Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus is preventing Malwarebytes from running in safemode


  • This topic is locked This topic is locked
3 replies to this topic

#1 NYCBella

NYCBella

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 04 December 2011 - 12:09 PM

It appears as though a virus is preventing Malwarebytes from running, even in safemode.

I downloaded TDSSKiller.exe and there were 4 medium threats -- which are quarantined.

I also downloaded rKill.exe (see log below).

As a final attempt I downloaded combofix and the report is below, but I still can't run MBAM in safemode. Are there any experts that know how I can remove this virus...? Thanks.

------------------------------------------------------------

23:54:19.0399 5960 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
23:54:19.0664 5960 ============================================================
23:54:19.0664 5960 Current date / time: 2011/12/03 23:54:19.0664
23:54:19.0664 5960 SystemInfo:
23:54:19.0664 5960
23:54:19.0664 5960 OS Version: 6.1.7601 ServicePack: 1.0
23:54:19.0664 5960 Product type: Workstation
23:54:19.0664 5960 ComputerName: ERICANICOLE
23:54:19.0664 5960 UserName: Erica Nicole
23:54:19.0664 5960 Windows directory: C:\Windows
23:54:19.0664 5960 System windows directory: C:\Windows
23:54:19.0664 5960 Running under WOW64
23:54:19.0664 5960 Processor architecture: Intel x64
23:54:19.0664 5960 Number of processors: 8
23:54:19.0664 5960 Page size: 0x1000
23:54:19.0664 5960 Boot type: Normal boot
23:54:19.0664 5960 ============================================================
23:54:20.0959 5960 Initialize success
23:54:28.0415 3216 ============================================================
23:54:28.0415 3216 Scan started
23:54:28.0415 3216 Mode: Manual; SigCheck; TDLFS;
23:54:28.0415 3216 ============================================================
23:54:30.0896 3216 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:54:31.0068 3216 1394ohci - ok
23:54:31.0114 3216 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:54:31.0161 3216 ACPI - ok
23:54:31.0692 3216 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:54:31.0879 3216 AcpiPmi - ok
23:54:32.0518 3216 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:54:32.0565 3216 adp94xx - ok
23:54:32.0955 3216 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:54:32.0971 3216 adpahci - ok
23:54:33.0002 3216 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:54:33.0018 3216 adpu320 - ok
23:54:33.0111 3216 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
23:54:33.0205 3216 AFD - ok
23:54:33.0735 3216 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:54:33.0782 3216 agp440 - ok
23:54:33.0813 3216 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:54:33.0829 3216 aliide - ok
23:54:33.0844 3216 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:54:33.0860 3216 amdide - ok
23:54:33.0891 3216 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:54:33.0985 3216 AmdK8 - ok
23:54:34.0500 3216 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
23:54:34.0578 3216 AmdPPM - ok
23:54:34.0624 3216 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:54:34.0671 3216 amdsata - ok
23:54:35.0186 3216 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:54:35.0202 3216 amdsbs - ok
23:54:35.0233 3216 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:54:35.0248 3216 amdxata - ok
23:54:35.0295 3216 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
23:54:35.0326 3216 ApfiltrService - ok
23:54:35.0841 3216 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:54:35.0919 3216 AppID - ok
23:54:35.0950 3216 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:54:35.0966 3216 arc - ok
23:54:35.0997 3216 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:54:36.0013 3216 arcsas - ok
23:54:36.0512 3216 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
23:54:36.0543 3216 ArcSoftKsUFilter - ok
23:54:36.0574 3216 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:54:36.0777 3216 AsyncMac - ok
23:54:37.0214 3216 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:54:37.0245 3216 atapi - ok
23:54:37.0339 3216 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
23:54:37.0495 3216 athr - ok
23:54:38.0103 3216 athrusb (788914c42ad8318f1dd7a565eaffb049) C:\Windows\system32\DRIVERS\athrxusb.sys
23:54:38.0181 3216 athrusb ( UnsignedFile.Multi.Generic ) - warning
23:54:38.0181 3216 athrusb - detected UnsignedFile.Multi.Generic (1)
23:54:38.0712 3216 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:54:38.0836 3216 b06bdrv - ok
23:54:39.0492 3216 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:54:39.0554 3216 b57nd60a - ok
23:54:39.0601 3216 bcm (9053de05e07d4ea37537c5b31f20c8b6) C:\Windows\system32\DRIVERS\drxvi314_64.sys
23:54:39.0632 3216 bcm - ok
23:54:40.0162 3216 bcmbusctr (a0dcf2f105e554a95e195786d026d9fe) C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
23:54:40.0194 3216 bcmbusctr - ok
23:54:40.0225 3216 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:54:40.0350 3216 Beep - ok
23:54:40.0880 3216 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:54:40.0942 3216 blbdrive - ok
23:54:40.0974 3216 BMLoad (98ba874a59481d50916febcb472fe69f) C:\Windows\system32\drivers\BMLoad.sys
23:54:41.0005 3216 BMLoad ( UnsignedFile.Multi.Generic ) - warning
23:54:41.0005 3216 BMLoad - detected UnsignedFile.Multi.Generic (1)
23:54:41.0535 3216 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:54:41.0629 3216 bowser - ok
23:54:41.0972 3216 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:54:42.0097 3216 BrFiltLo - ok
