Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirects


  • This topic is locked This topic is locked
9 replies to this topic

#1 darhay

darhay

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:52 PM

Posted 29 December 2011 - 02:52 PM

Hello,

When I perform a google search and try and go on certain websites, it will redirect me to another website. I have run the following:
- DDS
- DeFogger
- MalwareBytes Anti-Malware
- TDSSkiller
- HiJack This

The DDS log:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26
Run by ddl at 11:37:43 on 2011-12-29
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.396 [GMT -8:00]
.
.
============== Running Processes ===============
.
c:\windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://webmail.andrew.cmu.edu/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Aim6]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\darhay\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\darhay\appdata\local\akamai\netsession_win.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\darhay\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5D397078-D39D-4699-93C7-15D8C45D702E} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\darhay\appdata\roaming\mozilla\firefox\profiles\7opw9qfk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\users\darhay\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\darhay\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\darhay\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-9-19 21504]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-1-25 24652]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-11-17 4247552]
S2 NecUsb;USB Service;c:\windows\system32\svchost.exe -k NecUsbSevice [2008-9-19 21504]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-12-24 05:41:10 -------- d-----w- c:\users\darhay\appdata\roaming\Malwarebytes
2011-12-24 05:39:53 -------- d-----w- c:\programdata\Malwarebytes
2011-12-24 05:39:40 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-24 05:39:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-23 23:17:50 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-23 23:17:42 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-23 23:17:30 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-23 23:11:01 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-11-04 14:54:57 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-20 15:55:43 834048 ----a-w- c:\windows\system32\wininet.dll
2011-10-20 14:08:44 389632 ----a-w- c:\windows\system32\html.iec
2011-10-10 00:33:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 11:39:04.85 ===============

HiJack This log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:39 PM, on 12/28/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darhay\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://webmail.andrew.cmu.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Darhay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe"
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8458 bytes


MBAM log (it killed two trojans but did not help the google redirecting problem):


Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.29.01

Windows Vista Service Pack 2 x86 NTFS (Safe Mode)
Internet Explorer 7.0.6002.18005
ddl :: DARHAY-PC [administrator]

12/28/2011 11:59:03 PM
mbam-log-2011-12-28 (23-59-03).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 649899
Time elapsed: 2 hour(s), 17 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Darhay\AppData\Local\oqd.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
C:\Windows\Temp\kxysaj\setup.exe (Trojan.Krypt) -> Quarantined and deleted successfully.

(end)


TDSSkiller log (it found 2 suspicious files but I clicked "Skip" when it asked for actions):


