Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ping.exe among others!


  • This topic is locked This topic is locked
25 replies to this topic

#16 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 26 December 2011 - 08:12 PM

Hello

The Rootkit is back :-(

Give me details please


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

BC AdBot (Login to Remove)

 


#17 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 30 December 2011 - 03:13 AM

Hello


havent heard back from you - what do you mean the rootkit is back


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#18 Dj Tantra

Dj Tantra
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 30 December 2011 - 05:21 AM

Sorry, for some reason I wasn't notified when you initially replied.

When I ran combofix it told me a rootkit had been detected and it went through the process it went through when I initially ran the combofix and detected the presence of the rootkit. It was the same name as last time too.

#19 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 30 December 2011 - 11:52 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#20 Dj Tantra

Dj Tantra
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 30 December 2011 - 02:48 PM

14:28:29.0281 2876 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:28:29.0625 2876 ============================================================
14:28:29.0625 2876 Current date / time: 2011/12/30 14:28:29.0625
14:28:29.0625 2876 SystemInfo:
14:28:29.0625 2876
14:28:29.0625 2876 OS Version: 5.1.2600 ServicePack: 3.0
14:28:29.0625 2876 Product type: Workstation
14:28:29.0625 2876 ComputerName: AMBIOM
14:28:29.0625 2876 UserName: Ambica
14:28:29.0625 2876 Windows directory: C:\WINDOWS
14:28:29.0625 2876 System windows directory: C:\WINDOWS
14:28:29.0625 2876 Processor architecture: Intel x86
14:28:29.0625 2876 Number of processors: 2
14:28:29.0625 2876 Page size: 0x1000
14:28:29.0625 2876 Boot type: Normal boot
14:28:29.0625 2876 ============================================================
14:28:30.0421 2876 Initialize success
14:28:34.0765 3296 ============================================================
14:28:34.0765 3296 Scan started
14:28:34.0765 3296 Mode: Manual;
14:28:34.0765 3296 ============================================================
14:28:35.0656 3296 Abiosdsk - ok
14:28:35.0703 3296 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:28:35.0734 3296 abp480n5 - ok
14:28:35.0781 3296 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:28:35.0781 3296 ACPI - ok
14:28:36.0109 3296 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:28:36.0125 3296 ACPIEC - ok
14:28:36.0203 3296 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:28:36.0234 3296 adpu160m - ok
14:28:36.0312 3296 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:28:36.0328 3296 aec - ok
14:28:36.0421 3296 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:28:36.0437 3296 AFD - ok
14:28:36.0484 3296 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:28:36.0500 3296 agp440 - ok
14:28:36.0531 3296 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:28:36.0562 3296 agpCPQ - ok
14:28:36.0593 3296 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:28:36.0609 3296 Aha154x - ok
14:28:36.0625 3296 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:28:36.0625 3296 aic78u2 - ok
14:28:36.0656 3296 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:28:36.0656 3296 aic78xx - ok
14:28:36.0718 3296 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:28:36.0718 3296 AliIde - ok
14:28:36.0750 3296 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:28:36.0765 3296 alim1541 - ok
14:28:36.0843 3296 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
14:28:37.0000 3296 Ambfilt - ok
14:28:37.0140 3296 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:28:37.0140 3296 amdagp - ok
14:28:37.0234 3296 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:28:37.0234 3296 amsint - ok
14:28:37.0406 3296 AR5416 (a2f96787b7a958989a962ef3824d9ca8) C:\WINDOWS\system32\DRIVERS\athw.sys
14:28:37.0750 3296 AR5416 - ok
14:28:37.0796 3296 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:28:37.0812 3296 asc - ok
14:28:37.0859 3296 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:28:37.0859 3296 asc3350p - ok
14:28:37.0921 3296 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:28:37.0921 3296 asc3550 - ok
14:28:37.0984 3296 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:28:38.0000 3296 AsyncMac - ok
14:28:38.0031 3296 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:28:38.0046 3296 atapi - ok
14:28:38.0062 3296 Atdisk - ok
14:28:38.0093 3296 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:28:38.0171 3296 Atmarpc - ok
14:28:38.0250 3296 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:28:38.0296 3296 audstub - ok