23:54:42.0612 3216 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:54:42.0658 3216 BrFiltUp - ok
23:54:42.0705 3216 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:54:42.0799 3216 Brserid - ok
23:54:43.0298 3216 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:54:43.0360 3216 BrSerWdm - ok
23:54:43.0407 3216 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:54:43.0438 3216 BrUsbMdm - ok
23:54:43.0953 3216 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:54:44.0031 3216 BrUsbSer - ok
23:54:44.0062 3216 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:54:44.0094 3216 BthEnum - ok
23:54:44.0624 3216 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:54:44.0671 3216 BTHMODEM - ok
23:54:44.0718 3216 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:54:44.0796 3216 BthPan - ok
23:54:45.0342 3216 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
23:54:45.0435 3216 BTHPORT - ok
23:54:45.0966 3216 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
23:54:46.0012 3216 BTHUSB - ok
23:54:46.0059 3216 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
23:54:46.0090 3216 btusbflt - ok
23:54:46.0605 3216 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
23:54:46.0652 3216 btwaudio - ok
23:54:46.0683 3216 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
23:54:46.0714 3216 btwavdt - ok
23:54:46.0761 3216 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
23:54:46.0777 3216 btwl2cap - ok
23:54:46.0886 3216 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
23:54:46.0917 3216 btwrchid - ok
23:54:46.0917 3216 catchme - ok
23:54:46.0948 3216 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:54:47.0011 3216 cdfs - ok
23:54:47.0120 3216 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:54:47.0198 3216 cdrom - ok
23:54:47.0760 3216 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:54:47.0838 3216 circlass - ok
23:54:47.0900 3216 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:54:47.0962 3216 CLFS - ok
23:54:48.0477 3216 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:54:48.0555 3216 CmBatt - ok
23:54:48.0680 3216 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:54:48.0711 3216 cmdide - ok
23:54:48.0820 3216 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
23:54:48.0867 3216 CNG - ok
23:54:49.0507 3216 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:54:49.0554 3216 Compbatt - ok
23:54:49.0600 3216 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:54:49.0663 3216 CompositeBus - ok
23:54:50.0178 3216 cpuz132 - ok
23:54:50.0692 3216 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:54:50.0724 3216 crcdisk - ok
23:54:50.0802 3216 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:54:50.0895 3216 DfsC - ok
23:54:51.0394 3216 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:54:51.0472 3216 discache - ok
23:54:51.0504 3216 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:54:51.0535 3216 Disk - ok
23:54:51.0660 3216 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:54:51.0706 3216 drmkaud - ok
23:54:51.0816 3216 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:54:51.0847 3216 DXGKrnl - ok
23:54:52.0471 3216 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:54:52.0954 3216 ebdrv - ok
23:54:53.0048 3216 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:54:53.0064 3216 elxstor - ok
23:54:53.0282 3216 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:54:53.0360 3216 ErrDev - ok
23:54:53.0844 3216 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:54:53.0937 3216 exfat - ok
23:54:54.0702 3216 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:54:54.0811 3216 fastfat - ok
23:54:55.0326 3216 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:54:55.0388 3216 fdc - ok
23:54:55.0450 3216 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:54:55.0482 3216 FileInfo - ok
23:54:55.0981 3216 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:54:56.0090 3216 Filetrace - ok
23:54:56.0542 3216 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:54:56.0574 3216 flpydisk - ok
23:54:56.0667 3216 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:54:56.0683 3216 FltMgr - ok
23:54:56.0823 3216 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:54:56.0839 3216 FsDepends - ok
23:54:56.0948 3216 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:54:56.0979 3216 fssfltr - ok
23:54:57.0010 3216 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:54:57.0026 3216 Fs_Rec - ok
23:54:57.0104 3216 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:54:57.0135 3216 fvevol - ok
23:54:57.0634 3216 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:54:57.0681 3216 gagp30kx - ok
23:54:57.0728 3216 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:54:57.0744 3216 GEARAspiWDM - ok
23:54:57.0775 3216 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:54:57.0853 3216 hcw85cir - ok
23:54:58.0383 3216 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:54:58.0430 3216 HdAudAddService - ok
23:54:58.0477 3216 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:54:58.0555 3216 HDAudBus - ok
23:54:59.0070 3216 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:54:59.0132 3216 HidBatt - ok
23:54:59.0179 3216 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:54:59.0241 3216 HidBth - ok
23:54:59.0756 3216 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:54:59.0803 3216 HidIr - ok
23:54:59.0850 3216 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:54:59.0912 3216 HidUsb - ok