09:57:27.0792 3696 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
09:57:28.0026 3696 ============================================================
09:57:28.0026 3696 Current date / time: 2011/12/29 09:57:28.0026
09:57:28.0026 3696 SystemInfo:
09:57:28.0026 3696
09:57:28.0026 3696 OS Version: 6.0.6002 ServicePack: 2.0
09:57:28.0026 3696 Product type: Workstation
09:57:28.0026 3696 ComputerName: DARHAY-PC
09:57:28.0026 3696 UserName: ddl
09:57:28.0026 3696 Windows directory: C:\Windows
09:57:28.0026 3696 System windows directory: C:\Windows
09:57:28.0026 3696 Processor architecture: Intel x86
09:57:28.0026 3696 Number of processors: 2
09:57:28.0026 3696 Page size: 0x1000
09:57:28.0026 3696 Boot type: Normal boot
09:57:28.0026 3696 ============================================================
09:57:29.0633 3696 Initialize success
09:57:43.0954 2816 ============================================================
09:57:43.0954 2816 Scan started
09:57:43.0954 2816 Mode: Manual; SigCheck; TDLFS;
09:57:43.0954 2816 ============================================================
09:57:45.0139 2816 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
09:57:45.0249 2816 ACPI - ok
09:57:45.0311 2816 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
09:57:45.0358 2816 adp94xx - ok
09:57:45.0420 2816 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
09:57:45.0451 2816 adpahci - ok
09:57:45.0545 2816 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
09:57:45.0561 2816 adpu160m - ok
09:57:45.0592 2816 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
09:57:45.0607 2816 adpu320 - ok
09:57:45.0763 2816 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
09:57:45.0951 2816 AFD - ok
09:57:46.0200 2816 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
09:57:46.0200 2816 agp440 - ok
09:57:46.0231 2816 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
09:57:46.0247 2816 aic78xx - ok
09:57:46.0309 2816 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
09:57:46.0309 2816 aliide - ok
09:57:46.0403 2816 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
09:57:46.0403 2816 amdagp - ok
09:57:46.0434 2816 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
09:57:46.0450 2816 amdide - ok
09:57:46.0481 2816 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
09:57:46.0668 2816 AmdK7 - ok
09:57:46.0762 2816 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
09:57:46.0840 2816 AmdK8 - ok
09:57:46.0918 2816 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
09:57:46.0918 2816 arc - ok
09:57:47.0011 2816 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
09:57:47.0027 2816 arcsas - ok
09:57:47.0089 2816 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
09:57:47.0261 2816 AsyncMac - ok
09:57:47.0370 2816 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
09:57:47.0386 2816 atapi - ok
09:57:47.0464 2816 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
09:57:47.0557 2816 BCM43XV - ok
09:57:47.0667 2816 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
09:57:47.0745 2816 Beep - ok
09:57:47.0776 2816 blbdrive - ok
09:57:47.0869 2816 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
09:57:47.0916 2816 bowser - ok
09:57:47.0994 2816 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
09:57:48.0103 2816 BrFiltLo - ok
09:57:48.0181 2816 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
09:57:48.0228 2816 BrFiltUp - ok
09:57:48.0275 2816 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
09:57:48.0337 2816 Brserid - ok
09:57:48.0369 2816 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
09:57:48.0431 2816 BrSerWdm - ok
09:57:48.0525 2816 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
09:57:48.0603 2816 BrUsbMdm - ok
09:57:48.0649 2816 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
09:57:48.0743 2816 BrUsbSer - ok
09:57:48.0774 2816 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
09:57:48.0837 2816 BTHMODEM - ok
09:57:48.0961 2816 BVRPMPR5 (51b327292408b5f3a42e295bce055859) C:\Windows\system32\drivers\BVRPMPR5.SYS
09:57:48.0977 2816 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
09:57:48.0977 2816 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
09:57:49.0024 2816 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
09:57:49.0071 2816 cdfs - ok
09:57:49.0149 2816 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
09:57:49.0195 2816 cdrom - ok
09:57:49.0273 2816 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
09:57:49.0336 2816 circlass - ok
09:57:49.0445 2816 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
09:57:49.0461 2816 CLFS - ok
09:57:49.0585 2816 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
09:57:49.0617 2816 CmBatt - ok
09:57:49.0632 2816 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
09:57:49.0648 2816 cmdide - ok
09:57:49.0710 2816 CnxtHdAudService (a4d44ab8423791db757b38150ec599a4) C:\Windows\system32\drivers\CHDRT32.sys
09:57:49.0757 2816 CnxtHdAudService - ok
09:57:49.0882 2816 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
09:57:49.0882 2816 Compbatt - ok
09:57:49.0913 2816 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
09:57:49.0929 2816 crcdisk - ok
09:57:49.0960 2816 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
09:57:50.0022 2816 Crusoe - ok
09:57:50.0100 2816 DfsC (2c5fd2b46c4e073edde9f70187ba70d4) C:\Windows\system32\Drivers\dfsc.sys
09:57:50.0116 2816 DfsC ( UnsignedFile.Multi.Generic ) - warning
09:57:50.0116 2816 DfsC - detected UnsignedFile.Multi.Generic (1)
09:57:50.0272 2816 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
09:57:50.0287 2816 disk - ok
09:57:50.0350 2816 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
09:57:50.0397 2816 drmkaud - ok
09:57:50.0475 2816 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
09:57:50.0553 2816 DXGKrnl - ok
09:57:50.0662 2816 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\Windows\system32\DRIVERS\e100b325.sys
09:57:50.0724 2816 E100B - ok
09:57:50.0787 2816 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
09:57:50.0849 2816 E1G60 - ok
09:57:50.0958 2816 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
09:57:51.0005 2816 eabfiltr - ok
09:57:51.0114 2816 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
09:57:51.0130 2816 Ecache - ok
09:57:51.0255 2816 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
09:57:51.0270 2816 elxstor - ok
09:57:51.0364 2816 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
09:57:51.0411 2816 exfat - ok
09:57:51.0473 2816 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
09:57:51.0520 2816 fastfat - ok
09:57:51.0613 2816 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
09:57:51.0676 2816 fdc - ok
09:57:51.0738 2816 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
09:57:51.0754 2816 FileInfo - ok
09:57:51.0801 2816 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
09:57:51.0832 2816 Filetrace - ok
09:57:51.0925 2816 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
09:57:52.0003 2816 flpydisk - ok
09:57:52.0066 2816 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
09:57:52.0081 2816 FltMgr - ok
09:57:52.0113 2816 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
09:57:52.0159 2816 Fs_Rec - ok
09:57:52.0191 2816 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
09:57:52.0206 2816 gagp30kx - ok
09:57:52.0331 2816 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
09:57:52.0347 2816 GEARAspiWDM - ok
09:57:52.0378 2816 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys
09:57:52.0393 2816 HBtnKey - ok
09:57:52.0456 2816 HdAudAddService (3aeee05bb25b8cc72b6e9aec0e6f394b) C:\Windows\system32\drivers\CHDART.sys
09:57:52.0487 2816 HdAudAddService - ok
09:57:52.0612 2816 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:57:52.0690 2816 HDAudBus - ok
09:57:52.0721 2816 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
09:57:52.0799 2816 HidBth - ok
09:57:52.0830 2816 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
09:57:52.0924 2816 HidIr - ok
09:57:53.0033 2816 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
09:57:53.0080 2816 HidUsb - ok
09:57:53.0142 2816 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
09:57:53.0142 2816 HpCISSs - ok
09:57:53.0205 2816 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:57:53.0267 2816 HSFHWAZL - ok
09:57:53.0392 2816 HSF_DPV (0d7a055a840c3099c37d576573a42cd5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:57:53.0548 2816 HSF_DPV - ok
09:57:53.0673 2816 HSXHWAZL (bcc074692882c056b0e1ac97f3331a02) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:57:53.0751 2816 HSXHWAZL - ok
09:57:53.0813 2816 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
09:57:53.0860 2816 HTTP - ok
09:57:53.0953 2816 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
09:57:53.0953 2816 i2omp - ok
09:57:54.0031 2816 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
09:57:54.0063 2816 i8042prt - ok
09:57:54.0187 2816 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
09:57:54.0390 2816 ialm - ok
09:57:54.0515 2816 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
09:57:54.0531 2816 iaStorV - ok
09:57:54.0687 2816 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
09:57:54.0765 2816 igfx - ok
09:57:54.0874 2816 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
09:57:54.0889 2816 iirsp - ok
