Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojans, redirections, fake Virus alerts - Malwarebytes/Superantispyware don't seem to work


  • This topic is locked This topic is locked
7 replies to this topic

#1 davidgarfield

davidgarfield

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 27 November 2011 - 02:41 PM

Hi everyone:

So, as of about two days ago, my computer seems to have been hit with a variety of problems - although not at the same time. Pretty much I will have one issue, do a scan with Malwarebytes, or another software, clear out the issues, and then another problem comes up. It seems to sort of rotate. But - what I've had so far are 1) redirections to random websites, 2) when I search in google, I'll click on something, and then THAT leads me to a random site, and 3) websites won't load at all, and I just get a warning telling me the site is dangerous, and that I should buy virus protection.

On top of this - as of like two days ago, there was money taken out of my bank account. Not sure that's connected - but seems like it might be. I've already cancelled the card, just in case.

Anyone who's out there and can help, please let me know what I should do next - and what I should post here to help you assist me. I thank you SO much in advance....

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:03 PM

Posted 27 November 2011 - 03:02 PM

Hello, I moved you to the Am I Infected forum.

Please post your last MBAM log.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (2.6.11.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 davidgarfield

davidgarfield
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 27 November 2011 - 03:28 PM

Hi there:

Well, I guess I'll be posting what was suggested in both of the replies - so bear with me - here's the info. Below I've listed the MBAM LOG, the info for the TDSSKILLER, DDS.TXT, and ATTACH.TXT. I didn't do the GMER Log because I have a 64 bit version of Windows.


THIS IS THE FULL LAST MBAM LOG:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8253

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

11/27/2011 3:09:34 PM
mbam-log-2011-11-27 (15-09-34).txt

Scan type: Quick scan
Objects scanned: 186270
Time elapsed: 2 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I RAN THE TDSSKILLER, AND IT TOLD ME NOTHING WAS FOUND. HOWEVER, IF YOU STILL NEED THE LOG OF THAT, HERE IT IS:


