34:31.0750 3584 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:34:31.0750 3584 Sparrow - ok
09:34:31.0765 3584 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:34:31.0765 3584 splitter - ok
09:34:31.0781 3584 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:34:31.0781 3584 sr - ok
09:34:31.0812 3584 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
09:34:31.0812 3584 Srv - ok
09:34:31.0859 3584 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
09:34:31.0859 3584 sscdbhk5 - ok
09:34:31.0906 3584 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
09:34:31.0906 3584 ssrtln - ok
09:34:31.0937 3584 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:34:31.0937 3584 streamip - ok
09:34:31.0968 3584 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:34:31.0968 3584 swenum - ok
09:34:31.0984 3584 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:34:31.0984 3584 swmidi - ok
09:34:32.0000 3584 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:34:32.0000 3584 symc810 - ok
09:34:32.0015 3584 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:34:32.0015 3584 symc8xx - ok
09:34:32.0031 3584 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:34:32.0031 3584 sym_hi - ok
09:34:32.0062 3584 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:34:32.0062 3584 sym_u3 - ok
09:34:32.0078 3584 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:34:32.0078 3584 sysaudio - ok
09:34:32.0140 3584 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:34:32.0140 3584 Tcpip - ok
09:34:32.0156 3584 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:34:32.0156 3584 TDPIPE - ok
09:34:32.0171 3584 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:34:32.0171 3584 TDTCP - ok
09:34:32.0203 3584 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:34:32.0203 3584 TermDD - ok
09:34:32.0281 3584 tfsnboio (1d265cd2fb1673a0873bf8cec19ddc7f) C:\WINDOWS\system32\dla\tfsnboio.sys
09:34:32.0281 3584 tfsnboio - ok
09:34:32.0281 3584 tfsncofs (62e4901295e0467cac78e5b4b131ae5c) C:\WINDOWS\system32\dla\tfsncofs.sys
09:34:32.0296 3584 tfsncofs - ok
09:34:32.0296 3584 tfsndrct (a2f380f9252ab3464c859adf91eead9c) C:\WINDOWS\system32\dla\tfsndrct.sys
09:34:32.0296 3584 tfsndrct - ok
09:34:32.0312 3584 tfsndres (eee79bbefe9c6a2a3ce6c8753cfea950) C:\WINDOWS\system32\dla\tfsndres.sys
09:34:32.0312 3584 tfsndres - ok
09:34:32.0359 3584 tfsnifs (9d644eb11fec9487450c4cfcd63a5df4) C:\WINDOWS\system32\dla\tfsnifs.sys
09:34:32.0359 3584 tfsnifs - ok
09:34:32.0390 3584 tfsnopio (e656af05c67edb7c0e9230a5df71ed1b) C:\WINDOWS\system32\dla\tfsnopio.sys
09:34:32.0390 3584 tfsnopio - ok
09:34:32.0406 3584 tfsnpool (64fccb9cce703ca507dffc3cebf6b2cb) C:\WINDOWS\system32\dla\tfsnpool.sys
09:34:32.0406 3584 tfsnpool - ok
09:34:32.0421 3584 tfsnudf (48bc9d8ab4e4b9bff70fb18e55cec3d6) C:\WINDOWS\system32\dla\tfsnudf.sys
09:34:32.0421 3584 tfsnudf - ok
09:34:32.0437 3584 tfsnudfa (79f60822224256b49bfc855da8d651d5) C:\WINDOWS\system32\dla\tfsnudfa.sys
09:34:32.0437 3584 tfsnudfa - ok
09:34:32.0468 3584 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:34:32.0468 3584 TosIde - ok
09:34:32.0515 3584 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:34:32.0515 3584 Udfs - ok
09:34:32.0531 3584 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:34:32.0531 3584 ultra - ok
09:34:32.0562 3584 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:34:32.0578 3584 Update - ok
09:34:32.0609 3584 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:34:32.0609 3584 usbccgp - ok
09:34:32.0640 3584 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:34:32.0640 3584 usbehci - ok
09:34:32.0671 3584 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:34:32.0671 3584 usbhub - ok
09:34:32.0687 3584 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:34:32.0687 3584 USBSTOR - ok
09:34:32.0687 3584 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:34:32.0703 3584 usbuhci - ok
09:34:32.0703 3584 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:34:32.0703 3584 VgaSave - ok
09:34:32.0734 3584 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:34:32.0734 3584 viaagp - ok
09:34:32.0750 3584 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:34:32.0750 3584 ViaIde - ok
09:34:32.0765 3584 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:34:32.0765 3584 VolSnap - ok
09:34:32.0796 3584 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:34:32.0796 3584 Wanarp - ok
09:34:32.0828 3584 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
09:34:32.0828 3584 wanatw - ok
09:34:32.0875 3584 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
09:34:32.0875 3584 WDC_SAM - ok
09:34:32.0890 3584 WDICA - ok
09:34:32.0921 3584 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:34:32.0921 3584 wdmaud - ok
09:34:32.0968 3584 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:34:32.0968 3584 winachsf - ok
09:34:33.0031 3584 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:34:33.0031 3584 WSTCODEC - ok
09:34:33.0078 3584 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
09:34:33.0078 3584 \Device\Harddisk0\DR0 - ok
09:34:33.0093 3584 Boot (0x1200) (edadc84e916721c327742a541f598811) \Device\Harddisk0\DR0\Partition0
09:34:33.0093 3584 \Device\Harddisk0\DR0\Partition0 - ok
09:34:33.0093 3584 ============================================================
09:34:33.0093 3584 Scan finished
09:34:33.0093 3584 ============================================================
09:34:33.0109 1436 Detected object count: 0
09:34:33.0109 1436 Actual detected object count: 0

