Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Vista Infected Gimmeanswers Redirect


  • This topic is locked This topic is locked
10 replies to this topic

#1 earmonkey

earmonkey

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:51 AM

Posted 16 January 2012 - 01:05 AM

I keep getting redirected in Firefox to Gimmeanswers. Thanks for looking at this for me!
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_24
Run by Carrie at 8:53:23 on 2012-01-15
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2938.1388 [GMT -8:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
SP: AVG Anti-Virus Free *Enabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Pantone\huey\hueyTray.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\eInstruction\Device Manager\Launch.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\explorer.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Carrie\Downloads\Defogger.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com?ilc=12&type=937811&fr=spigot-yhp-ie
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople_f08
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.9\youtubedownloaderToolbarIE.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.9\youtubedownloaderToolbarIE.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.9\youtubedownloaderToolbarIE.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {2B171655-A70C-5C18-B693-6CB5DC269D41} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [conhost] c:\users\carrie\appdata\roaming\microsoft\conhost.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [<NO NAME>]
StartupFolder: c:\users\carrie\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\einstr~1.lnk - c:\program files\einstruction\device manager\Launch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hueytray.lnk - c:\program files\pantone\huey\hueyTray.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Winamp Search
IE: E&xport to Microsoft Excel
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: excite.com\www
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo2.walgreens.com/WalgreensActivia.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{00FFFC2E-AF60-49BE-BABA-4336EA89C7FE} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6CB7D6CF-F024-47B7-ADCD-397DC7796FB5} : DhcpNameServer = 10.68.147.250 10.68.147.230 10.68.240.251
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: avgrsstx.dll
Hosts: 66.197.194.231 www.google-analytics.com.
Hosts: 66.197.194.231 ad-emea.doubleclick.net.
Hosts: 66.197.194.231 www.statcounter.com.
Hosts: 69.72.252.254 www.google-analytics.com.
Hosts: 69.72.252.254 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\carrie\appdata\roaming\mozilla\firefox\profiles\44s53y89.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.ftp - 190.69.81.218
FF - prefs.js: network.proxy.ftp_port - 8088
FF - prefs.js: network.proxy.gopher - 190.69.81.218
FF - prefs.js: network.proxy.gopher_port - 8088
FF - prefs.js: network.proxy.http - 190.69.81.218
FF - prefs.js: network.proxy.http_port - 8088
FF - prefs.js: network.proxy.socks - 190.69.81.218
FF - prefs.js: network.proxy.socks_port - 8088
FF - prefs.js: network.proxy.ssl - 190.69.81.218
FF - prefs.js: network.proxy.ssl_port - 8088
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\users\carrie\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\carrie\appdata\roaming\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\users\carrie\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\carrie\appdata\roaming\move networks\plugins\npqmp071701000002.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-4 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-4 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-4 108552]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-8-21 17408]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-8-1 9344]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-6-19 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-29 8320]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2012-01-09 16:58:10 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-09 16:58:10 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-09 16:58:09 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-09 16:58:09 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2011-12-17 06:51:20 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-12-17 06:51:20 -------- d-----w- c:\program files\common files\Spigot
2011-12-17 06:51:20 -------- d-----w- c:\program files\Application Updater
2011-12-17 04:24:20 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c832f330-80e1-434f-9b7b-45477b5a7703}\mpengine.dll
.
==================== Find3M ====================
.
2012-01-31 14:44:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 8:57:18.97 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 17 January 2012 - 12:25 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 20 January 2012 - 02:38 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 earmonkey

earmonkey
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:51 AM

Posted 21 January 2012 - 08:28 PM

I just noticed this response. Sorry. I thought I'd be notified by email. I am preparing to follow your instructions. Thanks!

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 21 January 2012 - 08:57 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 earmonkey

earmonkey
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:51 AM

Posted 22 January 2012 - 06:10 PM

Combofix appears to have been running on the computer now for about 15 hours. The HDD activity light is solid but is it supposed to take this long to run? It is doing nothing else.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 22 January 2012 - 09:31 PM

Hello


Stop it and run this for me

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 earmonkey

earmonkey
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:51 AM

Posted 23 January 2012 - 11:52 PM

TDSSKiller found nothing. Hmmmm...