15:11:46.0666 1816 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
15:11:46.0994 1816 ============================================================
15:11:46.0994 1816 Current date / time: 2011/11/27 15:11:46.0994
15:11:46.0994 1816 SystemInfo:
15:11:46.0994 1816
15:11:46.0994 1816 OS Version: 6.1.7601 ServicePack: 1.0
15:11:46.0994 1816 Product type: Workstation
15:11:46.0994 1816 ComputerName: DAVIDGARFIELD
15:11:46.0994 1816 UserName: David Garfield
15:11:46.0994 1816 Windows directory: C:\Windows
15:11:46.0994 1816 System windows directory: C:\Windows
15:11:46.0994 1816 Running under WOW64
15:11:46.0994 1816 Processor architecture: Intel x64
15:11:46.0994 1816 Number of processors: 4
15:11:46.0994 1816 Page size: 0x1000
15:11:46.0994 1816 Boot type: Normal boot
15:11:46.0994 1816 ============================================================
15:11:47.0384 1816 Initialize success
15:11:58.0273 4232 ============================================================
15:11:58.0273 4232 Scan started
15:11:58.0273 4232 Mode: Manual;
15:11:58.0273 4232 ============================================================
15:12:01.0049 4232 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:12:01.0049 4232 1394ohci - ok
15:12:01.0112 4232 Acceler (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys
15:12:01.0112 4232 Acceler - ok
15:12:01.0174 4232 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:12:01.0174 4232 ACPI - ok
15:12:01.0283 4232 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:12:01.0283 4232 AcpiPmi - ok
15:12:01.0346 4232 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:12:01.0361 4232 adp94xx - ok
15:12:01.0393 4232 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:12:01.0408 4232 adpahci - ok
15:12:01.0424 4232 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:12:01.0424 4232 adpu320 - ok
15:12:01.0517 4232 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:12:01.0517 4232 AFD - ok
15:12:01.0533 4232 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:12:01.0533 4232 agp440 - ok
15:12:01.0580 4232 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:12:01.0580 4232 aliide - ok
15:12:01.0642 4232 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:12:01.0658 4232 amdide - ok
15:12:01.0705 4232 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:12:01.0705 4232 AmdK8 - ok
15:12:01.0736 4232 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:12:01.0736 4232 AmdPPM - ok
15:12:01.0814 4232 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:12:01.0829 4232 amdsata - ok
15:12:01.0861 4232 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:12:01.0861 4232 amdsbs - ok
15:12:01.0892 4232 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:12:01.0892 4232 amdxata - ok
15:12:01.0939 4232 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:12:01.0939 4232 AppID - ok
15:12:02.0001 4232 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:12:02.0017 4232 arc - ok
15:12:02.0063 4232 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:12:02.0063 4232 arcsas - ok
15:12:02.0079 4232 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:12:02.0079 4232 AsyncMac - ok
15:12:02.0095 4232 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:12:02.0095 4232 atapi - ok
15:12:02.0173 4232 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:12:02.0173 4232 b06bdrv - ok
15:12:02.0188 4232 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:12:02.0188 4232 b57nd60a - ok
15:12:02.0266 4232 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:12:02.0266 4232 Beep - ok
15:12:02.0329 4232 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:12:02.0329 4232 blbdrive - ok
15:12:02.0391 4232 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:12:02.0391 4232 bowser - ok
15:12:02.0407 4232 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:12:02.0407 4232 BrFiltLo - ok
15:12:02.0422 4232 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:12:02.0422 4232 BrFiltUp - ok
15:12:02.0453 4232 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:12:02.0453 4232 Brserid - ok
15:12:02.0469 4232 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:12:02.0485 4232 BrSerWdm - ok
15:12:02.0500 4232 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:12:02.0500 4232 BrUsbMdm - ok
15:12:02.0516 4232 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:12:02.0516 4232 BrUsbSer - ok
15:12:02.0531 4232 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:12:02.0531 4232 BTHMODEM - ok
15:12:02.0672 4232 catchme - ok
15:12:02.0687 4232 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:12:02.0687 4232 cdfs - ok
15:12:02.0765 4232 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:12:02.0765 4232 cdrom - ok
15:12:02.0843 4232 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys
15:12:02.0843 4232 cfwids - ok
15:12:02.0859 4232 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:12:02.0859 4232 circlass - ok
15:12:02.0937 4232 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:12:02.0953 4232 CLFS - ok
15:12:02.0999 4232 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:12:02.0999 4232 CmBatt - ok
15:12:03.0046 4232 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:12:03.0046 4232 cmdide - ok
15:12:03.0124 4232 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:12:03.0140 4232 CNG - ok
15:12:03.0187 4232 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:12:03.0202 4232 Compbatt - ok
15:12:03.0280 4232 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:12:03.0280 4232 CompositeBus - ok
15:12:03.0311 4232 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:12:03.0327 4232 crcdisk - ok
15:12:03.0405 4232 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:12:03.0405 4232 CtClsFlt - ok