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 11 November 2011 - 11:20 AM

Hello

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo


Last edited by gringo_pr on Sat 11 Sep, 2010 11:32 pm, edited 2 times in total.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 mitchell26

mitchell26
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 11 November 2011 - 12:55 PM

ok, ran ComboFix.exe successfully from safe mode, no reboots required. That seems to have worked. everything is running smooth, google and Bing are back, no redirects. Thanks for the help Gringo!

Also, which virus protection program do you guys think is the best one to use?

my combofix.txt:

ComboFix 11-11-11.02 - Chris Kelson 11/11/2011 10:46:28.1.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.662 [GMT -8:00]
Running from: c:\documents and settings\Chris Kelson\Desktop\ComboFix.exe
FW: Personal Firewall Plus *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
c:\documents and settings\All Users\Start Menu\Programs\Startup\TabUserW.exe.lnk
c:\documents and settings\Chris Kelson\WINDOWS
c:\windows\dasetup.log
c:\windows\system32\ijl11.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-10-11 to 2011-11-11 )))))))))))))))))))))))))))))))
.
.
2011-11-08 09:33 . 2011-11-08 17:07 -------- d-----w- C:\bleeping
2011-11-08 08:23 . 2011-11-08 08:23 -------- d-----w- c:\documents and settings\UpdatusUser
2011-11-08 08:23 . 2011-11-08 08:23 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2011-11-08 08:20 . 2011-10-08 04:50 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-11-08 08:20 . 2011-11-08 08:46 286052 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-11-08 08:20 . 2011-11-08 08:46 286052 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-11-08 08:20 . 2011-11-08 08:46 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-11-08 08:19 . 2011-10-08 04:50 65536 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-08 08:19 . 2011-10-08 04:50 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-11-08 08:19 . 2011-10-08 04:50 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-11-08 08:19 . 2011-10-08 04:50 17240064 ----a-w- c:\windows\system32\nvcompiler.dll
2011-11-08 06:50 . 2011-11-08 06:50 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2011-11-08 06:29 . 2011-11-08 06:29 -------- d-----w- c:\documents and settings\Chris Kelson\Local Settings\Application Data\Western_Digital
2011-10-21 03:11 . 2011-10-21 03:11 -------- d-----w- c:\documents and settings\Chris Kelson\Local Settings\Application Data\Chromium
2011-10-21 03:06 . 2011-11-06 03:23 -------- d-----w- c:\documents and settings\Chris Kelson\Application Data\Might & Magic Heroes VI
2011-10-21 03:00 . 2010-06-02 12:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-10-21 03:00 . 2010-06-02 12:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-10-21 03:00 . 2010-06-02 12:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-10-21 03:00 . 2010-05-26 19:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-10-21 03:00 . 2010-05-26 19:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-10-21 03:00 . 2010-05-26 19:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-10-21 03:00 . 2010-05-26 19:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-10-21 03:00 . 2010-02-04 18:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 04:50 . 2009-08-10 01:40 2398016 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-08 04:50 . 2009-08-10 01:40 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-08 04:50 . 2009-07-14 21:35 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-10-08 04:50 . 2009-07-14 21:34 298304 ----a-w- c:\windows\system32\nvsvc32.exe
2011-10-08 04:50 . 2009-07-14 21:34 220992 ----a-w- c:\windows\system32\nvcolor.exe