14:28:38.0437 3296 BCM43XX (fe4ed785396eaa554c561992106a35fa) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:28:38.0531 3296 BCM43XX - ok
14:28:38.0578 3296 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:28:38.0578 3296 Beep - ok
14:28:38.0750 3296 catchme - ok
14:28:38.0812 3296 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:28:38.0812 3296 cbidf - ok
14:28:38.0843 3296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:28:38.0843 3296 cbidf2k - ok
14:28:38.0890 3296 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:28:38.0937 3296 CCDECODE - ok
14:28:38.0984 3296 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:28:38.0984 3296 cd20xrnt - ok
14:28:39.0031 3296 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:28:39.0046 3296 Cdaudio - ok
14:28:39.0093 3296 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:28:39.0093 3296 Cdfs - ok
14:28:39.0140 3296 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:28:39.0218 3296 Cdrom - ok
14:28:39.0234 3296 Changer - ok
14:28:39.0281 3296 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:28:39.0343 3296 CmBatt - ok
14:28:39.0375 3296 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:28:39.0375 3296 CmdIde - ok
14:28:39.0421 3296 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:28:39.0421 3296 Compbatt - ok
14:28:39.0468 3296 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:28:39.0500 3296 Cpqarray - ok
14:28:39.0546 3296 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:28:40.0203 3296 dac2w2k - ok
14:28:40.0328 3296 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:28:40.0359 3296 dac960nt - ok
14:28:40.0484 3296 DFUBTUSB (31273c758c6df7fc27b00be78c7220e9) C:\WINDOWS\system32\Drivers\frmupgr.sys
14:28:40.0531 3296 DFUBTUSB - ok
14:28:40.0593 3296 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:28:40.0593 3296 Disk - ok
14:28:40.0656 3296 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
14:28:40.0687 3296 DKbFltr - ok
14:28:40.0812 3296 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:28:40.0968 3296 dmboot - ok
14:28:41.0093 3296 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:28:41.0171 3296 dmio - ok
14:28:41.0203 3296 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:28:41.0265 3296 dmload - ok
14:28:41.0296 3296 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:28:41.0312 3296 DMusic - ok
14:28:41.0375 3296 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:28:41.0375 3296 dpti2o - ok
14:28:41.0500 3296 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
14:28:41.0515 3296 DritekPortIO - ok
14:28:41.0531 3296 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:28:41.0531 3296 drmkaud - ok
14:28:41.0609 3296 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
14:28:41.0625 3296 eamon - ok
14:28:41.0703 3296 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:28:41.0781 3296 ehdrv - ok
14:28:41.0828 3296 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
14:28:41.0921 3296 epfwtdir - ok
14:28:41.0968 3296 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:28:41.0984 3296 Fastfat - ok
14:28:42.0078 3296 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:28:42.0078 3296 Fdc - ok
14:28:42.0125 3296 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:28:42.0125 3296 Fips - ok
14:28:42.0140 3296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:28:42.0156 3296 Flpydisk - ok
14:28:42.0187 3296 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:28:42.0187 3296 FltMgr - ok
14:28:42.0234 3296 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:28:42.0250 3296 Fs_Rec - ok
14:28:42.0312 3296 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:28:42.0328 3296 Ftdisk - ok
14:28:42.0375 3296 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:28:42.0437 3296 GEARAspiWDM - ok
14:28:42.0484 3296 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:28:42.0546 3296 Gpc - ok
14:28:42.0593 3296 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:28:42.0609 3296 HDAudBus - ok
14:28:42.0671 3296 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:28:42.0734 3296 HidUsb - ok
14:28:42.0781 3296 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:28:42.0781 3296 hpn - ok
14:28:42.0843 3296 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:28:42.0843 3296 HTTP - ok
14:28:42.0921 3296 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:28:42.0921 3296 i2omgmt - ok
14:28:42.0953 3296 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:28:42.0953 3296 i2omp - ok
14:28:43.0000 3296 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:28:43.0125 3296 i8042prt - ok
14:28:43.0375 3296 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:28:43.0625 3296 ialm - ok
14:28:43.0703 3296 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\WINDOWS\system32\drivers\iaStor.sys
14:28:43.0703 3296 iaStor - ok
14:28:43.0781 3296 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:28:43.0828 3296 Imapi - ok