15:12:03.0483 4232 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:12:03.0483 4232 DfsC - ok
15:12:03.0514 4232 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:12:03.0514 4232 discache - ok
15:12:03.0561 4232 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:12:03.0561 4232 Disk - ok
15:12:03.0655 4232 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:12:03.0655 4232 drmkaud - ok
15:12:03.0717 4232 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:12:03.0733 4232 DXGKrnl - ok
15:12:03.0857 4232 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:12:03.0935 4232 ebdrv - ok
15:12:04.0013 4232 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:12:04.0013 4232 elxstor - ok
15:12:04.0060 4232 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:12:04.0060 4232 ErrDev - ok
15:12:04.0123 4232 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:12:04.0138 4232 exfat - ok
15:12:04.0154 4232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:12:04.0154 4232 fastfat - ok
15:12:04.0216 4232 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:12:04.0216 4232 fdc - ok
15:12:04.0232 4232 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:12:04.0247 4232 FileInfo - ok
15:12:04.0263 4232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:12:04.0263 4232 Filetrace - ok
15:12:04.0310 4232 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:12:04.0325 4232 flpydisk - ok
15:12:04.0372 4232 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:12:04.0372 4232 FltMgr - ok
15:12:04.0403 4232 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:12:04.0403 4232 FsDepends - ok
15:12:04.0419 4232 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:12:04.0419 4232 Fs_Rec - ok
15:12:04.0481 4232 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:12:04.0497 4232 fvevol - ok
15:12:04.0513 4232 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:12:04.0513 4232 gagp30kx - ok
15:12:04.0591 4232 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:12:04.0591 4232 GEARAspiWDM - ok
15:12:04.0669 4232 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:12:04.0669 4232 hcw85cir - ok
15:12:04.0731 4232 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:12:04.0747 4232 HDAudBus - ok
15:12:04.0809 4232 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:12:04.0809 4232 HECIx64 - ok
15:12:04.0840 4232 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:12:04.0840 4232 HidBatt - ok
15:12:04.0887 4232 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:12:04.0887 4232 HidBth - ok
15:12:04.0903 4232 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:12:04.0918 4232 HidIr - ok
15:12:04.0965 4232 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:12:04.0965 4232 HidUsb - ok
15:12:04.0996 4232 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:12:04.0996 4232 HpSAMD - ok
15:12:05.0074 4232 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:12:05.0090 4232 HTTP - ok
15:12:05.0137 4232 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:12:05.0137 4232 hwpolicy - ok
15:12:05.0199 4232 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:12:05.0215 4232 i8042prt - ok
15:12:05.0293 4232 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
15:12:05.0293 4232 iaStor - ok
15:12:05.0371 4232 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:12:05.0371 4232 iaStorV - ok
15:12:05.0589 4232 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:12:05.0792 4232 igfx - ok
15:12:05.0870 4232 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:12:05.0870 4232 iirsp - ok
15:12:05.0932 4232 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
15:12:05.0932 4232 Impcd - ok
15:12:06.0010 4232 IntcAzAudAddService (491dadcc74327fabc85e0ab80af8f204) C:\Windows\system32\drivers\RTKVHD64.sys
15:12:06.0057 4232 IntcAzAudAddService - ok
15:12:06.0120 4232 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:12:06.0135 4232 IntcDAud - ok
15:12:06.0151 4232 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:12:06.0151 4232 intelide - ok
15:12:06.0166 4232 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:12:06.0166 4232 intelppm - ok
15:12:06.0213 4232 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:12:06.0229 4232 IpFilterDriver - ok
15:12:06.0244 4232 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:12:06.0244 4232 IPMIDRV - ok
15:12:06.0276 4232 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:12:06.0276 4232 IPNAT - ok
15:12:06.0369 4232 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:12:06.0369 4232 IRENUM - ok
15:12:06.0385 4232 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:12:06.0385 4232 isapnp - ok
15:12:06.0416 4232 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:12:06.0416 4232 iScsiPrt - ok
15:12:06.0494 4232 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\Windows\system32\DRIVERS\jmcr.sys
15:12:06.0494 4232 JMCR - ok
15:12:06.0541 4232 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:12:06.0541 4232 kbdclass - ok
15:12:06.0619 4232 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:12:06.0619 4232 kbdhid - ok
15:12:06.0681 4232 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:12:06.0697 4232 KSecDD - ok
15:12:06.0759 4232 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:12:06.0759 4232 KSecPkg - ok
15:12:06.0790 4232 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:12:06.0790 4232 ksthunk - ok
15:12:06.0900 4232 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:12:06.0900 4232 lltdio - ok
15:12:06.0946 4232 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:12:06.0946 4232 LSI_FC - ok
15:12:06.0962 4232 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:12:06.0962 4232 LSI_SAS - ok