Log:

0:45:39.0563 4180 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
20:45:40.0124 4180 ============================================================
20:45:40.0124 4180 Current date / time: 2012/01/23 20:45:40.0124
20:45:40.0124 4180 SystemInfo:
20:45:40.0124 4180
20:45:40.0124 4180 OS Version: 6.0.6001 ServicePack: 1.0
20:45:40.0124 4180 Product type: Workstation
20:45:40.0124 4180 ComputerName: SONYLAPTOP
20:45:40.0124 4180 UserName: Carrie
20:45:40.0124 4180 Windows directory: C:\Windows
20:45:40.0124 4180 System windows directory: C:\Windows
20:45:40.0124 4180 Processor architecture: Intel x86
20:45:40.0124 4180 Number of processors: 2
20:45:40.0124 4180 Page size: 0x1000
20:45:40.0124 4180 Boot type: Normal boot
20:45:40.0124 4180 ============================================================
20:45:40.0811 4180 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:45:40.0920 4180 Initialize success
20:47:01.0635 4660 ============================================================
20:47:01.0635 4660 Scan started
20:47:01.0635 4660 Mode: Manual;
20:47:01.0635 4660 ============================================================
20:47:03.0757 4660 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
20:47:03.0773 4660 ACPI - ok
20:47:03.0944 4660 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:47:03.0960 4660 adp94xx - ok
20:47:04.0225 4660 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:47:04.0350 4660 adpahci - ok
20:47:04.0443 4660 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:47:04.0459 4660 adpu160m - ok
20:47:04.0568 4660 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:47:04.0740 4660 adpu320 - ok
20:47:04.0896 4660 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
20:47:04.0911 4660 AFD - ok
20:47:05.0348 4660 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:47:05.0348 4660 agp440 - ok
20:47:05.0504 4660 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:47:05.0520 4660 aic78xx - ok
20:47:05.0582 4660 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:47:05.0598 4660 aliide - ok
20:47:05.0629 4660 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:47:05.0645 4660 amdagp - ok
20:47:05.0676 4660 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:47:05.0691 4660 amdide - ok
20:47:05.0723 4660 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:47:05.0723 4660 AmdK7 - ok
20:47:05.0769 4660 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:47:05.0785 4660 AmdK8 - ok
20:47:06.0097 4660 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:47:06.0113 4660 arc - ok
20:47:06.0347 4660 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:47:06.0347 4660 arcsas - ok
20:47:06.0705 4660 ArcSoftKsUFilter (6b3ab8f67b37402a4174caa45002903e) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:47:06.0721 4660 ArcSoftKsUFilter - ok
20:47:06.0815 4660 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:47:06.0815 4660 AsyncMac - ok
20:47:06.0893 4660 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
20:47:06.0893 4660 atapi - ok
20:47:07.0049 4660 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
20:47:07.0111 4660 athr - ok
20:47:07.0517 4660 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
20:47:07.0532 4660 AVGIDSDriver - ok
20:47:07.0610 4660 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
20:47:07.0610 4660 AVGIDSEH - ok
20:47:07.0673 4660 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
20:47:07.0673 4660 AVGIDSFilter - ok
20:47:07.0704 4660 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
20:47:07.0719 4660 AVGIDSShim - ok
20:47:07.0751 4660 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
20:47:07.0782 4660 Avgldx86 - ok
20:47:07.0813 4660 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:47:07.0829 4660 Avgmfx86 - ok
20:47:07.0969 4660 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:47:07.0985 4660 Avgrkx86 - ok
20:47:08.0156 4660 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
20:47:08.0172 4660 Avgtdix - ok
20:47:08.0468 4660 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:47:08.0468 4660 Beep - ok
20:47:08.0546 4660 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:47:08.0577 4660 blbdrive - ok
20:47:08.0780 4660 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
20:47:08.0796 4660 bowser - ok
20:47:08.0843 4660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:47:08.0874 4660 BrFiltLo - ok
20:47:09.0030 4660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:47:09.0045 4660 BrFiltUp - ok
20:47:09.0311 4660 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:47:09.0326 4660 Brserid - ok
20:47:09.0373 4660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:47:09.0373 4660 BrSerWdm - ok
20:47:09.0420 4660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:47:09.0451 4660 BrUsbMdm - ok
20:47:09.0482 4660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:47:09.0498 4660 BrUsbSer - ok