14:28:43.0906 3296 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:28:43.0906 3296 ini910u - ok
14:28:43.0921 3296 int15.sys - ok
14:28:44.0125 3296 IntcAzAudAddService (cb1113029fae50c685198eabd9885161) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:28:44.0296 3296 IntcAzAudAddService - ok
14:28:44.0328 3296 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:28:44.0343 3296 IntelIde - ok
14:28:44.0375 3296 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:28:44.0375 3296 intelppm - ok
14:28:44.0421 3296 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:28:44.0515 3296 Ip6Fw - ok
14:28:44.0562 3296 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:28:44.0656 3296 IpFilterDriver - ok
14:28:44.0718 3296 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:28:44.0765 3296 IpInIp - ok
14:28:44.0812 3296 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:28:44.0812 3296 IpNat - ok
14:28:44.0859 3296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:28:44.0906 3296 IPSec - ok
14:28:44.0953 3296 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:28:45.0000 3296 IRENUM - ok
14:28:45.0062 3296 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:28:45.0062 3296 isapnp - ok
14:28:45.0125 3296 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:28:45.0218 3296 Kbdclass - ok
14:28:45.0234 3296 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:28:45.0281 3296 kbdhid - ok
14:28:45.0328 3296 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:28:45.0343 3296 kmixer - ok
14:28:45.0375 3296 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:28:45.0390 3296 KSecDD - ok
14:28:45.0437 3296 L1c (6c8658587e91ea25b0fd2e71781ad228) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
14:28:45.0437 3296 L1c - ok
14:28:45.0484 3296 LBeepKE (5644acfa1b281ce2212353552147d1a0) C:\WINDOWS\system32\Drivers\LBeepKE.sys
14:28:45.0531 3296 LBeepKE - ok
14:28:45.0562 3296 lbrtfdc - ok
14:28:45.0593 3296 LHidFilt (05d6b85ecc3204931923ab7940b9596e) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:28:45.0609 3296 LHidFilt - ok
14:28:45.0640 3296 LMouFilt (053dbcc1082fdf74ab145a71917a6556) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:28:45.0671 3296 LMouFilt - ok
14:28:45.0734 3296 LVRS (7521c0c58ee91be90b6cc33e792d10c7) C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:28:45.0812 3296 LVRS - ok
14:28:46.0093 3296 LVUVC (37e57c48af530df01cdd4e8a2ad77b51) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:28:46.0406 3296 LVUVC - ok
14:28:46.0484 3296 M3000Srv (73fd60fda3ff60f0666e4614e93f0aaa) C:\WINDOWS\system32\Drivers\M3000KNT.sys
14:28:46.0500 3296 M3000Srv - ok
14:28:46.0562 3296 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
14:28:46.0578 3296 MBAMProtector - ok
14:28:46.0656 3296 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:28:46.0656 3296 mnmdd - ok
14:28:46.0718 3296 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:28:46.0718 3296 Modem - ok
14:28:46.0796 3296 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
14:28:46.0937 3296 Monfilt - ok
14:28:47.0000 3296 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:28:47.0062 3296 Mouclass - ok
14:28:47.0078 3296 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:28:47.0140 3296 mouhid - ok
14:28:47.0171 3296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:28:47.0171 3296 MountMgr - ok
14:28:47.0203 3296 MPFP - ok
14:28:47.0265 3296 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:28:47.0265 3296 mraid35x - ok
14:28:47.0281 3296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:28:47.0296 3296 MRxDAV - ok
14:28:47.0375 3296 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:28:47.0390 3296 MRxSmb - ok
14:28:47.0421 3296 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:28:47.0421 3296 Msfs - ok
14:28:47.0468 3296 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:28:47.0515 3296 MSKSSRV - ok
14:28:47.0562 3296 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:28:47.0640 3296 MSPCLOCK - ok
14:28:47.0687 3296 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:28:47.0765 3296 MSPQM - ok
14:28:47.0828 3296 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:28:47.0828 3296 mssmbios - ok
14:28:47.0875 3296 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:28:47.0937 3296 MSTEE - ok
14:28:47.0968 3296 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:28:47.0968 3296 Mup - ok
14:28:48.0015 3296 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:28:48.0078 3296 NABTSFEC - ok
14:28:48.0125 3296 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:28:48.0125 3296 NDIS - ok
14:28:48.0140 3296 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:28:48.0203 3296 NdisIP - ok
14:28:48.0265 3296 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:28:48.0265 3296 NdisTapi - ok