15:12:06.0993 4232 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:12:06.0993 4232 LSI_SAS2 - ok
15:12:07.0009 4232 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:12:07.0024 4232 LSI_SCSI - ok
15:12:07.0040 4232 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:12:07.0040 4232 luafv - ok
15:12:07.0056 4232 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:12:07.0056 4232 megasas - ok
15:12:07.0118 4232 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:12:07.0134 4232 MegaSR - ok
15:12:07.0212 4232 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys
15:12:07.0212 4232 mfehidk - ok
15:12:07.0274 4232 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:12:07.0274 4232 mfenlfk - ok
15:12:07.0305 4232 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys
15:12:07.0305 4232 mfewfpk - ok
15:12:07.0368 4232 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:12:07.0368 4232 Modem - ok
15:12:07.0383 4232 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:12:07.0383 4232 monitor - ok
15:12:07.0446 4232 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:12:07.0446 4232 mouclass - ok
15:12:07.0461 4232 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:12:07.0461 4232 mouhid - ok
15:12:07.0524 4232 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:12:07.0524 4232 mountmgr - ok
15:12:07.0539 4232 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:12:07.0539 4232 mpio - ok
15:12:07.0555 4232 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:12:07.0555 4232 mpsdrv - ok
15:12:07.0602 4232 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:12:07.0617 4232 MRxDAV - ok
15:12:07.0664 4232 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:12:07.0664 4232 mrxsmb - ok
15:12:07.0726 4232 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:12:07.0726 4232 mrxsmb10 - ok
15:12:07.0758 4232 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:12:07.0758 4232 mrxsmb20 - ok
15:12:07.0804 4232 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:12:07.0804 4232 msahci - ok
15:12:07.0867 4232 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:12:07.0867 4232 msdsm - ok
15:12:07.0898 4232 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:12:07.0898 4232 Msfs - ok
15:12:07.0945 4232 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:12:07.0945 4232 mshidkmdf - ok
15:12:07.0960 4232 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:12:07.0960 4232 msisadrv - ok
15:12:08.0023 4232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:12:08.0023 4232 MSKSSRV - ok
15:12:08.0038 4232 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:12:08.0038 4232 MSPCLOCK - ok
15:12:08.0085 4232 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:12:08.0085 4232 MSPQM - ok
15:12:08.0148 4232 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:12:08.0163 4232 MsRPC - ok
15:12:08.0210 4232 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:12:08.0210 4232 mssmbios - ok
15:12:08.0257 4232 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:12:08.0272 4232 MSTEE - ok
15:12:08.0288 4232 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:12:08.0288 4232 MTConfig - ok
15:12:08.0335 4232 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:12:08.0335 4232 Mup - ok
15:12:08.0428 4232 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:12:08.0444 4232 NativeWifiP - ok
15:12:08.0522 4232 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:12:08.0553 4232 NDIS - ok
15:12:08.0600 4232 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:12:08.0616 4232 NdisCap - ok
15:12:08.0662 4232 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:12:08.0662 4232 NdisTapi - ok
15:12:08.0725 4232 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:12:08.0725 4232 Ndisuio - ok
15:12:08.0787 4232 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:12:08.0787 4232 NdisWan - ok
15:12:08.0834 4232 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:12:08.0850 4232 NDProxy - ok
15:12:08.0881 4232 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:12:08.0881 4232 NetBIOS - ok
15:12:08.0912 4232 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:12:08.0912 4232 NetBT - ok
15:12:09.0115 4232 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
15:12:09.0255 4232 NETw5s64 - ok
15:12:09.0286 4232 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:12:09.0286 4232 nfrd960 - ok
15:12:09.0349 4232 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:12:09.0349 4232 Npfs - ok
15:12:09.0364 4232 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:12:09.0364 4232 nsiproxy - ok
15:12:09.0442 4232 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:12:09.0489 4232 Ntfs - ok
15:12:09.0536 4232 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:12:09.0536 4232 Null - ok
15:12:09.0630 4232 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:12:09.0630 4232 nusb3hub - ok
15:12:09.0692 4232 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:12:09.0692 4232 nusb3xhc - ok
15:12:09.0786 4232 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
15:12:09.0786 4232 NVHDA - ok
15:12:10.0051 4232 nvlddmkm (011f0596d167d073e6813ae88e7947a9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:12:10.0254 4232 nvlddmkm - ok
15:12:10.0300 4232 nvpciflt (2bcc53e4ba1acc9b63595c4ae7361ad3) C:\Windows\system32\DRIVERS\nvpciflt.sys
15:12:10.0300 4232 nvpciflt - ok
15:12:10.0394 4232 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:12:10.0394 4232 nvraid - ok
15:12:10.0456 4232 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:12:10.0456 4232 nvstor - ok
15:12:10.0519 4232 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:12:10.0519 4232 nv_agp - ok