20:47:09.0576 4660 BthEnum (ae19cfbbba41800f3d5343e21d2ca09f) C:\Windows\system32\DRIVERS\BthEnum.sys
20:47:09.0591 4660 BthEnum - ok
20:47:09.0654 4660 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\Windows\system32\DRIVERS\bthmodem.sys
20:47:09.0654 4660 BTHMODEM - ok
20:47:10.0059 4660 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:47:10.0075 4660 BthPan - ok
20:47:10.0262 4660 BTHPORT (75f19df0bc62992d05fdd8a32d968531) C:\Windows\system32\Drivers\BTHport.sys
20:47:10.0325 4660 BTHPORT - ok
20:47:10.0371 4660 BTHUSB (4ce2a25c5936bc515357d60fee73f221) C:\Windows\system32\Drivers\BTHUSB.sys
20:47:10.0387 4660 BTHUSB - ok
20:47:10.0496 4660 catchme - ok
20:47:10.0605 4660 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:47:10.0621 4660 cdfs - ok
20:47:10.0637 4660 cdrom - ok
20:47:10.0668 4660 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:47:10.0683 4660 circlass - ok
20:47:10.0715 4660 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
20:47:10.0715 4660 CLFS - ok
20:47:10.0855 4660 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:47:10.0855 4660 CmBatt - ok
20:47:11.0198 4660 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:47:11.0198 4660 cmdide - ok
20:47:11.0370 4660 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:47:11.0370 4660 Compbatt - ok
20:47:11.0417 4660 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:47:11.0417 4660 crcdisk - ok
20:47:11.0635 4660 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:47:11.0651 4660 Crusoe - ok
20:47:12.0243 4660 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
20:47:12.0243 4660 DfsC - ok
20:47:12.0680 4660 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
20:47:12.0680 4660 disk - ok
20:47:12.0805 4660 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
20:47:12.0821 4660 DMICall - ok
20:47:12.0992 4660 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:47:12.0992 4660 drmkaud - ok
20:47:13.0382 4660 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
20:47:13.0398 4660 DXGKrnl - ok
20:47:13.0647 4660 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:47:13.0663 4660 E1G60 - ok
20:47:13.0741 4660 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
20:47:13.0757 4660 Ecache - ok
20:47:13.0959 4660 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:47:13.0975 4660 elxstor - ok
20:47:14.0646 4660 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:47:14.0661 4660 ErrDev - ok
20:47:14.0786 4660 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
20:47:14.0802 4660 exfat - ok
20:47:14.0895 4660 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
20:47:14.0895 4660 fastfat - ok
20:47:14.0927 4660 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:47:14.0927 4660 fdc - ok
20:47:15.0005 4660 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:47:15.0005 4660 FileInfo - ok
20:47:15.0051 4660 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:47:15.0051 4660 Filetrace - ok
20:47:15.0083 4660 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:47:15.0098 4660 flpydisk - ok
20:47:15.0114 4660 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
20:47:15.0129 4660 FltMgr - ok
20:47:15.0192 4660 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:47:15.0192 4660 Fs_Rec - ok
20:47:15.0488 4660 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\Windows\system32\drivers\ftdibus.sys
20:47:15.0488 4660 FTDIBUS - ok
20:47:15.0753 4660 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\Windows\system32\drivers\ftser2k.sys
20:47:15.0753 4660 FTSER2K - ok
20:47:15.0831 4660 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:47:15.0847 4660 gagp30kx - ok
20:47:15.0925 4660 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:47:15.0941 4660 GEARAspiWDM - ok
20:47:16.0159 4660 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\Windows\system32\drivers\hardlock.sys
20:47:16.0533 4660 Hardlock - ok
20:47:16.0970 4660 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:47:16.0986 4660 HdAudAddService - ok
20:47:17.0111 4660 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:47:17.0111 4660 HDAudBus - ok
20:47:17.0220 4660 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:47:17.0235 4660 HidBth - ok
20:47:17.0563 4660 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:47:17.0563 4660 HidIr - ok
20:47:17.0719 4660 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
20:47:17.0719 4660 HidUsb - ok
20:47:17.0813 4660 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:47:17.0813 4660 HpCISSs - ok
20:47:17.0922 4660 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:47:17.0922 4660 HSFHWAZL - ok
20:47:18.0234 4660 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:47:18.0249 4660 HSF_DPV - ok
20:47:18.0312 4660 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:47:18.0327 4660 HSXHWAZL - ok
20:47:18.0390 4660 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
20:47:18.0405 4660 HTTP - ok