14:28:48.0343 3296 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:28:48.0406 3296 Ndisuio - ok
14:28:48.0421 3296 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:28:48.0484 3296 NdisWan - ok
14:28:48.0531 3296 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:28:48.0546 3296 NDProxy - ok
14:28:48.0562 3296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:28:48.0578 3296 NetBIOS - ok
14:28:48.0609 3296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:28:48.0671 3296 NetBT - ok
14:28:48.0734 3296 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:28:48.0750 3296 Npfs - ok
14:28:48.0796 3296 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:28:48.0828 3296 Ntfs - ok
14:28:48.0875 3296 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:28:48.0875 3296 Null - ok
14:28:48.0921 3296 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:28:48.0984 3296 NwlnkFlt - ok
14:28:49.0015 3296 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:28:49.0062 3296 NwlnkFwd - ok
14:28:49.0125 3296 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:28:49.0125 3296 Parport - ok
14:28:49.0156 3296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:28:49.0156 3296 PartMgr - ok
14:28:49.0203 3296 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:28:49.0203 3296 ParVdm - ok
14:28:49.0218 3296 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:28:49.0234 3296 PCI - ok
14:28:49.0250 3296 PCIDump - ok
14:28:49.0281 3296 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:28:49.0281 3296 PCIIde - ok
14:28:49.0328 3296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:28:49.0328 3296 Pcmcia - ok
14:28:49.0359 3296 PDCOMP - ok
14:28:49.0375 3296 PDFRAME - ok
14:28:49.0390 3296 PDRELI - ok
14:28:49.0421 3296 PDRFRAME - ok
14:28:49.0453 3296 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:28:49.0453 3296 perc2 - ok
14:28:49.0484 3296 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:28:49.0484 3296 perc2hib - ok
14:28:49.0562 3296 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:28:49.0609 3296 PptpMiniport - ok
14:28:49.0640 3296 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:28:49.0734 3296 PSched - ok
14:28:49.0750 3296 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:28:49.0812 3296 Ptilink - ok
14:28:49.0843 3296 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:28:49.0859 3296 ql1080 - ok
14:28:49.0906 3296 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:28:49.0921 3296 Ql10wnt - ok
14:28:49.0953 3296 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:28:49.0968 3296 ql12160 - ok
14:28:49.0984 3296 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:28:49.0984 3296 ql1240 - ok
14:28:50.0015 3296 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:28:50.0015 3296 ql1280 - ok
14:28:50.0062 3296 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:28:50.0109 3296 RasAcd - ok
14:28:50.0140 3296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:28:50.0203 3296 Rasl2tp - ok
14:28:50.0234 3296 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:28:50.0296 3296 RasPppoe - ok
14:28:50.0312 3296 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:28:50.0359 3296 Raspti - ok
14:28:50.0406 3296 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:28:50.0421 3296 Rdbss - ok
14:28:50.0453 3296 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:28:50.0500 3296 RDPCDD - ok
14:28:50.0531 3296 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:28:50.0593 3296 rdpdr - ok
14:28:50.0640 3296 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:28:50.0640 3296 RDPWD - ok
14:28:50.0703 3296 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:28:50.0765 3296 redbook - ok
14:28:50.0843 3296 RSUSBSTOR (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys
14:28:50.0843 3296 RSUSBSTOR - ok
14:28:50.0921 3296 Rts516xIR - ok
14:28:51.0000 3296 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:28:51.0046 3296 Secdrv - ok
14:28:51.0109 3296 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
14:28:51.0109 3296 Serial - ok
14:28:51.0156 3296 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:28:51.0156 3296 Sfloppy - ok
14:28:51.0187 3296 Simbad - ok
14:28:51.0250 3296 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:28:51.0265 3296 sisagp - ok
14:28:51.0343 3296 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:28:51.0406 3296 SLIP - ok
14:28:51.0468 3296 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:28:51.0468 3296 Sparrow - ok
14:28:51.0515 3296 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:28:51.0531 3296 splitter - ok
14:28:51.0578 3296 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:28:51.0593 3296 sr - ok
14:28:51.0640 3296 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:28:51.0656 3296 Srv - ok
14:28:51.0687 3296 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:28:51.0750 3296 streamip - ok