15:12:10.0597 4232 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:12:10.0597 4232 ohci1394 - ok
15:12:10.0690 4232 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:12:10.0690 4232 Parport - ok
15:12:10.0753 4232 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:12:10.0753 4232 partmgr - ok
15:12:10.0831 4232 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:12:10.0831 4232 pci - ok
15:12:10.0846 4232 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:12:10.0862 4232 pciide - ok
15:12:10.0909 4232 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:12:10.0909 4232 pcmcia - ok
15:12:10.0940 4232 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:12:10.0940 4232 pcw - ok
15:12:10.0971 4232 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:12:10.0987 4232 PEAUTH - ok
15:12:11.0096 4232 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:12:11.0096 4232 PptpMiniport - ok
15:12:11.0143 4232 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:12:11.0143 4232 Processor - ok
15:12:11.0205 4232 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:12:11.0221 4232 Psched - ok
15:12:11.0283 4232 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:12:11.0283 4232 PxHlpa64 - ok
15:12:11.0346 4232 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
15:12:11.0346 4232 qicflt - ok
15:12:11.0424 4232 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:12:11.0470 4232 ql2300 - ok
15:12:11.0486 4232 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:12:11.0486 4232 ql40xx - ok
15:12:11.0533 4232 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:12:11.0533 4232 QWAVEdrv - ok
15:12:11.0548 4232 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:12:11.0564 4232 RasAcd - ok
15:12:11.0626 4232 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:12:11.0626 4232 RasAgileVpn - ok
15:12:11.0689 4232 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:12:11.0689 4232 Rasl2tp - ok
15:12:11.0704 4232 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:12:11.0704 4232 RasPppoe - ok
15:12:11.0767 4232 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:12:11.0767 4232 RasSstp - ok
15:12:11.0814 4232 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:12:11.0829 4232 rdbss - ok
15:12:11.0845 4232 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:12:11.0845 4232 rdpbus - ok
15:12:11.0860 4232 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:12:11.0860 4232 RDPCDD - ok
15:12:11.0923 4232 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:12:11.0923 4232 RDPENCDD - ok
15:12:11.0938 4232 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:12:11.0938 4232 RDPREFMP - ok
15:12:12.0001 4232 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:12:12.0001 4232 RDPWD - ok
15:12:12.0063 4232 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:12:12.0063 4232 rdyboost - ok
15:12:12.0141 4232 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:12:12.0141 4232 rspndr - ok
15:12:12.0188 4232 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:12:12.0188 4232 RTL8167 - ok
15:12:12.0282 4232 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:12:12.0282 4232 SASDIFSV - ok
15:12:12.0297 4232 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:12:12.0297 4232 SASKUTIL - ok
15:12:12.0344 4232 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:12:12.0344 4232 sbp2port - ok
15:12:12.0406 4232 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:12:12.0406 4232 scfilter - ok
15:12:12.0484 4232 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:12:12.0484 4232 secdrv - ok
15:12:12.0547 4232 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:12:12.0547 4232 Serenum - ok
15:12:12.0578 4232 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:12:12.0578 4232 Serial - ok
15:12:12.0625 4232 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:12:12.0625 4232 sermouse - ok
15:12:12.0703 4232 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:12:12.0703 4232 sffdisk - ok
15:12:12.0718 4232 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:12:12.0734 4232 sffp_mmc - ok
15:12:12.0750 4232 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:12:12.0750 4232 sffp_sd - ok
15:12:12.0796 4232 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:12:12.0796 4232 sfloppy - ok
15:12:12.0828 4232 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:12:12.0828 4232 SiSRaid2 - ok
15:12:12.0859 4232 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:12:12.0859 4232 SiSRaid4 - ok
15:12:12.0906 4232 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:12:12.0921 4232 Smb - ok
15:12:12.0937 4232 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:12:12.0937 4232 spldr - ok
15:12:13.0015 4232 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:12:13.0015 4232 srv - ok
15:12:13.0077 4232 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:12:13.0077 4232 srv2 - ok
15:12:13.0093 4232 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:12:13.0108 4232 srvnet - ok
15:12:13.0171 4232 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
15:12:13.0171 4232 stdcfltn - ok
15:12:13.0233 4232 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:12:13.0233 4232 stexstor - ok
15:12:13.0296 4232 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:12:13.0296 4232 swenum - ok
15:12:13.0374 4232 SynTP (36f506c894e1ea59c65faf6398bdf49a) C:\Windows\system32\DRIVERS\SynTP.sys
15:12:13.0405 4232 SynTP - ok
15:12:13.0514 4232 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:12:13.0561 4232 Tcpip - ok
15:12:13.0608 4232 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:12:13.0608 4232 TCPIP6 - ok
15:12:13.0670 4232 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:12:13.0670 4232 tcpipreg - ok