20:47:18.0499 4660 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:47:18.0499 4660 i2omp - ok
20:47:18.0546 4660 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:47:18.0546 4660 i8042prt - ok
20:47:18.0686 4660 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
20:47:18.0702 4660 iaStor - ok
20:47:18.0795 4660 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:47:18.0795 4660 iaStorV - ok
20:47:18.0951 4660 igfx (ce5ff5d5e3f4ca974e36dc24c15474d0) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:47:19.0014 4660 igfx - ok
20:47:19.0451 4660 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:47:19.0451 4660 iirsp - ok
20:47:19.0794 4660 IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
20:47:19.0872 4660 IntcAzAudAddService - ok
20:47:19.0919 4660 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:47:19.0919 4660 intelide - ok
20:47:20.0028 4660 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:47:20.0028 4660 intelppm - ok
20:47:20.0075 4660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:47:20.0075 4660 IpFilterDriver - ok
20:47:20.0121 4660 IpInIp - ok
20:47:20.0168 4660 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:47:20.0199 4660 IPMIDRV - ok
20:47:20.0402 4660 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:47:20.0418 4660 IPNAT - ok
20:47:20.0621 4660 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:47:20.0636 4660 IRENUM - ok
20:47:20.0730 4660 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:47:20.0730 4660 isapnp - ok
20:47:20.0792 4660 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
20:47:20.0808 4660 iScsiPrt - ok
20:47:20.0855 4660 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:47:20.0855 4660 iteatapi - ok
20:47:20.0886 4660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:47:20.0886 4660 iteraid - ok
20:47:20.0917 4660 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:47:20.0933 4660 kbdclass - ok
20:47:21.0011 4660 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
20:47:21.0026 4660 kbdhid - ok
20:47:21.0104 4660 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
20:47:21.0167 4660 KSecDD - ok
20:47:21.0354 4660 Lbd - ok
20:47:21.0697 4660 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:47:21.0697 4660 lltdio - ok
20:47:22.0103 4660 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:47:22.0103 4660 LSI_FC - ok
20:47:22.0415 4660 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:47:22.0430 4660 LSI_SAS - ok
20:47:22.0617 4660 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:47:22.0617 4660 LSI_SCSI - ok
20:47:22.0773 4660 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:47:22.0789 4660 luafv - ok
20:47:23.0023 4660 MBAMSwissArmy - ok
20:47:23.0101 4660 MCSTRM - ok
20:47:23.0148 4660 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:47:23.0148 4660 mdmxsdk - ok
20:47:23.0351 4660 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:47:23.0351 4660 megasas - ok
20:47:23.0413 4660 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:47:23.0429 4660 MegaSR - ok
20:47:23.0491 4660 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:47:23.0491 4660 Modem - ok
20:47:23.0538 4660 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:47:23.0538 4660 monitor - ok
20:47:23.0616 4660 motccgp (c741717b0a18813dd7d12085937cee72) C:\Windows\system32\DRIVERS\motccgp.sys
20:47:23.0631 4660 motccgp - ok
20:47:23.0663 4660 motccgpfl (b812da6605caf02641312f1f65c75419) C:\Windows\system32\DRIVERS\motccgpfl.sys
20:47:23.0678 4660 motccgpfl - ok
20:47:23.0772 4660 motmodem - ok
20:47:23.0787 4660 motport - ok
20:47:23.0865 4660 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:47:23.0865 4660 mouclass - ok
20:47:24.0302 4660 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:47:24.0318 4660 mouhid - ok
20:47:24.0505 4660 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:47:24.0505 4660 MountMgr - ok
20:47:24.0552 4660 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:47:24.0567 4660 mpio - ok
20:47:24.0599 4660 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:47:24.0599 4660 mpsdrv - ok
20:47:24.0630 4660 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:47:24.0645 4660 Mraid35x - ok
20:47:24.0677 4660 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
20:47:24.0677 4660 MRxDAV - ok
20:47:24.0786 4660 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:47:24.0786 4660 mrxsmb - ok
20:47:24.0864 4660 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:47:24.0879 4660 mrxsmb10 - ok
20:47:24.0911 4660 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:47:24.0911 4660 mrxsmb20 - ok
20:47:24.0973 4660 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
20:47:24.0989 4660 msahci - ok
20:47:25.0051 4660 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:47:25.0051 4660 msdsm - ok
20:47:25.0113 4660 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:47:25.0113 4660 Msfs - ok