09:57:54.0936 2816 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
09:57:54.0936 2816 intelide - ok
09:57:55.0014 2816 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
09:57:55.0061 2816 intelppm - ok
09:57:55.0170 2816 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:57:55.0201 2816 IpFilterDriver - ok
09:57:55.0217 2816 IpInIp - ok
09:57:55.0248 2816 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
09:57:55.0326 2816 IPMIDRV - ok
09:57:55.0389 2816 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
09:57:55.0435 2816 IPNAT - ok
09:57:55.0545 2816 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
09:57:55.0591 2816 IRENUM - ok
09:57:55.0638 2816 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
09:57:55.0654 2816 isapnp - ok
09:57:55.0732 2816 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
09:57:55.0747 2816 iScsiPrt - ok
09:57:55.0763 2816 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
09:57:55.0779 2816 iteatapi - ok
09:57:55.0872 2816 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
09:57:55.0888 2816 iteraid - ok
09:57:55.0935 2816 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:57:55.0950 2816 kbdclass - ok
09:57:55.0997 2816 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
09:57:56.0028 2816 kbdhid - ok
09:57:56.0122 2816 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
09:57:56.0153 2816 KSecDD - ok
09:57:56.0278 2816 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
09:57:56.0325 2816 lltdio - ok
09:57:56.0371 2816 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
09:57:56.0371 2816 LSI_FC - ok
09:57:56.0403 2816 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
09:57:56.0418 2816 LSI_SAS - ok
09:57:56.0449 2816 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
09:57:56.0465 2816 LSI_SCSI - ok
09:57:56.0574 2816 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
09:57:56.0605 2816 luafv - ok
09:57:56.0652 2816 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:57:56.0683 2816 mdmxsdk - ok
09:57:56.0715 2816 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
09:57:56.0730 2816 megasas - ok
09:57:56.0839 2816 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
09:57:56.0886 2816 Modem - ok
09:57:56.0949 2816 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
09:57:56.0995 2816 monitor - ok
09:57:57.0058 2816 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
09:57:57.0058 2816 mouclass - ok
09:57:57.0151 2816 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
09:57:57.0198 2816 mouhid - ok
09:57:57.0261 2816 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
09:57:57.0261 2816 MountMgr - ok
09:57:57.0307 2816 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
09:57:57.0323 2816 mpio - ok
09:57:57.0385 2816 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
09:57:57.0432 2816 mpsdrv - ok
09:57:57.0510 2816 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
09:57:57.0510 2816 Mraid35x - ok
09:57:57.0588 2816 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
09:57:57.0619 2816 MRxDAV - ok
09:57:57.0697 2816 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:57:57.0729 2816 mrxsmb - ok
09:57:57.0853 2816 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:57:57.0869 2816 mrxsmb10 - ok
09:57:57.0885 2816 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:57:57.0900 2816 mrxsmb20 - ok
09:57:57.0994 2816 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
09:57:57.0994 2816 msahci - ok
09:57:58.0041 2816 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
09:57:58.0041 2816 msdsm - ok
09:57:58.0134 2816 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
09:57:58.0165 2816 Msfs - ok
09:57:58.0228 2816 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
09:57:58.0243 2816 msisadrv - ok
09:57:58.0321 2816 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
09:57:58.0368 2816 MSKSSRV - ok
09:57:58.0415 2816 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
09:57:58.0446 2816 MSPCLOCK - ok
09:57:58.0524 2816 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
09:57:58.0555 2816 MSPQM - ok
09:57:58.0633 2816 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
09:57:58.0649 2816 MsRPC - ok
09:57:58.0711 2816 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
09:57:58.0711 2816 mssmbios - ok
09:57:58.0774 2816 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
09:57:58.0821 2816 MSTEE - ok
09:57:58.0899 2816 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
09:57:58.0914 2816 Mup - ok
09:57:58.0992 2816 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
09:57:59.0039 2816 NativeWifiP - ok
09:57:59.0101 2816 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
09:57:59.0164 2816 NDIS - ok
09:57:59.0273 2816 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
09:57:59.0320 2816 NdisTapi - ok
09:57:59.0382 2816 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
09:57:59.0429 2816 Ndisuio - ok
09:57:59.0491 2816 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:57:59.0507 2816 NdisWan - ok
09:57:59.0569 2816 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
09:57:59.0585 2816 NDProxy - ok
09:57:59.0679 2816 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
09:57:59.0725 2816 NetBIOS - ok
09:57:59.0819 2816 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
09:57:59.0866 2816 netbt - ok
09:58:00.0037 2816 NETw3v32 (ea30bd026a7d1b745a37516880c4ac1b) C:\Windows\system32\DRIVERS\NETw3v32.sys
09:58:00.0193 2816 NETw3v32 - ok
09:58:00.0412 2816 NETw5v32 (054ba4a208c7aaf4f787e4f5466755e6) C:\Windows\system32\DRIVERS\NETw5v32.sys
09:58:01.0114 2816 NETw5v32 - ok
09:58:01.0270 2816 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
09:58:01.0285 2816 nfrd960 - ok
09:58:01.0332 2816 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
09:58:01.0379 2816 Npfs - ok
09:58:01.0441 2816 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
09:58:01.0504 2816 nsiproxy - ok
09:58:01.0644 2816 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
09:58:01.0707 2816 Ntfs - ok
09:58:01.0753 2816 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
09:58:01.0816 2816 ntrigdigi - ok
09:58:01.0909 2816 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
09:58:01.0956 2816 Null - ok
09:58:01.0987 2816 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
09:58:02.0003 2816 nvraid - ok
09:58:02.0034 2816 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
09:58:02.0034 2816 nvstor - ok
09:58:02.0081 2816 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
09:58:02.0081 2816 nv_agp - ok
09:58:02.0097 2816 NwlnkFlt - ok
09:58:02.0112 2816 NwlnkFwd - ok
09:58:02.0253 2816 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
09:58:02.0284 2816 ohci1394 - ok
09:58:02.0346 2816 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
09:58:02.0393 2816 Parport - ok
09:58:02.0455 2816 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
09:58:02.0471 2816 partmgr - ok
09:58:02.0502 2816 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
09:58:02.0565 2816 Parvdm - ok
09:58:02.0705 2816 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
09:58:02.0721 2816 pci - ok
09:58:02.0736 2816 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
09:58:02.0752 2816 pciide - ok
09:58:02.0783 2816 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
09:58:02.0799 2816 pcmcia - ok
09:58:02.0877 2816 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
09:58:03.0064 2816 PEAUTH - ok
09:58:03.0220 2816 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
09:58:03.0251 2816 PptpMiniport - ok
09:58:03.0298 2816 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
09:58:03.0360 2816 Processor - ok
09:58:03.0438 2816 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
09:58:03.0469 2816 PSched - ok
09:58:03.0579 2816 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
09:58:03.0641 2816 ql2300 - ok
09:58:03.0672 2816 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
09:58:03.0688 2816 ql40xx - ok
09:58:03.0750 2816 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
09:58:03.0781 2816 QWAVEdrv - ok
09:58:03.0891 2816 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
09:58:03.0906 2816 RasAcd - ok
09:58:03.0969 2816 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:04.0015 2816 Rasl2tp - ok
09:58:04.0093 2816 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:04.0125 2816 RasPppoe - ok
09:58:04.0234 2816 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
09:58:04.0249 2816 RasSstp - ok
09:58:04.0327 2816 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
09:58:04.0359 2816 rdbss - ok
09:58:04.0405 2816 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:04.0437 2816 RDPCDD - ok
09:58:04.0499 2816 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
09:58:04.0577 2816 rdpdr - ok
09:58:04.0655 2816 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
09:58:04.0686 2816 RDPENCDD - ok
09:58:04.0749 2816 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
09:58:04.0795 2816 RDPWD - ok
09:58:04.0873 2816 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
09:58:04.0889 2816 rimmptsk - ok
09:58:04.0967 2816 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
09:58:04.0998 2816 rimsptsk - ok
09:58:05.0045 2816 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
09:58:05.0076 2816 rismxdp - ok
09:58:05.0123 2816 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