15:12:13.0717 4232 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:12:13.0732 4232 TDPIPE - ok
15:12:13.0748 4232 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:12:13.0748 4232 TDTCP - ok
15:12:13.0810 4232 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:12:13.0810 4232 tdx - ok
15:12:13.0842 4232 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:12:13.0842 4232 TermDD - ok
15:12:13.0920 4232 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:12:13.0920 4232 tssecsrv - ok
15:12:13.0982 4232 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:12:13.0982 4232 TsUsbFlt - ok
15:12:14.0044 4232 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:12:14.0044 4232 tunnel - ok
15:12:14.0107 4232 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
15:12:14.0107 4232 TurboB - ok
15:12:14.0122 4232 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:12:14.0138 4232 uagp35 - ok
15:12:14.0185 4232 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:12:14.0185 4232 udfs - ok
15:12:14.0247 4232 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:12:14.0263 4232 uliagpkx - ok
15:12:14.0278 4232 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:12:14.0278 4232 umbus - ok
15:12:14.0310 4232 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:12:14.0310 4232 UmPass - ok
15:12:14.0372 4232 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:12:14.0372 4232 USBAAPL64 - ok
15:12:14.0434 4232 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:12:14.0434 4232 usbaudio - ok
15:12:14.0497 4232 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:12:14.0497 4232 usbccgp - ok
15:12:14.0544 4232 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:12:14.0575 4232 usbcir - ok
15:12:14.0622 4232 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:12:14.0637 4232 usbehci - ok
15:12:14.0715 4232 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:12:14.0731 4232 usbhub - ok
15:12:14.0746 4232 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:12:14.0746 4232 usbohci - ok
15:12:14.0824 4232 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:12:14.0824 4232 usbprint - ok
15:12:14.0856 4232 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:12:14.0856 4232 USBSTOR - ok
15:12:14.0887 4232 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:12:14.0887 4232 usbuhci - ok
15:12:14.0965 4232 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:12:14.0965 4232 usbvideo - ok
15:12:15.0027 4232 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:12:15.0027 4232 vdrvroot - ok
15:12:15.0074 4232 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:12:15.0074 4232 vga - ok
15:12:15.0090 4232 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:12:15.0105 4232 VgaSave - ok
15:12:15.0136 4232 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:12:15.0136 4232 vhdmp - ok
15:12:15.0199 4232 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:12:15.0199 4232 viaide - ok
15:12:15.0230 4232 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:12:15.0230 4232 volmgr - ok
15:12:15.0277 4232 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:12:15.0292 4232 volmgrx - ok
15:12:15.0308 4232 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:12:15.0324 4232 volsnap - ok
15:12:15.0339 4232 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:12:15.0339 4232 vsmraid - ok
15:12:15.0370 4232 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:12:15.0370 4232 vwifibus - ok
15:12:15.0386 4232 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:12:15.0386 4232 vwififlt - ok
15:12:15.0448 4232 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:12:15.0448 4232 vwifimp - ok
15:12:15.0480 4232 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:12:15.0480 4232 WacomPen - ok
15:12:15.0558 4232 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:12:15.0558 4232 WANARP - ok
15:12:15.0589 4232 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:12:15.0589 4232 Wanarpv6 - ok
15:12:15.0651 4232 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:12:15.0651 4232 Wd - ok
15:12:15.0729 4232 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:12:15.0760 4232 Wdf01000 - ok
15:12:15.0838 4232 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:12:15.0838 4232 WfpLwf - ok
15:12:15.0870 4232 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
15:12:15.0870 4232 WimFltr - ok
15:12:15.0901 4232 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:12:15.0901 4232 WIMMount - ok
15:12:15.0994 4232 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:12:16.0010 4232 WinUsb - ok
15:12:16.0072 4232 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:12:16.0072 4232 WmiAcpi - ok
15:12:16.0135 4232 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:12:16.0150 4232 ws2ifsl - ok
15:12:16.0213 4232 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:12:16.0213 4232 WudfPf - ok
15:12:16.0275 4232 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:12:16.0291 4232 WUDFRd - ok
15:12:16.0322 4232 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:12:16.0322 4232 \Device\Harddisk0\DR0 - ok
15:12:16.0338 4232 Boot (0x1200) (18ae7c98ae07d726ef8ace2808fa44c5) \Device\Harddisk0\DR0\Partition0
15:12:16.0338 4232 \Device\Harddisk0\DR0\Partition0 - ok
15:12:16.0353 4232 Boot (0x1200) (5f15e0e027dc6cd6cbfa945e652fbe66) \Device\Harddisk0\DR0\Partition1
15:12:16.0353 4232 \Device\Harddisk0\DR0\Partition1 - ok
15:12:16.0353 4232 ============================================================
15:12:16.0353 4232 Scan finished
15:12:16.0353 4232 ============================================================
15:12:16.0369 4988 Detected object count: 0
15:12:16.0369 4988 Actual detected object count: 0
15:12:48.0099 4944 Deinitialize success