23:55:00.0442 3216 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:55:00.0489 3216 HpSAMD - ok
23:55:00.0583 3216 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
23:55:00.0661 3216 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
23:55:00.0661 3216 HTCAND64 - detected UnsignedFile.Multi.Generic (1)
23:55:01.0207 3216 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:55:01.0300 3216 HTTP - ok
23:55:01.0987 3216 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:55:02.0034 3216 hwpolicy - ok
23:55:02.0080 3216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:55:02.0112 3216 i8042prt - ok
23:55:02.0268 3216 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
23:55:02.0299 3216 iaStor - ok
23:55:02.0408 3216 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:55:02.0424 3216 iaStorV - ok
23:55:02.0580 3216 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:55:02.0611 3216 iirsp - ok
23:55:02.0642 3216 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\drivers\Impcd.sys
23:55:02.0720 3216 Impcd - ok
23:55:02.0860 3216 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
23:55:02.0907 3216 IntcAzAudAddService - ok
23:55:03.0609 3216 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:55:03.0640 3216 intelide - ok
23:55:03.0796 3216 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:55:03.0874 3216 intelppm - ok
23:55:03.0937 3216 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:55:04.0015 3216 IpFilterDriver - ok
23:55:04.0124 3216 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:55:04.0186 3216 IPMIDRV - ok
23:55:04.0342 3216 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:55:04.0420 3216 IPNAT - ok
23:55:04.0483 3216 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:55:04.0545 3216 IRENUM - ok
23:55:04.0608 3216 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:55:04.0623 3216 isapnp - ok
23:55:04.0779 3216 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:55:04.0810 3216 iScsiPrt - ok
23:55:04.0904 3216 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:55:04.0951 3216 kbdclass - ok
23:55:05.0013 3216 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:55:05.0091 3216 kbdhid - ok
23:55:05.0263 3216 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
23:55:05.0310 3216 KL1 - ok
23:55:05.0996 3216 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
23:55:06.0012 3216 kl2 - ok
23:55:06.0058 3216 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
23:55:06.0090 3216 KLIF - ok
23:55:06.0776 3216 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
23:55:06.0807 3216 KLIM6 - ok
23:55:06.0838 3216 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
23:55:06.0854 3216 klmouflt - ok
23:55:06.0901 3216 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
23:55:06.0948 3216 KSecDD - ok
23:55:07.0478 3216 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
23:55:07.0525 3216 KSecPkg - ok
23:55:07.0556 3216 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:55:07.0618 3216 ksthunk - ok
23:55:07.0665 3216 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:55:07.0728 3216 lltdio - ok
23:55:08.0258 3216 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:55:08.0289 3216 LSI_FC - ok
23:55:08.0320 3216 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:55:08.0352 3216 LSI_SAS - ok
23:55:08.0398 3216 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:55:08.0414 3216 LSI_SAS2 - ok
23:55:08.0944 3216 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:55:08.0976 3216 LSI_SCSI - ok
23:55:09.0038 3216 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:55:09.0132 3216 luafv - ok
23:55:09.0693 3216 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:55:09.0724 3216 megasas - ok
23:55:09.0771 3216 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:55:09.0802 3216 MegaSR - ok
23:55:09.0834 3216 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:55:09.0912 3216 Modem - ok
23:55:10.0426 3216 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:55:10.0504 3216 monitor - ok
23:55:10.0551 3216 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:55:10.0582 3216 mouclass - ok
23:55:11.0113 3216 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:55:11.0191 3216 mouhid - ok
23:55:11.0238 3216 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:55:11.0284 3216 mountmgr - ok
23:55:11.0799 3216 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:55:11.0846 3216 mpio - ok
23:55:11.0877 3216 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:55:11.0940 3216 mpsdrv - ok
23:55:12.0470 3216 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:55:12.0610 3216 MRxDAV - ok
23:55:13.0141 3216 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:55:13.0219 3216 mrxsmb - ok
23:55:13.0281 3216 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:55:13.0344 3216 mrxsmb10 - ok
23:55:13.0890 3216 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:55:13.0936 3216 mrxsmb20 - ok
23:55:14.0014 3216 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:55:14.0046 3216 msahci - ok
23:55:14.0576 3216 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:55:14.0592 3216 msdsm - ok
23:55:14.0654 3216 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:55:14.0685 3216 Msfs - ok
23:55:14.0716 3216 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:55:14.0794 3216 mshidkmdf - ok
23:55:15.0340 3216 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:55:15.0372 3216 msisadrv - ok
23:55:15.0403 3216 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:55:15.0465 3216 MSKSSRV - ok
23:55:15.0496 3216 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:55:15.0543 3216 MSPCLOCK - ok