09:58:05.0154 2816 rspndr - ok
09:58:05.0263 2816 s616bus (ef4b5a8d53f15cb269469dd4e4bb0109) C:\Windows\system32\DRIVERS\s616bus.sys
09:58:05.0279 2816 s616bus - ok
09:58:05.0310 2816 s616mdfl (96187731eefcf83e844bc1ce6617aaeb) C:\Windows\system32\DRIVERS\s616mdfl.sys
09:58:05.0310 2816 s616mdfl - ok
09:58:05.0341 2816 s616mdm (d2dd87368bfecfa099e50dc120f3f513) C:\Windows\system32\DRIVERS\s616mdm.sys
09:58:05.0357 2816 s616mdm - ok
09:58:05.0388 2816 s616mgmt (5f0be24e4d4fa134b0b2fef35d3a9d90) C:\Windows\system32\DRIVERS\s616mgmt.sys
09:58:05.0404 2816 s616mgmt - ok
09:58:05.0419 2816 s616nd5 (b9b507fcc67e204ef38e05ffd4176345) C:\Windows\system32\DRIVERS\s616nd5.sys
09:58:05.0435 2816 s616nd5 - ok
09:58:05.0529 2816 s616obex (f123a1f2a04a0e8dba80b64f0072475a) C:\Windows\system32\DRIVERS\s616obex.sys
09:58:05.0529 2816 s616obex - ok
09:58:05.0560 2816 s616unic (e7e55048ebd5c17bfa791b4a6ec3d54b) C:\Windows\system32\DRIVERS\s616unic.sys
09:58:05.0560 2816 s616unic - ok
09:58:05.0607 2816 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
09:58:05.0607 2816 sbp2port - ok
09:58:05.0700 2816 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
09:58:05.0731 2816 sdbus - ok
09:58:05.0794 2816 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:58:05.0856 2816 secdrv - ok
09:58:05.0887 2816 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
09:58:05.0965 2816 Serenum - ok
09:58:06.0012 2816 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
09:58:06.0075 2816 Serial - ok
09:58:06.0121 2816 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
09:58:06.0153 2816 sermouse - ok
09:58:06.0277 2816 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
09:58:06.0293 2816 sffdisk - ok
09:58:06.0340 2816 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
09:58:06.0402 2816 sffp_mmc - ok
09:58:06.0465 2816 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:58:06.0480 2816 sffp_sd - ok
09:58:06.0558 2816 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
09:58:06.0636 2816 sfloppy - ok
09:58:06.0683 2816 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
09:58:06.0683 2816 sisagp - ok
09:58:06.0730 2816 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
09:58:06.0745 2816 SiSRaid2 - ok
09:58:06.0761 2816 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
09:58:06.0777 2816 SiSRaid4 - ok
09:58:06.0855 2816 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
09:58:06.0901 2816 Smb - ok
09:58:07.0011 2816 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
09:58:07.0026 2816 spldr - ok
09:58:07.0104 2816 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
09:58:07.0151 2816 srv - ok
09:58:07.0198 2816 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
09:58:07.0260 2816 srv2 - ok
09:58:07.0354 2816 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
09:58:07.0385 2816 srvnet - ok
09:58:07.0479 2816 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
09:58:07.0494 2816 swenum - ok
09:58:07.0541 2816 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
09:58:07.0541 2816 Symc8xx - ok
09:58:07.0619 2816 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
09:58:07.0635 2816 Sym_hi - ok
09:58:07.0666 2816 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
09:58:07.0666 2816 Sym_u3 - ok
09:58:07.0713 2816 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys
09:58:07.0728 2816 SynTP - ok
09:58:07.0853 2816 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
09:58:08.0009 2816 Tcpip - ok
09:58:08.0181 2816 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
09:58:08.0352 2816 Tcpip6 - ok
09:58:08.0399 2816 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
09:58:08.0461 2816 tcpipreg - ok
09:58:08.0602 2816 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
09:58:08.0649 2816 TDPIPE - ok
09:58:08.0680 2816 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
09:58:08.0727 2816 TDTCP - ok
09:58:08.0805 2816 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
09:58:08.0836 2816 tdx - ok
09:58:08.0945 2816 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
09:58:08.0961 2816 TermDD - ok
09:58:09.0039 2816 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:09.0085 2816 tssecsrv - ok
09:58:09.0179 2816 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
09:58:09.0226 2816 tunmp - ok
09:58:09.0304 2816 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
09:58:09.0319 2816 tunnel - ok
09:58:09.0351 2816 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
09:58:09.0366 2816 uagp35 - ok
09:58:09.0444 2816 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
09:58:09.0475 2816 udfs - ok
09:58:09.0507 2816 UIUSys - ok
09:58:09.0585 2816 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
09:58:09.0600 2816 uliagpkx - ok
09:58:09.0647 2816 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
09:58:09.0663 2816 uliahci - ok
09:58:09.0709 2816 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
09:58:09.0709 2816 UlSata - ok
09:58:09.0741 2816 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
09:58:09.0756 2816 ulsata2 - ok
09:58:09.0865 2816 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
09:58:09.0897 2816 umbus - ok
09:58:09.0959 2816 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
09:58:09.0990 2816 USBAAPL - ok
09:58:10.0037 2816 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:10.0068 2816 usbccgp - ok
09:58:10.0162 2816 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
09:58:10.0224 2816 usbcir - ok
09:58:10.0287 2816 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
09:58:10.0318 2816 usbehci - ok
09:58:10.0396 2816 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
09:58:10.0443 2816 usbhub - ok
09:58:10.0521 2816 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
09:58:10.0567 2816 usbohci - ok
09:58:10.0599 2816 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
09:58:10.0661 2816 usbprint - ok
09:58:10.0739 2816 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:10.0786 2816 USBSTOR - ok
09:58:10.0895 2816 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
09:58:10.0942 2816 usbuhci - ok
09:58:11.0020 2816 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
09:58:11.0051 2816 usbvideo - ok
09:58:11.0145 2816 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:11.0207 2816 vga - ok
09:58:11.0254 2816 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
09:58:11.0301 2816 VgaSave - ok
09:58:11.0332 2816 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
09:58:11.0347 2816 viaagp - ok
09:58:11.0379 2816 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
09:58:11.0425 2816 ViaC7 - ok
09:58:11.0519 2816 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
09:58:11.0535 2816 viaide - ok
09:58:11.0597 2816 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
09:58:11.0613 2816 volmgr - ok
09:58:11.0691 2816 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
09:58:11.0722 2816 volmgrx - ok
09:58:11.0831 2816 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
09:58:11.0847 2816 volsnap - ok
09:58:11.0878 2816 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
09:58:11.0893 2816 vsmraid - ok
09:58:11.0940 2816 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
09:58:12.0018 2816 WacomPen - ok
09:58:12.0127 2816 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:58:12.0174 2816 Wanarp - ok
09:58:12.0190 2816 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:58:12.0221 2816 Wanarpv6 - ok
09:58:12.0268 2816 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
09:58:12.0283 2816 Wd - ok
09:58:12.0315 2816 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
09:58:12.0361 2816 WDC_SAM - ok
09:58:12.0486 2816 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
09:58:12.0517 2816 Wdf01000 - ok
09:58:12.0627 2816 winachsf (3b4522d0e750bac8fe7ae61622a57014) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:58:12.0689 2816 winachsf - ok
09:58:12.0829 2816 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:58:12.0861 2816 WmiAcpi - ok
09:58:12.0939 2816 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
09:58:12.0985 2816 ws2ifsl - ok
09:58:13.0048 2816 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:13.0079 2816 WUDFRd - ok
09:58:13.0188 2816 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
09:58:13.0188 2816 XAudio - ok
09:58:13.0219 2816 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
09:58:13.0344 2816 \Device\Harddisk0\DR0 - ok
09:58:13.0360 2816 Boot (0x1200) (716ce770b82920b2512ea1144ccd75c1) \Device\Harddisk0\DR0\Partition0
09:58:13.0360 2816 \Device\Harddisk0\DR0\Partition0 - ok
09:58:13.0360 2816 Boot (0x1200) (68747b882e784c2b11cc0f525e92c000) \Device\Harddisk0\DR0\Partition1
09:58:13.0360 2816 \Device\Harddisk0\DR0\Partition1 - ok
09:58:13.0360 2816 ============================================================
09:58:13.0360 2816 Scan finished
09:58:13.0360 2816 ============================================================
09:58:13.0375 2508 Detected object count: 2
09:58:13.0375 2508 Actual detected object count: 2
09:58:47.0508 2508 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:47.0508 2508 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:47.0508 2508 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:47.0508 2508 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip


I would prefer NOT to run ComboFix because I've read other posts where ComboFix really messes up the computer more than the virus did. I updated MBAM right before running the program. I could not enable my Microsoft Firewall, because it said of "unknown settings". DeFogger did not disable anything because I believe it didn't find any CD emulation programs.

I attached the Attach.txt from the DDS run.

Please help!

Thanks.

Attached Files



BC AdBot (Login to Remove)

 


#2 darhay

darhay
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:52 PM

Posted 29 December 2011 - 02:56 PM

Oh also, this is happening after I removed a slew of malware programs, like Vista Antivirus 2012 and Vista Home Security 2012 using MBAM. I haven't had any problems from those recently, but it seems like I have an extremely NOT secure computer.

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:52 PM

Posted 03 January 2012 - 02:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/435206 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 darhay

darhay
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:52 PM

Posted 04 January 2012 - 10:45 PM

I'm still having the same problem. When I google something, and then click on a result, it will redirect me to some other website.

I tried running GMER, but I got the blue screen of death. I tried running it in safe mode, and I again got the blue screen of death. So I'm giving you a TDSSkiller log instead. I checked all four boxes in "Change Parameters" and I chose "Skip" for the 2 threats it found.

DDS log:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26
Run by ddl at 19:37:34 on 2012-01-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.304 [GMT -8:00]
.
.
============== Running Processes ===============
.
c:\windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
c:\windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Darhay\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Darhay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://webmail.andrew.cmu.edu/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Aim6]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\darhay\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "c:\users\darhay\appdata\local\akamai\netsession_win.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\darhay\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5D397078-D39D-4699-93C7-15D8C45D702E} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\darhay\appdata\roaming\mozilla\firefox\profiles\7opw9qfk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\users\darhay\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\darhay\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\darhay\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-9-19 21504]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-1-25 24652]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-11-17 4247552]
S2 NecUsb;USB Service;c:\windows\system32\svchost.exe -k NecUsbSevice [2008-9-19 21504]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-12-24 05:41:10 -------- d-----w- c:\users\darhay\appdata\roaming\Malwarebytes
2011-12-24 05:39:53 -------- d-----w- c:\programdata\Malwarebytes
2011-12-24 05:39:40 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-24 05:39:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-23 23:17:50 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-23 23:17:42 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-23 23:17:30 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-23 23:11:01 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-11-04 14:54:57 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-20 15:55:43 834048 ----a-w- c:\windows\system32\wininet.dll
2011-10-20 14:08:44 389632 ----a-w- c:\windows\system32\html.iec
2011-10-10 00:33:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 19:41:09.60 ===============


TDSSkiller log:

19:32:40.0458 2132 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
19:32:40.0973 2132 ============================================================
19:32:40.0973 2132 Current date / time: 2012/01/04 19:32:40.0973
19:32:40.0973 2132 SystemInfo:
19:32:40.0973 2132
19:32:40.0973 2132 OS Version: 6.0.6002 ServicePack: 2.0
19:32:40.0973 2132 Product type: Workstation
19:32:40.0973 2132 ComputerName: DARHAY-PC
19:32:40.0973 2132 UserName: ddl
19:32:40.0973 2132 Windows directory: C:\Windows
19:32:40.0973 2132 System windows directory: C:\Windows
19:32:40.0973 2132 Processor architecture: Intel x86
19:32:40.0973 2132 Number of processors: 2
19:32:40.0973 2132 Page size: 0x1000
19:32:40.0973 2132 Boot type: Normal boot
19:32:40.0973 2132 ============================================================
19:32:42.0923 2132 Initialize success
19:32:57.0743 2980 ============================================================
19:32:57.0743 2980 Scan started
19:32:57.0743 2980 Mode: Manual; SigCheck; TDLFS;
19:32:57.0743 2980 ============================================================
19:33:07.0649 2980 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:33:07.0758 2980 ACPI - ok
19:33:07.0821 2980 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:33:07.0852 2980 adp94xx - ok
19:33:07.0883 2980 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:33:07.0899 2980 adpahci - ok
19:33:07.0977 2980 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:33:07.0992 2980 adpu160m - ok
19:33:08.0023 2980 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:33:08.0039 2980 adpu320 - ok
19:33:08.0133 2980 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:33:08.0242 2980 AFD - ok
19:33:08.0429 2980 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:33:08.0445 2980 agp440 - ok
19:33:08.0491 2980 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:33:08.0491 2980 aic78xx - ok
19:33:08.0554 2980 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:33:08.0569 2980 aliide - ok
19:33:08.0663 2980 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:33:08.0663 2980 amdagp - ok
19:33:08.0710 2980 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:33:08.0710 2980 amdide - ok
19:33:08.0741 2980 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:33:08.0959 2980 AmdK7 - ok
19:33:09.0053 2980 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:33:09.0193 2980 AmdK8 - ok
19:33:09.0271 2980 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:33:09.0287 2980 arc - ok
19:33:09.0568 2980 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:33:09.0568 2980 arcsas - ok
19:33:09.0646 2980 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:33:09.0833 2980 AsyncMac - ok
19:33:09.0973 2980 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:33:09.0989 2980 atapi - ok
19:33:10.0083 2980 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
19:33:10.0161 2980 BCM43XV - ok
19:33:10.0379 2980 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:33:10.0613 2980 Beep - ok
19:33:10.0691 2980 blbdrive - ok
19:33:10.0800 2980 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:33:10.0831 2980 bowser - ok
19:33:10.0894 2980 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:33:11.0003 2980 BrFiltLo - ok
19:33:11.0081 2980 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:33:11.0112 2980 BrFiltUp - ok
19:33:11.0175 2980 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:33:11.0237 2980 Brserid - ok
19:33:11.0284 2980 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:33:11.0346 2980 BrSerWdm - ok
19:33:11.0611 2980 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:33:11.0705 2980 BrUsbMdm - ok
19:33:12.0048 2980 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:33:12.0173 2980 BrUsbSer - ok
19:33:12.0267 2980 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:33:12.0329 2980 BTHMODEM - ok
19:33:12.0501 2980 BVRPMPR5 (51b327292408b5f3a42e295bce055859) C:\Windows\system32\drivers\BVRPMPR5.SYS
19:33:12.0516 2980 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
19:33:12.0516 2980 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
19:33:12.0579 2980 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:33:12.0688 2980 cdfs - ok
19:33:12.0953 2980 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:33:13.0015 2980 cdrom - ok
19:33:13.0062 2980 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:33:13.0125 2980 circlass - ok
19:33:13.0249 2980 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:33:13.0265 2980 CLFS - ok
19:33:13.0374 2980 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:33:13.0452 2980 CmBatt - ok
19:33:13.0530 2980 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:33:13.0546 2980 cmdide - ok
19:33:13.0608 2980 CnxtHdAudService (a4d44ab8423791db757b38150ec599a4) C:\Windows\system32\drivers\CHDRT32.sys
19:33:13.0655 2980 CnxtHdAudService - ok
19:33:13.0795 2980 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:33:13.0795 2980 Compbatt - ok
19:33:13.0842 2980 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:33:13.0842 2980 crcdisk - ok
19:33:13.0873 2980 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:33:13.0951 2980 Crusoe - ok
19:33:14.0029 2980 DfsC (2c5fd2b46c4e073edde9f70187ba70d4) C:\Windows\system32\Drivers\dfsc.sys
19:33:14.0045 2980 DfsC ( UnsignedFile.Multi.Generic ) - warning
19:33:14.0045 2980 DfsC - detected UnsignedFile.Multi.Generic (1)
19:33:14.0217 2980 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:33:14.0217 2980 disk - ok
19:33:14.0295 2980 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:33:14.0341 2980 drmkaud - ok
19:33:14.0451 2980 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
19:33:14.0560 2980 DXGKrnl - ok
19:33:14.0685 2980 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\Windows\system32\DRIVERS\e100b325.sys
19:33:14.0716 2980 E100B - ok
19:33:14.0778 2980 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:33:14.0841 2980 E1G60 - ok
19:33:14.0903 2980 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
19:33:14.0950 2980 eabfiltr - ok
19:33:15.0137 2980 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:33:15.0153 2980 Ecache - ok
19:33:15.0231 2980 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:33:15.0246 2980 elxstor - ok
19:33:15.0340 2980 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:33:15.0371 2980 exfat - ok
19:33:15.0511 2980 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:33:15.0558 2980 fastfat - ok
19:33:15.0605 2980 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:33:15.0714 2980 fdc - ok
19:33:15.0792 2980 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:33:15.0792 2980 FileInfo - ok
19:33:15.0886 2980 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:33:15.0917 2980 Filetrace - ok
19:33:15.0964 2980 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:33:16.0042 2980 flpydisk - ok
19:33:16.0120 2980 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:33:16.0135 2980 FltMgr - ok
19:33:16.0167 2980 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:33:16.0213 2980 Fs_Rec - ok
19:33:16.0307 2980 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:33:16.0323 2980 gagp30kx - ok
19:33:16.0416 2980 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:33:16.0416 2980 GEARAspiWDM - ok
19:33:16.0557 2980 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys
19:33:16.0572 2980 HBtnKey - ok
19:33:16.0635 2980 HdAudAddService (3aeee05bb25b8cc72b6e9aec0e6f394b) C:\Windows\system32\drivers\CHDART.sys
19:33:16.0666 2980 HdAudAddService - ok
19:33:16.0806 2980 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:33:16.0853 2980 HDAudBus - ok
19:33:16.0884 2980 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:33:16.0947 2980 HidBth - ok
19:33:16.0978 2980 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:33:17.0056 2980 HidIr - ok
19:33:17.0196 2980 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:33:17.0243 2980 HidUsb - ok
19:33:17.0305 2980 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:33:17.0305 2980 HpCISSs - ok
19:33:17.0368 2980 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:33:17.0446 2980 HSFHWAZL - ok
19:33:17.0617 2980 HSF_DPV (0d7a055a840c3099c37d576573a42cd5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:33:17.0711 2980 HSF_DPV - ok
19:33:17.0758 2980 HSXHWAZL (bcc074692882c056b0e1ac97f3331a02) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:33:17.0789 2980 HSXHWAZL - ok
19:33:17.0898 2980 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:33:18.0132 2980 HTTP - ok
19:33:18.0413 2980 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:33:18.0491 2980 i2omp - ok
19:33:18.0787 2980 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:33:18.0834 2980 i8042prt - ok
19:33:18.0959 2980 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:33:19.0193 2980 ialm - ok
19:33:19.0287 2980 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:33:19.0302 2980 iaStorV - ok
19:33:19.0443 2980 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:33:19.0786 2980 igfx - ok
19:33:19.0911 2980 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:33:19.0911 2980 iirsp - ok
19:33:19.0973 2980 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:33:19.0973 2980 intelide - ok
19:33:20.0035 2980 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:33:20.0082 2980 intelppm - ok
19:33:20.0363 2980 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:33:20.0425 2980 IpFilterDriver - ok