Edited by Orange Blossom, 27 November 2011 - 03:38 PM.
Removed DDS logs. ~ OB


#4 davidgarfield

davidgarfield
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 27 November 2011 - 03:36 PM

Also - perhaps worth mentioning - if I go into my Task Manager under Processes, if I click for Processes for All Users, a process entitled PING.EXE shows up, and seems to take up a lot of CPU. I've closed it down, but then eventually it just opens up again. Not sure if this is useful - but figured I'd pass along.

Again - thanks for helping out with this!

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,051 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:03 PM

Posted 27 November 2011 - 03:37 PM

Oops. boopme moved this topic without my knowledge. please follow boopme's instructions.

I'm removing the DDS logs as they are restricted to the log forum.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:03 PM

Posted 27 November 2011 - 03:56 PM

Rats!! Had I known it was a PING EXE infection, I would have left it. I thought I would save you some time.
But now we need you to go back and post the DDS logs again.
Title the new post

PING EXE infection


If needed

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 davidgarfield

davidgarfield
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 27 November 2011 - 04:41 PM

Thanks so much - just posted in the new thread:

http://www.bleepingcomputer.com/forums/topic429597.html

Thanks!

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,051 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:03 PM

Posted 27 November 2011 - 06:28 PM

Hello,

Now for the hard and frustrating part: waiting.

Now that you have posted a log, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users