2011-10-08 04:50 . 2009-07-14 21:34 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-08 04:50 . 2009-07-14 21:34 16744256 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-08 04:50 . 2007-12-05 09:41 5595136 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-08 04:50 . 2007-12-05 09:41 2449408 ----a-w- c:\windows\system32\nvapi.dll
2011-10-08 04:50 . 2007-12-05 09:41 17956864 ----a-w- c:\windows\system32\nvoglnt.dll
2011-10-08 04:50 . 2004-08-04 06:56 4226688 ----a-w- c:\windows\system32\nv4_disp.dll
2011-10-08 04:50 . 2004-08-04 04:29 12791488 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-09-01 01:00 . 2011-07-06 00:10 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-20 00:17 . 2010-03-07 06:18 6284664 ----a-w- C:\Silverlight.exe
2011-07-05 07:46 . 2011-07-05 07:46 5154304 ----a-w- c:\program files\WindowsDefender.msi
2009-10-24 23:14 . 2009-10-24 23:14 1364995 ----a-w- c:\program files\CamStudio20.exe
2011-10-10 16:51 . 2011-05-19 16:48 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-01 149280]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-09-23 303104]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 212992]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-01-06 26112]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2004-08-22 1327104]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2007-03-14 321088]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-15 623992]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
.
c:\documents and settings\Chris Kelson\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-8-30 576000]
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
PowerReg SchedulerV2.exe [2005-4-12 256000]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-1-14 108544]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
AT&T Self Support Tool.lnk - c:\program files\SBC Self Support Tool\bin\matcli.exe [2006-11-4 217088]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-1-5 24576]
EPSON Status Monitor 3 Environment Check.lnk - c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV03.EXE [2000-2-2 222720]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-1-5 156784]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2003-12-10 12:52 380928 ----a-w- c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Maya8.0\\bin\\maya.exe"=
"c:\\Program Files\\FileZilla Client\\filezilla.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\jobstuff\\GS60\\setupTool.exe"=
"c:\\Program Files\\SonicWALL\\SonicWALL Global VPN Client\\SWGVpnClient.exe"=
"c:\\Program Files\\BREW 3.1.5\\sdk\\bin\\BREW_Simulator.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:Gosub60
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
.
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S1 RCFOX;SonicWALL IPsec Driver;c:\windows\SYSTEM32\DRIVERS\RCFOX.SYS [10/12/2008 8:14 PM 86552]
S2 maya65docserver;Maya 6.5 Documentation Server;c:\maya6.5\docs\wrapper.exe -s c:\maya6.5\docs\Wrapper.conf --> c:\maya6.5\docs\wrapper.exe -s c:\maya6.5\docs\Wrapper.conf [?]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [11/8/2011 12:23 AM 2253120]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [9/8/2010 10:41 AM 237056]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [9/8/2010 10:45 AM 1034752]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [9/8/2010 10:44 AM 484352]
S3 misalign;Data Misalignment Exception Kernel Driver;c:\windows\SYSTEM32\DRIVERS\misalign.sys [10/20/2008 8:29 PM 8832]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\SYSTEM32\DRIVERS\rcvpn.sys [10/12/2008 8:13 PM 24876]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\SYSTEM32\DRIVERS\wdcsam.sys [5/14/2011 5:53 PM 11520]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 01:57]