19:33:20.0675 2980 IpInIp - ok
19:33:20.0862 2980 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:33:20.0956 2980 IPMIDRV - ok
19:33:21.0377 2980 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:33:21.0471 2980 IPNAT - ok
19:33:21.0829 2980 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:33:21.0876 2980 IRENUM - ok
19:33:22.0204 2980 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:33:22.0219 2980 isapnp - ok
19:33:22.0781 2980 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:33:22.0812 2980 iScsiPrt - ok
19:33:22.0921 2980 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:33:22.0953 2980 iteatapi - ok
19:33:23.0031 2980 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:33:23.0046 2980 iteraid - ok
19:33:23.0280 2980 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:33:23.0296 2980 kbdclass - ok
19:33:23.0452 2980 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:33:23.0514 2980 kbdhid - ok
19:33:23.0889 2980 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
19:33:24.0013 2980 KSecDD - ok
19:33:24.0279 2980 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:33:24.0325 2980 lltdio - ok
19:33:24.0497 2980 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:33:24.0575 2980 LSI_FC - ok
19:33:24.0871 2980 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:33:24.0887 2980 LSI_SAS - ok
19:33:24.0918 2980 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:33:24.0934 2980 LSI_SCSI - ok
19:33:25.0012 2980 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:33:25.0090 2980 luafv - ok
19:33:25.0417 2980 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:33:25.0480 2980 mdmxsdk - ok
19:33:25.0761 2980 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:33:25.0761 2980 megasas - ok
19:33:26.0166 2980 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:33:26.0260 2980 Modem - ok
19:33:26.0681 2980 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:33:26.0743 2980 monitor - ok
19:33:26.0931 2980 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:33:26.0946 2980 mouclass - ok
19:33:27.0087 2980 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:33:27.0133 2980 mouhid - ok
19:33:27.0352 2980 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:33:27.0383 2980 MountMgr - ok
19:33:27.0555 2980 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:33:27.0570 2980 mpio - ok
19:33:27.0757 2980 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:33:27.0804 2980 mpsdrv - ok
19:33:28.0101 2980 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:33:28.0116 2980 Mraid35x - ok
19:33:28.0319 2980 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:33:28.0413 2980 MRxDAV - ok
19:33:28.0647 2980 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:33:28.0709 2980 mrxsmb - ok
19:33:28.0990 2980 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:33:29.0052 2980 mrxsmb10 - ok
19:33:29.0161 2980 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:33:29.0208 2980 mrxsmb20 - ok
19:33:29.0614 2980 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
19:33:29.0676 2980 msahci - ok
19:33:30.0051 2980 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:33:30.0082 2980 msdsm - ok
19:33:30.0207 2980 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:33:30.0238 2980 Msfs - ok
19:33:30.0331 2980 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:33:30.0331 2980 msisadrv - ok
19:33:30.0456 2980 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:33:30.0503 2980 MSKSSRV - ok
19:33:30.0597 2980 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:33:30.0628 2980 MSPCLOCK - ok
19:33:30.0675 2980 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:33:30.0721 2980 MSPQM - ok
19:33:31.0002 2980 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:33:31.0018 2980 MsRPC - ok
19:33:31.0096 2980 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:33:31.0096 2980 mssmbios - ok
19:33:31.0423 2980 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:33:31.0486 2980 MSTEE - ok
19:33:31.0642 2980 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:33:31.0657 2980 Mup - ok
19:33:31.0798 2980 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:33:31.0845 2980 NativeWifiP - ok
19:33:31.0954 2980 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:33:31.0985 2980 NDIS - ok
19:33:32.0094 2980 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:33:32.0141 2980 NdisTapi - ok
19:33:32.0188 2980 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:33:32.0235 2980 Ndisuio - ok
19:33:32.0328 2980 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:33:32.0344 2980 NdisWan - ok
19:33:32.0437 2980 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:33:32.0453 2980 NDProxy - ok
19:33:32.0531 2980 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:33:32.0578 2980 NetBIOS - ok
19:33:32.0687 2980 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:33:32.0765 2980 netbt - ok
19:33:32.0983 2980 NETw3v32 (ea30bd026a7d1b745a37516880c4ac1b) C:\Windows\system32\DRIVERS\NETw3v32.sys
19:33:33.0093 2980 NETw3v32 - ok
19:33:33.0373 2980 NETw5v32 (054ba4a208c7aaf4f787e4f5466755e6) C:\Windows\system32\DRIVERS\NETw5v32.sys
19:33:33.0685 2980 NETw5v32 - ok
19:33:33.0841 2980 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:33:33.0857 2980 nfrd960 - ok
19:33:33.0919 2980 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:33:33.0951 2980 Npfs - ok
19:33:34.0013 2980 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:33:34.0075 2980 nsiproxy - ok
19:33:34.0200 2980 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:33:34.0263 2980 Ntfs - ok
19:33:34.0325 2980 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:33:34.0403 2980 ntrigdigi - ok
19:33:34.0481 2980 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:33:34.0512 2980 Null - ok
19:33:34.0543 2980 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:33:34.0559 2980 nvraid - ok
19:33:34.0590 2980 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:33:34.0590 2980 nvstor - ok
19:33:34.0668 2980 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:33:34.0684 2980 nv_agp - ok
19:33:34.0699 2980 NwlnkFlt - ok
19:33:34.0731 2980 NwlnkFwd - ok
19:33:34.0777 2980 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:33:34.0809 2980 ohci1394 - ok
19:33:34.0887 2980 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:33:34.0949 2980 Parport - ok
19:33:35.0011 2980 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:33:35.0027 2980 partmgr - ok
19:33:35.0074 2980 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:33:35.0136 2980 Parvdm - ok
19:33:35.0261 2980 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:33:35.0277 2980 pci - ok
19:33:35.0401 2980 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
19:33:35.0417 2980 pciide - ok
19:33:35.0573 2980 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:33:35.0589 2980 pcmcia - ok
19:33:35.0682 2980 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:33:35.0838 2980 PEAUTH - ok
19:33:35.0932 2980 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:33:35.0963 2980 PptpMiniport - ok
19:33:36.0025 2980 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:33:36.0088 2980 Processor - ok
19:33:36.0166 2980 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:33:36.0213 2980 PSched - ok
19:33:36.0291 2980 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:33:36.0353 2980 ql2300 - ok
19:33:36.0431 2980 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:33:36.0447 2980 ql40xx - ok
19:33:36.0509 2980 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:33:36.0540 2980 QWAVEdrv - ok
19:33:36.0603 2980 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:33:36.0634 2980 RasAcd - ok
19:33:36.0696 2980 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:33:36.0821 2980 Rasl2tp - ok
19:33:36.0946 2980 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:33:36.0977 2980 RasPppoe - ok
19:33:37.0055 2980 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:33:37.0086 2980 RasSstp - ok
19:33:37.0149 2980 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:33:37.0180 2980 rdbss - ok
19:33:37.0227 2980 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:33:37.0273 2980 RDPCDD - ok
19:33:37.0351 2980 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:33:37.0445 2980 rdpdr - ok
19:33:37.0476 2980 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:33:37.0507 2980 RDPENCDD - ok
19:33:37.0585 2980 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:33:37.0632 2980 RDPWD - ok
19:33:37.0773 2980 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:33:37.0882 2980 rimmptsk - ok
19:33:37.0913 2980 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:33:37.0944 2980 rimsptsk - ok
19:33:37.0991 2980 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
19:33:38.0022 2980 rismxdp - ok
19:33:38.0131 2980 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:33:38.0163 2980 rspndr - ok
19:33:38.0225 2980 s616bus (ef4b5a8d53f15cb269469dd4e4bb0109) C:\Windows\system32\DRIVERS\s616bus.sys
19:33:38.0225 2980 s616bus - ok
19:33:38.0272 2980 s616mdfl (96187731eefcf83e844bc1ce6617aaeb) C:\Windows\system32\DRIVERS\s616mdfl.sys
19:33:38.0287 2980 s616mdfl - ok
19:33:38.0319 2980 s616mdm (d2dd87368bfecfa099e50dc120f3f513) C:\Windows\system32\DRIVERS\s616mdm.sys
19:33:38.0319 2980 s616mdm - ok
19:33:38.0397 2980 s616mgmt (5f0be24e4d4fa134b0b2fef35d3a9d90) C:\Windows\system32\DRIVERS\s616mgmt.sys