20:47:25.0145 4660 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:47:25.0145 4660 msisadrv - ok
20:47:25.0223 4660 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:47:25.0238 4660 MSKSSRV - ok
20:47:25.0597 4660 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:47:25.0613 4660 MSPCLOCK - ok
20:47:25.0769 4660 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:47:25.0769 4660 MSPQM - ok
20:47:25.0847 4660 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
20:47:25.0847 4660 MsRPC - ok
20:47:25.0893 4660 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:47:25.0909 4660 mssmbios - ok
20:47:25.0971 4660 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:47:25.0987 4660 MSTEE - ok
20:47:26.0049 4660 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
20:47:26.0049 4660 Mup - ok
20:47:26.0112 4660 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
20:47:26.0127 4660 NativeWifiP - ok
20:47:26.0205 4660 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
20:47:26.0221 4660 NDIS - ok
20:47:26.0268 4660 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:47:26.0283 4660 NdisTapi - ok
20:47:26.0330 4660 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:47:26.0330 4660 Ndisuio - ok
20:47:26.0377 4660 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
20:47:26.0393 4660 NdisWan - ok
20:47:26.0439 4660 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:47:26.0439 4660 NDProxy - ok
20:47:26.0471 4660 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:47:26.0471 4660 NetBIOS - ok
20:47:26.0673 4660 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
20:47:26.0689 4660 netbt - ok
20:47:27.0001 4660 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
20:47:27.0141 4660 NETw5v32 - ok
20:47:27.0344 4660 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:47:27.0344 4660 nfrd960 - ok
20:47:27.0391 4660 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
20:47:27.0391 4660 Npfs - ok
20:47:27.0469 4660 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:47:27.0469 4660 nsiproxy - ok
20:47:27.0531 4660 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
20:47:27.0547 4660 Ntfs - ok
20:47:27.0687 4660 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:47:27.0703 4660 ntrigdigi - ok
20:47:27.0921 4660 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:47:27.0921 4660 Null - ok
20:47:27.0968 4660 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:47:27.0984 4660 nvraid - ok
20:47:28.0124 4660 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:47:28.0140 4660 nvstor - ok
20:47:28.0265 4660 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:47:28.0265 4660 nv_agp - ok
20:47:28.0343 4660 NwlnkFlt - ok
20:47:28.0343 4660 NwlnkFwd - ok
20:47:28.0389 4660 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
20:47:28.0405 4660 ohci1394 - ok
20:47:28.0499 4660 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:47:28.0499 4660 Parport - ok
20:47:28.0530 4660 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
20:47:28.0530 4660 partmgr - ok
20:47:28.0608 4660 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:47:28.0608 4660 Parvdm - ok
20:47:28.0935 4660 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
20:47:28.0935 4660 pci - ok
20:47:29.0216 4660 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:47:29.0216 4660 pciide - ok
20:47:29.0372 4660 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:47:29.0388 4660 pcmcia - ok
20:47:29.0497 4660 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:47:29.0513 4660 PEAUTH - ok
20:47:29.0778 4660 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:47:29.0778 4660 PptpMiniport - ok
20:47:29.0840 4660 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:47:29.0856 4660 Processor - ok
20:47:30.0183 4660 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
20:47:30.0183 4660 PSched - ok
20:47:30.0917 4660 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
20:47:30.0917 4660 PxHelp20 - ok
20:47:31.0088 4660 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:47:31.0119 4660 ql2300 - ok
20:47:31.0151 4660 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:47:31.0166 4660 ql40xx - ok
20:47:31.0213 4660 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:47:31.0229 4660 QWAVEdrv - ok
20:47:31.0244 4660 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:47:31.0260 4660 RasAcd - ok
20:47:31.0338 4660 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:47:31.0353 4660 Rasl2tp - ok
20:47:31.0385 4660 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
20:47:31.0385 4660 RasPppoe - ok
20:47:31.0478 4660 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
20:47:31.0494 4660 RasSstp - ok
20:47:31.0509 4660 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
20:47:31.0525 4660 rdbss - ok
20:47:31.0541 4660 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:47:31.0541 4660 RDPCDD - ok