14:28:51.0781 3296 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:28:51.0828 3296 swenum - ok
14:28:51.0890 3296 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:28:52.0015 3296 swmidi - ok
14:28:52.0062 3296 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:28:52.0062 3296 symc810 - ok
14:28:52.0093 3296 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:28:52.0093 3296 symc8xx - ok
14:28:52.0125 3296 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:28:52.0140 3296 sym_hi - ok
14:28:52.0156 3296 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:28:52.0156 3296 sym_u3 - ok
14:28:52.0234 3296 SynTP (5c3e900f41426a372de60675afc8aa07) C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:28:52.0281 3296 SynTP - ok
14:28:52.0328 3296 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:28:52.0328 3296 sysaudio - ok
14:28:52.0421 3296 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:28:52.0437 3296 Tcpip - ok
14:28:52.0468 3296 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:28:52.0484 3296 TDPIPE - ok
14:28:52.0515 3296 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:28:52.0515 3296 TDTCP - ok
14:28:52.0562 3296 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:28:52.0703 3296 TermDD - ok
14:28:52.0765 3296 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
14:28:52.0765 3296 TosIde - ok
14:28:52.0812 3296 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:28:52.0828 3296 Udfs - ok
14:28:52.0875 3296 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:28:52.0875 3296 ultra - ok
14:28:52.0968 3296 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:28:53.0078 3296 Update - ok
14:28:53.0375 3296 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
14:28:53.0515 3296 USBAAPL - ok
14:28:53.0562 3296 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:28:53.0609 3296 usbaudio - ok
14:28:53.0656 3296 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:28:53.0718 3296 usbccgp - ok
14:28:53.0734 3296 USBCCID - ok
14:28:53.0781 3296 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:28:53.0828 3296 usbehci - ok
14:28:53.0859 3296 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:28:53.0906 3296 usbhub - ok
14:28:53.0953 3296 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:28:54.0031 3296 usbscan - ok
14:28:54.0093 3296 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:28:54.0093 3296 USBSTOR - ok
14:28:54.0109 3296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:28:54.0171 3296 usbuhci - ok
14:28:54.0218 3296 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:28:54.0234 3296 usbvideo - ok
14:28:54.0265 3296 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:28:54.0281 3296 VgaSave - ok
14:28:54.0328 3296 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:28:54.0328 3296 viaagp - ok
14:28:54.0390 3296 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:28:54.0421 3296 ViaIde - ok
14:28:54.0453 3296 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:28:54.0453 3296 VolSnap - ok
14:28:54.0515 3296 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:28:54.0562 3296 Wanarp - ok
14:28:54.0656 3296 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:28:54.0765 3296 Wdf01000 - ok
14:28:54.0796 3296 WDICA - ok
14:28:54.0859 3296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:28:54.0859 3296 wdmaud - ok
14:28:54.0984 3296 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:28:54.0984 3296 WmiAcpi - ok
14:28:55.0093 3296 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:28:55.0140 3296 WSTCODEC - ok
14:28:55.0218 3296 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:28:55.0296 3296 WudfPf - ok
14:28:55.0343 3296 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:28:55.0359 3296 WudfRd - ok
14:28:55.0437 3296 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:28:55.0500 3296 \Device\Harddisk0\DR0 - ok
14:28:55.0500 3296 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
14:28:55.0515 3296 \Device\Harddisk1\DR3 - ok
14:28:55.0562 3296 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR5
14:28:55.0578 3296 \Device\Harddisk2\DR5 - ok
14:28:55.0578 3296 Boot (0x1200) (187128e4b647accfea0cce7d8f09bba8) \Device\Harddisk0\DR0\Partition0
14:28:55.0593 3296 \Device\Harddisk0\DR0\Partition0 - ok
14:28:55.0593 3296 Boot (0x1200) (050d146bac1b2708627d7d55bb984ded) \Device\Harddisk1\DR3\Partition0
14:28:55.0609 3296 \Device\Harddisk1\DR3\Partition0 - ok
14:28:55.0609 3296 Boot (0x1200) (fcaf429840bc7340b0f9bc0c3e7a8f3d) \Device\Harddisk2\DR5\Partition0
14:28:55.0625 3296 \Device\Harddisk2\DR5\Partition0 - ok
14:28:55.0625 3296 ============================================================
14:28:55.0625 3296 Scan finished
14:28:55.0625 3296 ============================================================
14:28:55.0656 3292 Detected object count: 0
14:28:55.0656 3292 Actual detected object count: 0