23:55:16.0058 3216 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:55:16.0152 3216 MSPQM - ok
23:55:16.0198 3216 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:55:16.0230 3216 MsRPC - ok
23:55:16.0767 3216 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:55:16.0799 3216 mssmbios - ok
23:55:16.0848 3216 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:55:16.0913 3216 MSTEE - ok
23:55:16.0940 3216 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:55:16.0994 3216 MTConfig - ok
23:55:17.0512 3216 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:55:17.0553 3216 Mup - ok
23:55:17.0589 3216 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:55:17.0639 3216 NativeWifiP - ok
23:55:17.0700 3216 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:55:17.0734 3216 NDIS - ok
23:55:18.0389 3216 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:55:18.0483 3216 NdisCap - ok
23:55:18.0498 3216 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:55:18.0561 3216 NdisTapi - ok
23:55:18.0748 3216 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:55:18.0810 3216 Ndisuio - ok
23:55:18.0904 3216 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:55:19.0013 3216 NdisWan - ok
23:55:19.0216 3216 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:55:19.0325 3216 NDProxy - ok
23:55:19.0403 3216 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:55:19.0465 3216 NetBIOS - ok
23:55:19.0668 3216 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:55:19.0746 3216 NetBT - ok
23:55:19.0824 3216 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:55:19.0855 3216 nfrd960 - ok
23:55:19.0996 3216 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:55:20.0058 3216 Npfs - ok
23:55:20.0089 3216 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:55:20.0167 3216 nsiproxy - ok
23:55:20.0323 3216 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:55:20.0370 3216 Ntfs - ok
23:55:20.0823 3216 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:55:20.0885 3216 Null - ok
23:55:20.0916 3216 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
23:55:20.0932 3216 NVHDA - ok
23:55:21.0150 3216 nvlddmkm (9d1b69708732b57d1dbc0f648692a04b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:55:21.0291 3216 nvlddmkm - ok
23:55:21.0821 3216 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:55:21.0852 3216 nvraid - ok
23:55:21.0883 3216 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:55:21.0899 3216 nvstor - ok
23:55:21.0946 3216 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:55:21.0961 3216 nv_agp - ok
23:55:22.0492 3216 NWADI (952ab3bdef38a7391aa05bc8c6028f15) C:\Windows\system32\DRIVERS\NWADIenum.sys
23:55:22.0585 3216 NWADI - ok
23:55:23.0178 3216 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:55:23.0209 3216 ohci1394 - ok
23:55:23.0256 3216 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:55:23.0272 3216 Parport - ok
23:55:23.0802 3216 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:55:23.0849 3216 partmgr - ok
23:55:23.0911 3216 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:55:23.0974 3216 pccsmcfd - ok
23:55:24.0005 3216 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:55:24.0036 3216 pci - ok
23:55:24.0551 3216 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:55:24.0582 3216 pciide - ok
23:55:24.0629 3216 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:55:24.0660 3216 pcmcia - ok
23:55:24.0723 3216 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS
23:55:24.0769 3216 PCTINDIS5X64 - ok
23:55:25.0284 3216 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:55:25.0315 3216 pcw - ok
23:55:25.0378 3216 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:55:25.0471 3216 PEAUTH - ok
23:55:26.0189 3216 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
23:55:26.0251 3216 pnetmdm - ok
23:55:26.0361 3216 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:55:26.0548 3216 PptpMiniport - ok
23:55:26.0907 3216 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:55:26.0938 3216 Processor - ok
23:55:27.0000 3216 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:55:27.0078 3216 Psched - ok
23:55:27.0577 3216 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:55:27.0624 3216 PxHlpa64 - ok
23:55:27.0687 3216 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:55:27.0718 3216 ql2300 - ok
23:55:28.0389 3216 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:55:28.0404 3216 ql40xx - ok
23:55:28.0591 3216 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:55:28.0654 3216 QWAVEdrv - ok
23:55:28.0716 3216 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:55:28.0779 3216 RasAcd - ok
23:55:28.0841 3216 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:55:28.0888 3216 RasAgileVpn - ok
23:55:29.0059 3216 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:55:29.0153 3216 Rasl2tp - ok
23:55:29.0200 3216 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:55:29.0278 3216 RasPppoe - ok
23:55:29.0340 3216 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:55:29.0434 3216 RasSstp - ok
23:55:29.0933 3216 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:55:30.0042 3216 rdbss - ok
23:55:30.0105 3216 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:55:30.0183 3216 rdpbus - ok
23:55:30.0666 3216 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:55:30.0760 3216 RDPCDD - ok
23:55:30.0838 3216 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:55:30.0900 3216 RDPENCDD - ok
23:55:31.0041 3216 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:55:31.0103 3216 RDPREFMP - ok