19:33:38.0412 2980 s616mgmt - ok
19:33:38.0443 2980 s616nd5 (b9b507fcc67e204ef38e05ffd4176345) C:\Windows\system32\DRIVERS\s616nd5.sys
19:33:38.0443 2980 s616nd5 - ok
19:33:38.0521 2980 s616obex (f123a1f2a04a0e8dba80b64f0072475a) C:\Windows\system32\DRIVERS\s616obex.sys
19:33:38.0521 2980 s616obex - ok
19:33:38.0553 2980 s616unic (e7e55048ebd5c17bfa791b4a6ec3d54b) C:\Windows\system32\DRIVERS\s616unic.sys
19:33:38.0568 2980 s616unic - ok
19:33:38.0599 2980 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:33:38.0615 2980 sbp2port - ok
19:33:38.0724 2980 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
19:33:38.0755 2980 sdbus - ok
19:33:38.0849 2980 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:33:38.0911 2980 secdrv - ok
19:33:38.0958 2980 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:33:39.0021 2980 Serenum - ok
19:33:39.0083 2980 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:33:39.0145 2980 Serial - ok
19:33:39.0223 2980 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:33:39.0270 2980 sermouse - ok
19:33:39.0348 2980 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
19:33:39.0379 2980 sffdisk - ok
19:33:39.0426 2980 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:33:39.0473 2980 sffp_mmc - ok
19:33:39.0582 2980 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:33:39.0613 2980 sffp_sd - ok
19:33:39.0645 2980 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:33:39.0723 2980 sfloppy - ok
19:33:39.0769 2980 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:33:39.0801 2980 sisagp - ok
19:33:39.0879 2980 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:33:39.0894 2980 SiSRaid2 - ok
19:33:39.0910 2980 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:33:39.0925 2980 SiSRaid4 - ok
19:33:40.0050 2980 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:33:40.0081 2980 Smb - ok
19:33:40.0175 2980 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:33:40.0191 2980 spldr - ok
19:33:40.0269 2980 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:33:40.0315 2980 srv - ok
19:33:40.0409 2980 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:33:40.0471 2980 srv2 - ok
19:33:40.0549 2980 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:33:40.0596 2980 srvnet - ok
19:33:40.0705 2980 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:33:40.0721 2980 swenum - ok
19:33:40.0752 2980 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:33:40.0768 2980 Symc8xx - ok
19:33:40.0799 2980 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:33:40.0815 2980 Sym_hi - ok
19:33:40.0846 2980 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:33:40.0846 2980 Sym_u3 - ok
19:33:40.0893 2980 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys
19:33:40.0908 2980 SynTP - ok
19:33:41.0049 2980 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:33:41.0095 2980 Tcpip - ok
19:33:41.0142 2980 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:33:41.0173 2980 Tcpip6 - ok
19:33:41.0220 2980 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:33:41.0251 2980 tcpipreg - ok
19:33:41.0314 2980 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:33:41.0361 2980 TDPIPE - ok
19:33:41.0454 2980 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:33:41.0501 2980 TDTCP - ok
19:33:41.0563 2980 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:33:41.0595 2980 tdx - ok
19:33:41.0673 2980 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:33:41.0688 2980 TermDD - ok
19:33:41.0751 2980 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:33:41.0813 2980 tssecsrv - ok
19:33:41.0922 2980 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:33:41.0969 2980 tunmp - ok
19:33:42.0031 2980 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:33:42.0047 2980 tunnel - ok
19:33:42.0078 2980 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:33:42.0094 2980 uagp35 - ok
19:33:42.0203 2980 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:33:42.0219 2980 udfs - ok
19:33:42.0250 2980 UIUSys - ok
19:33:42.0297 2980 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:33:42.0297 2980 uliagpkx - ok
19:33:42.0343 2980 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:33:42.0359 2980 uliahci - ok
19:33:42.0406 2980 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:33:42.0421 2980 UlSata - ok
19:33:42.0484 2980 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:33:42.0499 2980 ulsata2 - ok
19:33:42.0562 2980 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:33:42.0593 2980 umbus - ok
19:33:42.0655 2980 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
19:33:42.0687 2980 USBAAPL - ok
19:33:42.0733 2980 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:33:42.0780 2980 usbccgp - ok
19:33:42.0858 2980 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:33:42.0921 2980 usbcir - ok
19:33:42.0999 2980 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:33:43.0030 2980 usbehci - ok
19:33:43.0108 2980 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:33:43.0139 2980 usbhub - ok
19:33:43.0233 2980 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:33:43.0295 2980 usbohci - ok
19:33:43.0342 2980 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:33:43.0404 2980 usbprint - ok
19:33:43.0467 2980 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:33:43.0513 2980 USBSTOR - ok
19:33:43.0623 2980 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:33:43.0669 2980 usbuhci - ok
19:33:43.0747 2980 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:33:43.0779 2980 usbvideo - ok
19:33:43.0825 2980 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:33:43.0888 2980 vga - ok
19:33:43.0997 2980 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:33:44.0059 2980 VgaSave - ok
19:33:44.0091 2980 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:33:44.0106 2980 viaagp - ok
19:33:44.0137 2980 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:33:44.0200 2980 ViaC7 - ok
19:33:44.0231 2980 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:33:44.0247 2980 viaide - ok
19:33:44.0356 2980 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:33:44.0371 2980 volmgr - ok
19:33:44.0465 2980 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:33:44.0481 2980 volmgrx - ok
19:33:44.0559 2980 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:33:44.0574 2980 volsnap - ok
19:33:44.0605 2980 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:33:44.0621 2980 vsmraid - ok
19:33:44.0699 2980 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:33:44.0777 2980 WacomPen - ok
19:33:44.0933 2980 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:33:44.0964 2980 Wanarp - ok
19:33:44.0980 2980 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:33:44.0995 2980 Wanarpv6 - ok
19:33:45.0042 2980 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:33:45.0058 2980 Wd - ok
19:33:45.0151 2980 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
19:33:45.0183 2980 WDC_SAM - ok
19:33:45.0261 2980 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:33:45.0292 2980 Wdf01000 - ok
19:33:45.0401 2980 winachsf (3b4522d0e750bac8fe7ae61622a57014) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:33:45.0463 2980 winachsf - ok
19:33:45.0604 2980 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:33:45.0666 2980 WmiAcpi - ok
19:33:45.0838 2980 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:33:45.0900 2980 ws2ifsl - ok
19:33:46.0041 2980 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:33:46.0072 2980 WUDFRd - ok
19:33:46.0150 2980 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
19:33:46.0165 2980 XAudio - ok
19:33:46.0181 2980 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
19:33:46.0337 2980 \Device\Harddisk0\DR0 - ok
19:33:46.0353 2980 Boot (0x1200) (716ce770b82920b2512ea1144ccd75c1) \Device\Harddisk0\DR0\Partition0
19:33:46.0353 2980 \Device\Harddisk0\DR0\Partition0 - ok
19:33:46.0353 2980 Boot (0x1200) (68747b882e784c2b11cc0f525e92c000) \Device\Harddisk0\DR0\Partition1
19:33:46.0353 2980 \Device\Harddisk0\DR0\Partition1 - ok
19:33:46.0353 2980 ============================================================
19:33:46.0353 2980 Scan finished
19:33:46.0353 2980 ============================================================
19:33:46.0368 3028 Detected object count: 2
19:33:46.0368 3028 Actual detected object count: 2
19:33:57.0085 3028 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
19:33:57.0085 3028 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:33:57.0085 3028 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
19:33:57.0085 3028 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:52 PM

Posted 05 January 2012 - 12:15 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:52 PM

Posted 08 January 2012 - 01:55 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 darhay

darhay
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:52 PM

Posted 09 January 2012 - 08:57 PM

Sorry I need to back up my data since I hear combo fix ruins computers. Will do shortly

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:52 PM

Posted 09 January 2012 - 09:06 PM

Hello

by all means back up your data - but that is an unfair statement about combofix

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:52 PM

Posted 12 January 2012 - 01:03 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:52 PM

Posted 15 January 2012 - 02:49 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users