#21 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 30 December 2011 - 03:09 PM

How are things running at this time


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#22 Dj Tantra

Dj Tantra
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 30 December 2011 - 07:30 PM

So far, smooth!!! I think we got everything. Any other tests I should run?

In your opinion, free anti-virus wise should I go with AVG? or Avast? If I'm downloading torrents (Games) is it safe to just scan using AVG/Avast before unzipping to ensure it's not carrying anything dangerous?

Thanks a bunch!

#23 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 30 December 2011 - 07:53 PM

Hello

this is the antivirus I like at this time

Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

Oh and stay away from torrents - it is the first place new virus gets released

Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


The following procedure will implement some cleanup procedures. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.

Any programs and logs that are left over you can just be deleted from the desktop. TFC is a free temp file cleaner that is very easy to use, I would keep this and use before you do any scans or when you want to free up some space.

:DeFogger:

  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
Your Emulation drivers are now re-enabled.


:Uninstall ComboFix:

  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • Posted Image


:remove tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so
Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.


:Make your Internet Explorer more secure:

  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialise and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.


:Make Firefox more secure:

please visit this page to explain how to make Firefox more secure - How to Secure Firefox


Make sure your applications have all of their updates

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector


:Turn On Automatic Updates:

Turn On Automatic Updates
1. Click Start, click Run, type sysdm.cpl, and then press ENTER.
2. Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them

If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

or visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

:antispyware programs:

I would reccomend the download and installation of some or all of the following programs (all free), and the updating of them regularly:

  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often.

Here is some great reading about how to be safer online:

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum
and
COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#24 Dj Tantra

Dj Tantra
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 30 December 2011 - 10:29 PM

I was able to clean everything up successfully- thank you so much!!!

I had another issue on a different net book...It's an issue with not being able to successfully install the service pack 3 for windows 7 starter. Would I need to open a separate thread for that? Would anyone be able to help me with that?

Thanks again, happy new yr!!!

#25 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 31 December 2011 - 05:13 AM

I would start in the windows 7 forum and see what they have to say - if they think it is malware they will have you moved over here (don't sound like malware to me)


yhou are more than welcome


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#26 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:59 PM

Posted 03 January 2012 - 11:18 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users