23:55:31.0165 3216 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:55:31.0212 3216 RDPWD - ok
23:55:31.0275 3216 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:55:31.0306 3216 rdyboost - ok
23:55:31.0384 3216 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
23:55:31.0415 3216 regi - ok
23:55:31.0571 3216 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:55:31.0602 3216 RFCOMM - ok
23:55:31.0618 3216 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
23:55:31.0649 3216 rimspci - ok
23:55:31.0743 3216 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:55:31.0805 3216 RimVSerPort - ok
23:55:31.0961 3216 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
23:55:32.0039 3216 risdsnpe - ok
23:55:32.0148 3216 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
23:55:32.0257 3216 ROOTMODEM - ok
23:55:32.0398 3216 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:55:32.0491 3216 rspndr - ok
23:55:32.0538 3216 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:55:32.0569 3216 sbp2port - ok
23:55:32.0679 3216 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:55:32.0741 3216 scfilter - ok
23:55:32.0913 3216 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
23:55:32.0959 3216 sdbus - ok
23:55:32.0991 3216 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:55:33.0069 3216 secdrv - ok
23:55:33.0147 3216 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:55:33.0209 3216 Serenum - ok
23:55:33.0381 3216 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:55:33.0412 3216 Serial - ok
23:55:33.0474 3216 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:55:33.0537 3216 sermouse - ok
23:55:33.0630 3216 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
23:55:33.0708 3216 SFEP - ok
23:55:33.0880 3216 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:55:33.0973 3216 sffdisk - ok
23:55:34.0083 3216 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:55:34.0129 3216 sffp_mmc - ok
23:55:34.0285 3216 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:55:34.0332 3216 sffp_sd - ok
23:55:34.0379 3216 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:55:34.0395 3216 sfloppy - ok
23:55:34.0519 3216 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:55:34.0551 3216 SiSRaid2 - ok
23:55:34.0707 3216 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:55:34.0722 3216 SiSRaid4 - ok
23:55:34.0753 3216 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:55:34.0800 3216 Smb - ok
23:55:34.0878 3216 snapman (b4cf45b6554c4c5c7fc2909f1c10427b) C:\Windows\system32\DRIVERS\snapman.sys
23:55:34.0909 3216 snapman - ok
23:55:35.0019 3216 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:55:35.0065 3216 spldr - ok
23:55:35.0253 3216 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:55:35.0346 3216 srv - ok
23:55:35.0923 3216 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:55:35.0955 3216 srv2 - ok
23:55:36.0142 3216 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:55:36.0220 3216 srvnet - ok
23:55:36.0313 3216 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:55:36.0345 3216 stexstor - ok
23:55:36.0563 3216 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:55:36.0594 3216 swenum - ok
23:55:36.0719 3216 swmsflt (8715291c6de589a3ed0b18b0bec1c37f) C:\Windows\System32\drivers\swmsflt.sys
23:55:36.0750 3216 swmsflt - ok
23:55:36.0844 3216 swmx00 (75e4cfcef62d3cf4b3b0b0d7801278e7) C:\Windows\system32\DRIVERS\swmx00.sys
23:55:36.0875 3216 swmx00 - ok
23:55:37.0047 3216 SWNC5E00 (43bdd56b5419d4458ec5241c39a52e0c) C:\Windows\system32\DRIVERS\SWNC5E00.sys
23:55:37.0062 3216 SWNC5E00 - ok
23:55:37.0234 3216 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:55:37.0281 3216 Tcpip - ok
23:55:38.0029 3216 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:55:38.0092 3216 TCPIP6 - ok
23:55:38.0653 3216 tcpipBM (7734bdcf76898452c8d83745da1b86fa) C:\Windows\system32\drivers\tcpipBM.sys
23:55:38.0700 3216 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
23:55:38.0700 3216 tcpipBM - detected UnsignedFile.Multi.Generic (1)
23:55:38.0747 3216 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:55:38.0809 3216 tcpipreg - ok
23:55:39.0340 3216 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:55:39.0433 3216 TDPIPE - ok
23:55:39.0465 3216 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:55:39.0527 3216 TDTCP - ok
23:55:39.0901 3216 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:55:39.0964 3216 tdx - ok
23:55:40.0011 3216 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:55:40.0026 3216 TermDD - ok
23:55:40.0104 3216 tifsfilter (644c4d0cd5edec837cdaa358f4406457) C:\Windows\system32\DRIVERS\tifsfilt.sys
23:55:40.0135 3216 tifsfilter - ok
23:55:40.0650 3216 timounter (8719ed3b8c9c24168da7198a4f5922a3) C:\Windows\system32\DRIVERS\timntr.sys
23:55:40.0697 3216 timounter - ok
23:55:41.0415 3216 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:55:41.0524 3216 tssecsrv - ok
23:55:41.0695 3216 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:55:41.0742 3216 TsUsbFlt - ok
23:55:41.0836 3216 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:55:41.0914 3216 tunnel - ok
23:55:42.0085 3216 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
23:55:42.0117 3216 TVICHW64 - ok
23:55:42.0148 3216 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:55:42.0195 3216 uagp35 - ok
23:55:42.0241 3216 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:55:42.0288 3216 udfs - ok
23:55:42.0397 3216 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:55:42.0444 3216 uliagpkx - ok