20:47:31.0603 4660 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:47:31.0619 4660 rdpdr - ok
20:47:31.0697 4660 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:47:31.0697 4660 RDPENCDD - ok
20:47:31.0790 4660 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
20:47:31.0806 4660 RDPWD - ok
20:47:32.0227 4660 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
20:47:32.0227 4660 regi - ok
20:47:32.0523 4660 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys
20:47:32.0539 4660 RFCOMM - ok
20:47:32.0633 4660 rimsptsk (d0c2a0ce1091e08efb7ccba6cea4c3f9) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:47:32.0648 4660 rimsptsk - ok
20:47:32.0679 4660 RimUsb - ok
20:47:32.0804 4660 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
20:47:32.0820 4660 RimVSerPort - ok
20:47:32.0898 4660 risdptsk (c22e4e27ccdf9aa5fe8143104f28cde3) C:\Windows\system32\DRIVERS\risdptsk.sys
20:47:32.0898 4660 risdptsk - ok
20:47:34.0068 4660 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
20:47:34.0083 4660 ROOTMODEM - ok
20:47:34.0707 4660 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:47:34.0707 4660 rspndr - ok
20:47:35.0051 4660 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:47:35.0051 4660 sbp2port - ok
20:47:35.0207 4660 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
20:47:35.0222 4660 sdbus - ok
20:47:35.0565 4660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:47:35.0565 4660 secdrv - ok
20:47:35.0675 4660 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
20:47:35.0675 4660 Serenum - ok
20:47:35.0737 4660 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:47:35.0737 4660 Serial - ok
20:47:35.0799 4660 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:47:35.0799 4660 sermouse - ok
20:47:36.0143 4660 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
20:47:36.0143 4660 SFEP - ok
20:47:36.0907 4660 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:47:36.0907 4660 sffdisk - ok
20:47:37.0484 4660 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:47:37.0484 4660 sffp_mmc - ok
20:47:37.0578 4660 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:47:37.0593 4660 sffp_sd - ok
20:47:37.0671 4660 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
20:47:37.0687 4660 sfloppy - ok
20:47:37.0765 4660 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:47:37.0781 4660 sisagp - ok
20:47:37.0827 4660 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:47:37.0843 4660 SiSRaid2 - ok
20:47:37.0890 4660 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:47:37.0890 4660 SiSRaid4 - ok
20:47:37.0921 4660 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
20:47:37.0937 4660 Smb - ok
20:47:37.0999 4660 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:47:38.0015 4660 spldr - ok
20:47:38.0139 4660 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
20:47:38.0155 4660 srv - ok
20:47:38.0233 4660 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
20:47:38.0233 4660 srv2 - ok
20:47:38.0264 4660 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
20:47:38.0264 4660 srvnet - ok
20:47:38.0327 4660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:47:38.0327 4660 swenum - ok
20:47:38.0389 4660 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:47:38.0405 4660 Symc8xx - ok
20:47:38.0654 4660 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:47:38.0654 4660 Sym_hi - ok
20:47:38.0826 4660 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:47:38.0826 4660 Sym_u3 - ok
20:47:38.0997 4660 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
20:47:39.0013 4660 SynTP - ok
20:47:39.0169 4660 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
20:47:39.0169 4660 Tcpip - ok
20:47:39.0309 4660 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
20:47:39.0309 4660 Tcpip6 - ok
20:47:39.0559 4660 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
20:47:39.0559 4660 tcpipreg - ok
20:47:39.0606 4660 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:47:39.0621 4660 TDPIPE - ok
20:47:39.0840 4660 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:47:39.0840 4660 TDTCP - ok
20:47:39.0965 4660 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
20:47:39.0980 4660 tdx - ok
20:47:40.0105 4660 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
20:47:40.0121 4660 TermDD - ok
20:47:40.0323 4660 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:47:40.0339 4660 tssecsrv - ok
20:47:40.0370 4660 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:47:40.0386 4660 tunmp - ok
20:47:40.0526 4660 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
20:47:40.0526 4660 tunnel - ok
20:47:40.0635 4660 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:47:40.0651 4660 uagp35 - ok
20:47:40.0713 4660 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
20:47:40.0729 4660 udfs - ok
20:47:40.0854 4660 UIUSys - ok
20:47:40.0979 4660 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:47:40.0994 4660 uliagpkx - ok