.
2011-11-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 03:20]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Display All Images with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "c:\program files\NetZero\qsacc\appres.dll/227"
Trusted Zone: turbotax.com
TCP: Interfaces\{52B54A82-BC38-4B7C-99FD-1B337C2621A2}: NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{99BD8913-9D94-40B3-9F68-122D4B3896C3}: NameServer = 68.94.156.1,68.94.157.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Chris Kelson\Application Data\Mozilla\Firefox\Profiles\n17zsaa7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/watch?v=lArQZp30Vsw
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{56BF541C-B47A-4466-9042-ED9F112D5579} - c:\windows\system32\fkacfka.dll
AddRemove-Active WebCam - c:\program files\Active WebCam\PY_UNINSTAL.EXE SOFTWARE\PySoft\Act_WebCam
AddRemove-Galactic Civilizations II - c:\games\GalCiv2\UNWISE.EXE
AddRemove-MSNINST - c:\program files\MSN\MsnInstaller\msninst.exe
AddRemove-Steam App 211 - c:\games\steam\steam.exe
AddRemove-UnityWebPlayer - c:\documents and settings\Chris Kelson\Local Settings\Application Data\Unity\WebPlayer\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-11 11:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-113028133-3109920238-1876252334-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:33,5a,25,be,c2,4f,c4,79,8c,8c,cf,90,82,6d,b0,f1,bb,55,e9,04,d2,e3,b0,
93,b3,88,b0,ef,14,86,d4,7c,b3,56,53,ca,13,eb,74,40,a9,48,2b,d7,45,30,28,6b,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-113028133-3109920238-1876252334-1006\Software\SecuROM\License information*]
"datasecu"=hex:6c,1d,37,8b,54,c0,56,4b,aa,1a,31,ef,a2,d8,1b,11,85,2c,2a,4f,69,
a7,a4,d2,41,5f,db,e6,20,0c,0a,9e,35,1c,32,e0,11,70,be,57,ce,8d,85,d9,f7,cb,\
"rkeysecu"=hex:00,dc,6f,2d,be,1c,7e,d6,81,d8,7e,7e,d5,3a,7e,45
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(240)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-11-11 11:03:07
ComboFix-quarantined-files.txt 2011-11-11 19:03
.
Pre-Run: 11,522,859,008 bytes free
Post-Run: 26,061,078,528 bytes free
.
- - End Of File - - 0C82D5DA4167E3EA5D353A3B1503D36B

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 12 November 2011 - 01:02 AM

Greetings

Good That cleaned up some bad guys but I see some other stuff that we need to go after, so I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

Edited by gringo_pr, 12 November 2011 - 01:03 AM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 16 November 2011 - 10:11 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 19 November 2011 - 12:20 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 mitchell26

mitchell26
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 23 November 2011 - 01:12 PM

UGH. so I ran combofix with the CFScript.txt, and now my machine won't reboot. If I move quickly, i can get it to start safe mode or recovery console or any other option, but within 5 seconds or so the monitor goes black. it's like it times-out or something. Help!

Edited by mitchell26, 23 November 2011 - 02:27 PM.


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 23 November 2011 - 08:22 PM

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Remove the USB drive and insert it back in your working computer and navigate to report.txt

    Please note - all text entries are case sensitive
Copy and paste the report.txt for my review
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 28 November 2011 - 01:32 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:45 AM

Posted 02 December 2011 - 03:32 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users