23:55:42.0600 3216 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:55:42.0663 3216 umbus - ok
23:55:42.0725 3216 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:55:42.0787 3216 UmPass - ok
23:55:42.0897 3216 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:55:42.0944 3216 usbccgp - ok
23:55:43.0115 3216 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:55:43.0178 3216 usbcir - ok
23:55:43.0209 3216 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:55:43.0240 3216 usbehci - ok
23:55:43.0349 3216 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:55:43.0412 3216 usbhub - ok
23:55:43.0599 3216 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:55:43.0630 3216 usbohci - ok
23:55:43.0739 3216 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:55:43.0786 3216 usbprint - ok
23:55:43.0895 3216 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:55:43.0958 3216 usbscan - ok
23:55:44.0145 3216 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
23:55:44.0223 3216 USBSTOR - ok
23:55:44.0332 3216 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:55:44.0394 3216 usbuhci - ok
23:55:44.0582 3216 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:55:44.0628 3216 usbvideo - ok
23:55:44.0706 3216 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
23:55:44.0769 3216 usb_rndisx - ok
23:55:44.0862 3216 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:55:44.0894 3216 vdrvroot - ok
23:55:45.0440 3216 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:55:45.0502 3216 vga - ok
23:55:45.0518 3216 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:55:45.0580 3216 VgaSave - ok
23:55:45.0642 3216 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:55:45.0674 3216 vhdmp - ok
23:55:46.0188 3216 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:55:46.0220 3216 viaide - ok
23:55:46.0235 3216 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:55:46.0266 3216 volmgr - ok
23:55:46.0329 3216 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:55:46.0344 3216 volmgrx - ok
23:55:46.0922 3216 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:55:46.0968 3216 volsnap - ok
23:55:47.0031 3216 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:55:47.0062 3216 vsmraid - ok
23:55:47.0624 3216 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:55:47.0686 3216 vwifibus - ok
23:55:47.0811 3216 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:55:47.0873 3216 vwififlt - ok
23:55:48.0388 3216 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:55:48.0435 3216 vwifimp - ok
23:55:48.0482 3216 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:55:48.0497 3216 WacomPen - ok
23:55:48.0560 3216 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:55:48.0638 3216 WANARP - ok
23:55:48.0638 3216 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:55:48.0684 3216 Wanarpv6 - ok
23:55:49.0230 3216 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:55:49.0246 3216 Wd - ok
23:55:49.0293 3216 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:55:49.0324 3216 Wdf01000 - ok
23:55:49.0995 3216 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:55:50.0073 3216 WfpLwf - ok
23:55:50.0104 3216 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:55:50.0120 3216 WIMMount - ok
23:55:50.0135 3216 WinFLdrv - ok
23:55:50.0213 3216 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:55:50.0244 3216 WinUsb - ok
23:55:50.0790 3216 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:55:50.0837 3216 WmiAcpi - ok
23:55:50.0884 3216 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:55:50.0946 3216 ws2ifsl - ok
23:55:51.0040 3216 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:55:51.0071 3216 WudfPf - ok
23:55:51.0570 3216 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:55:51.0680 3216 WUDFRd - ok
23:55:51.0758 3216 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
23:55:51.0836 3216 yukonw7 - ok
23:55:51.0945 3216 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:55:52.0553 3216 \Device\Harddisk0\DR0 - ok
23:55:52.0553 3216 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
23:55:52.0725 3216 \Device\Harddisk2\DR2 - ok
23:55:52.0725 3216 Boot (0x1200) (27020c5e7dc57897ae5e0345a39837ad) \Device\Harddisk0\DR0\Partition0
23:55:52.0725 3216 \Device\Harddisk0\DR0\Partition0 - ok
23:55:52.0756 3216 Boot (0x1200) (6a2d44309ba13adaa98d9d49157a912f) \Device\Harddisk0\DR0\Partition1
23:55:52.0756 3216 \Device\Harddisk0\DR0\Partition1 - ok
23:55:52.0756 3216 Boot (0x1200) (addf29901e69e078d40bf358f3fa3ca3) \Device\Harddisk2\DR2\Partition0
23:55:52.0756 3216 \Device\Harddisk2\DR2\Partition0 - ok
23:55:52.0756 3216 ============================================================
23:55:52.0756 3216 Scan finished
23:55:52.0756 3216 ============================================================
23:55:52.0787 7144 Detected object count: 4
23:55:52.0787 7144 Actual detected object count: 4
23:56:04.0690 7144 C:\Windows\system32\DRIVERS\athrxusb.sys - copied to quarantine
23:56:04.0706 7144 athrusb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:56:05.0220 7144 C:\Windows\system32\drivers\BMLoad.sys - copied to quarantine
23:56:05.0220 7144 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:56:05.0283 7144 C:\Windows\system32\Drivers\ANDROIDUSB.sys - copied to quarantine
23:56:05.0283 7144 HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:56:05.0314 7144 C:\Windows\system32\drivers\tcpipBM.sys - copied to quarantine
23:56:05.0314 7144 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:56:09.0261 5596 Deinitialize success