20:47:41.0135 4660 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:47:41.0135 4660 uliahci - ok
20:47:41.0275 4660 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:47:41.0275 4660 UlSata - ok
20:47:41.0353 4660 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:47:41.0353 4660 ulsata2 - ok
20:47:41.0415 4660 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:47:41.0431 4660 umbus - ok
20:47:41.0571 4660 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
20:47:41.0571 4660 USBAAPL - ok
20:47:41.0649 4660 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
20:47:41.0649 4660 usbccgp - ok
20:47:42.0445 4660 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:47:42.0445 4660 usbcir - ok
20:47:42.0851 4660 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
20:47:42.0851 4660 usbehci - ok
20:47:43.0194 4660 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
20:47:43.0209 4660 usbhub - ok
20:47:43.0303 4660 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:47:43.0319 4660 usbohci - ok
20:47:43.0365 4660 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:47:43.0365 4660 usbprint - ok
20:47:43.0568 4660 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:47:43.0568 4660 usbscan - ok
20:47:43.0833 4660 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:47:43.0849 4660 USBSTOR - ok
20:47:43.0927 4660 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
20:47:43.0927 4660 usbuhci - ok
20:47:43.0958 4660 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:47:43.0974 4660 usbvideo - ok
20:47:44.0036 4660 usb_rndisx (ee181a08e09db23cf4a49b46a1e66bb8) C:\Windows\system32\DRIVERS\usb8023x.sys
20:47:44.0052 4660 usb_rndisx - ok
20:47:44.0145 4660 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:47:44.0161 4660 vga - ok
20:47:44.0177 4660 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:47:44.0177 4660 VgaSave - ok
20:47:44.0208 4660 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:47:44.0223 4660 viaagp - ok
20:47:44.0270 4660 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:47:44.0286 4660 ViaC7 - ok
20:47:44.0364 4660 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:47:44.0364 4660 viaide - ok
20:47:44.0395 4660 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:47:44.0395 4660 volmgr - ok
20:47:44.0426 4660 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
20:47:44.0426 4660 volmgrx - ok
20:47:44.0457 4660 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
20:47:44.0473 4660 volsnap - ok
20:47:44.0504 4660 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:47:44.0520 4660 vsmraid - ok
20:47:44.0551 4660 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:47:44.0567 4660 WacomPen - ok
20:47:44.0582 4660 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:47:44.0598 4660 Wanarp - ok
20:47:44.0598 4660 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:47:44.0598 4660 Wanarpv6 - ok
20:47:44.0863 4660 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:47:44.0879 4660 Wd - ok
20:47:45.0035 4660 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
20:47:45.0035 4660 WDC_SAM - ok
20:47:45.0128 4660 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:47:45.0128 4660 Wdf01000 - ok
20:47:45.0237 4660 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
20:47:45.0253 4660 WimFltr - ok
20:47:45.0643 4660 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:47:45.0659 4660 winachsf - ok
20:47:45.0830 4660 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
20:47:45.0830 4660 WmiAcpi - ok
20:47:46.0205 4660 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
20:47:46.0205 4660 WpdUsb - ok
20:47:46.0751 4660 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:47:46.0751 4660 ws2ifsl - ok
20:47:47.0515 4660 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:47:47.0531 4660 WUDFRd - ok
20:47:47.0874 4660 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
20:47:47.0889 4660 XAudio - ok
20:47:48.0389 4660 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
20:47:48.0389 4660 yukonwlh - ok
20:47:48.0482 4660 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:47:48.0716 4660 \Device\Harddisk0\DR0 - ok
20:47:48.0716 4660 Boot (0x1200) (cd56cd73de0de49c59bd7b259c54b442) \Device\Harddisk0\DR0\Partition0
20:47:48.0716 4660 \Device\Harddisk0\DR0\Partition0 - ok
20:47:48.0716 4660 ============================================================
20:47:48.0716 4660 Scan finished
20:47:48.0716 4660 ============================================================
20:47:48.0732 4648 Detected object count: 0
20:47:48.0732 4648 Actual detected object count: 0

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 24 January 2012 - 12:20 AM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 26 January 2012 - 11:43 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:51 AM

Posted 29 January 2012 - 11:37 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users