------------------------------------------------------------
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/03/2011 at 23:31:57.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Users\Erica Nicole\AppData\Local\Akamai\netsession_win.exe
C:\Users\Erica Nicole\AppData\Local\Akamai\netsession_win.exe
C:\Users\Erica Nicole\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWow64\rundll32.exe


Rkill completed on 12/03/2011 at 23:32:15.
-----------------------------------------------------------------------


ComboFix 11-12-04.01 - Erica Nicole 12/04/2011 0:07.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6126.3970 [GMT -6:00]
Running from: c:\users\Erica Nicole\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Erica Nicole\AppData\Roaming\0B56.61F
c:\users\Erica Nicole\AppData\Roaming\Adobe\plugs
c:\users\Erica Nicole\AppData\Roaming\Adobe\shed
c:\users\Erica Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Repair
c:\users\Erica Nicole\ia_remove.sh6795.tmp
.
---- Previous Run -------
.
C:\Install.exe
c:\restoration\Restoration.exe
.
-- Previous Run --
.
Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
.
--------
.
.
((((((((((((((((((((((((( Files Created from 2011-11-04 to 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-04 07:27 . 2011-12-04 07:27 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-12-04 07:27 . 2011-12-04 07:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-04 05:56 . 2011-12-04 05:56 -------- d-----w- C:\TDSSKiller_Quarantine
2011-12-04 05:41 . 2011-12-04 05:56 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-12-04 04:55 . 2011-12-04 05:17 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA817838-973C-4315-8CA7-F9EC10EC1BF0}\offreg.dll
2011-12-04 04:54 . 2011-12-04 04:54 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes
2011-12-04 04:53 . 2011-12-04 04:53 -------- d-----w- c:\users\Guest\AppData\Roaming\Intel Corporation
2011-12-04 04:53 . 2011-12-04 04:53 -------- d-----w- c:\users\Guest\AppData\Local\Clearwire
2011-12-03 03:23 . 2011-12-03 03:23 -------- d-----w- c:\programdata\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}
2011-12-02 14:41 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA817838-973C-4315-8CA7-F9EC10EC1BF0}\mpengine.dll
2011-11-16 07:18 . 2011-12-02 05:45 -------- d-----w- c:\users\Erica Nicole\AppData\Local\WinZip
2011-11-09 19:26 . 2011-12-04 05:25 -------- d-----w- c:\users\Erica Nicole\AppData\Local\Akamai
2011-11-09 15:19 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 15:19 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 15:19 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 15:19 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-07 02:34 . 2010-04-16 02:19 952 --sha-w- c:\programdata\KGyGaAvL.sys
2011-10-01 03:25 . 2011-10-11 19:19 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-11 19:19 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-22 21:00 . 2011-07-12 17:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-10 39408]
"Akamai NetSession Interface"="c:\users\Erica Nicole\AppData\Local\Akamai\netsession_win.exe" [2011-11-17 3303000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"EZGigMonitor.exe"="c:\program files (x86)\Apricorn\EZ Gig II\EZGigMonitor.exe" [2008-12-26 1169264]
"AcronisTimounterMonitor"="c:\program files (x86)\Apricorn\EZ Gig II\TimounterMonitor.exe" [2008-12-26 1949480]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-03 365336]
"Clearwire Connection Manager"="c:\program files (x86)\Clearwire\Connection Manager\ClearwireCM.exe" [2011-05-11 54608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\Erica Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 03:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clearwireDeviceDiagnosticsService;Clearwire Device Diagnostics Service;c:\program files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe [2010-06-17 398848]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 135664]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files (x86)\AT&T\Communication Manager\RcAppSvc.exe [2010-03-10 121416]
R3 CAATT;AT&T Con App Svc;c:\program files (x86)\AT&T\Communication Manager\ConAppsSvc.exe [2010-03-10 125512]
R3 CACLEARWIRE;Clearwire Con App Svc;c:\program files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [2011-05-11 124240]
R3 CASprint;Sprint Con App Svc; [x]
R3 CLEARWIRERcAppSvc;Clearwire RcAppSvc;c:\program files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [2011-05-11 120144]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 135664]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-16 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-16 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-16 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-16 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-16 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-02 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-09 110960]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 ChreStock3AlertSvr;Chronos eStockCard3 Alert Service;c:\program files (x86)\Chronos Process Integration\Chronos eStockCard3 Services\eStockCardAlertService.exe [2010-11-05 327680]
R4 ChreStock3MainSvr;Chronos eStockCard3 Maintenance Services;c:\program files (x86)\Chronos Process Integration\Chronos eStockCard3 Services\eStockCardSchedulerService.exe [2010-11-05 327680]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
R4 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MailStoreServer;MailStore Server;c:\program files (x86)\deepinvent\MailStore Server\MailStoreServer.exe [2011-08-31 4068472]
S2 MSSQL$ESTOCKCARD3;SQL Server (ESTOCKCARD3);c:\program files (x86)\EStockCard3 SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 MSSQL$INFLOWSQL;SQL Server (INFLOWSQL);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2011-08-14 49152]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SMSI Device Launch Service;Clearwire Device Launch Service;c:\program files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [2011-05-11 107856]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-15 642416]
S2 WinFLdrv;WinFLdrv;SysWOW64\WinFLdrv.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314_64.sys [x]
S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr_64.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-12-01 571248]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 19325547
*NewlyCreated* - 88380610
*Deregistered* - 19325547
*Deregistered* - 88380610
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 03:55]
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 03:55]
.
2011-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3557575778-2650415322-1354639390-1005Core.job
- c:\users\Erica Nicole\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-10 23:05]
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3557575778-2650415322-1354639390-1005UA.job
- c:\users\Erica Nicole\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-10 23:05]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Erica Nicole\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 2184520]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:50667
IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 71.22.7.12 75.94.255.12
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{1c9b96a0-cba2-482e-9c40-9200b547123a} - (no file)
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
Toolbar-10 - (no file)
Toolbar-10 - (no file)
AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}\VAIO Messenger Setup 2.0.348.0.exe
AddRemove-FolderLock6 - c:\program files\Folder Lock\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-04 01:36:14
ComboFix-quarantined-files.txt 2011-12-04 07:36
.
Pre-Run: 273,850,314,752 bytes free
Post-Run: 273,287,991,296 bytes free
.
- - End Of File - - F23EE06B754A5ED404178DEFFD9827A6

BC AdBot (Login to Remove)

 


#2 NYCBella

NYCBella
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 04 December 2011 - 12:44 PM

I recently recognized that Firefox was hanging -- and the browser would not load a page? So I deleted Firefox and re-installed - the issue persisted.

So, I then attempted to run Malwarebytes -- and it runs for 1-2 seconds and then hangs -- saying "Not Responding."

I then have to restart my computer -- because it hangs my entire computer.

I tried running MBAM in safemode and the same error is occurring. Something is stopping MBAM from scanning and messed up my firefox browser?

Any suggestions? So confused...

Edited by Orange Blossom, 05 December 2011 - 01:08 AM.
Merged topics. ~ OB


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 09 December 2011 - 12:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/430699 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 14 December 2011 - 12:15 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users