Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wife's PC has Rootkit.ZeroAcess infection


  • This topic is locked This topic is locked
44 replies to this topic

#1 TMS_CT_12

TMS_CT_12

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 12 February 2012 - 08:59 PM

Machine is a DELL Inspiron 6000; Windows XP with SP3. My wife's computer has been off-line since October.

Symptomss:
1. Loss of internet connectivity
2. I ran Combofix and Malware Bytes last week. Combofix popped up a message: "You are infected with Rootkit.ZeroAccess. It has inserted itself into the TCP/IP stack, . . . ."
3. If I open Wireless Network Connection Properties, scroll down the list of items, select TCP/IP and perform an Install - with the "Have Disk" option - and install TCP/IP, I can then connect for a while but not indefinitely.

Thanks in advance for any assistance.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22
Run by Bonnie Stuckart at 16:06:29 on 2012-02-12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.596 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
svchost.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: PBlockHelper Class: {4115122b-85ff-4dd3-9515-f075bede5eb5} - c:\progra~1\netsca~1\netsca~1\pbhelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111011220729.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [Window Washer] c:\program files\webroot\washer\wwDisp.exe
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{CD8B583A-685F-4939-A4FB-5356B3F9CB37} : DhcpNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-16 461864]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-3-16 89624]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-16 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-16 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-16 214904]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-9-28 166024]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-9-28 160344]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-28 148520]
R2 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2010-11-29 615312]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-3-16 57432]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-16 180072]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-16 59288]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-3-16 338040]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-3-16 83688]
RUnknown SASKUTIL;SASKUTIL; [x]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-3-16 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-16 87808]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-4-17 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-4-17 40552]
.
=============== Created Last 30 ================
.
2012-02-12 15:58:28 -------- d-----w- c:\windows\system32\NtmsData
2012-02-06 22:14:53 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2012-02-06 22:14:53 75264 ----a-w- c:\windows\system32\dllcache\ipsec.sys
2012-02-06 21:36:25 98816 ----a-w- c:\windows\sed.exe
2012-02-06 21:36:25 518144 ----a-w- c:\windows\SWREG.exe
2012-02-06 21:36:25 256000 ----a-w- c:\windows\PEV.exe
2012-02-06 21:36:25 208896 ----a-w- c:\windows\MBR.exe
2012-02-05 18:36:26 -------- d-----w- c:\program files\Xirrus
2012-02-05 18:18:09 -------- d-----w- c:\documents and settings\bonnie stuckart\local settings\application data\Downloaded Installations
.
==================== Find3M ====================
.
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 16:08:52.68 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 16 February 2012 - 10:35 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 February 2012 - 07:25 PM

Thanks very much for the response. I ran Combofix as you specified - I had no problems doing that but when it started, a message box popped up that said: "Combofix has detected Rootkit activity and needs to reboot the machine". And then it rebooted. There is no change in the status of my wife's laptop. It does not connect to my wireless network. I am conducting all communications with you via my desktop PC. Thank you.

Combofix log:

ComboFix 12-02-17.02 - Bonnie Stuckart 02/17/2012 18:56:28.13.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.629 [GMT -5:00]
Running from: c:\documents and settings\Bonnie Stuckart\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))
.
.
2012-02-13 02:42 . 2012-02-13 02:42 -------- d-----w- c:\windows\system32\XPSViewer
2012-02-13 02:42 . 2012-02-13 02:42 -------- d-----w- c:\program files\MSBuild
2012-02-13 02:42 . 2012-02-13 02:42 -------- d-----w- c:\program files\Reference Assemblies
2012-02-13 02:41 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-02-13 02:40 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2012-02-13 02:40 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2012-02-13 02:40 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2012-02-13 02:40 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2012-02-13 02:40 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2012-02-13 02:40 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2012-02-13 02:40 . 2012-02-13 02:41 -------- d-----w- C:\a27186e67179c5840f4b19
2012-02-12 15:58 . 2012-02-12 16:01 -------- d-----w- c:\windows\system32\NtmsData
2012-02-06 22:14 . 2008-04-13 19:19 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2012-02-06 22:14 . 2008-04-13 19:19 75264 ----a-w- c:\windows\system32\dllcache\ipsec.sys
2012-02-05 18:36 . 2012-02-05 18:36 -------- d-----w- c:\program files\Xirrus
2012-02-05 18:18 . 2012-02-05 18:18 -------- d-----w- c:\documents and settings\Bonnie Stuckart\Local Settings\Application Data\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 21:57 . 2005-08-16 10:18 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2005-08-16 10:18 1859584 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Window Washer"="c:\program files\Webroot\Washer\wwDisp.exe" [2010-10-14 1629072]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [BU]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-04-04 188416]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 19968]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-10 1317016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-11-27 24576]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-12-29 169472]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2005-09-01 23:24 684032 ----a-w- c:\program files\Dell\QuickSet\quickset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 20:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 16:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
.
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [3/16/2010 5:21 PM 89624]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3/16/2010 5:20 PM 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [3/16/2010 5:20 PM 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [9/28/2011 8:03 PM 160344]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [9/28/2011 8:03 PM 148520]
R2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [11/29/2010 8:15 PM 615312]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [3/16/2010 5:21 PM 57432]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [3/16/2010 5:21 PM 338040]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [3/16/2010 5:21 PM 83688]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [3/16/2010 5:21 PM 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [3/16/2010 5:21 PM 87808]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 21:57]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-17 19:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1548)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1076)
c:\windows\system32\WININET.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKeeper.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Netscape Internet Service\ncupdatesvc.exe
c:\program files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2012-02-17 19:24:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-18 00:24
ComboFix2.txt 2012-02-11 19:48
ComboFix3.txt 2012-02-11 19:06
ComboFix4.txt 2012-02-11 04:17
ComboFix5.txt 2012-02-17 23:37
.
Pre-Run: 13,257,932,800 bytes free
Post-Run: 13,378,179,072 bytes free
.
- - End Of File - - 3E257014B90AC7422748973DF78167CC

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 17 February 2012 - 08:54 PM

Hello

Lets check your internet connection

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure all the boxes are checked
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 February 2012 - 08:42 AM

OK. Thank you. Here's the FSS log:

Farbar Service Scanner Version: 14-02-2012
Ran by Bonnie Stuckart (administrator) on 18-02-2012 at 08:47:40
Running from "C:\Documents and Settings\Bonnie Stuckart\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(22) IWCA(21) mfetdi2k(15) NetBT(5) PSched(19) s24trans(8) Tcpip(3)
0x1700000016000000040000000100000002000000030000000F00000005000000060000000700000008000000090000000A0000000B0000000C0000000D0000000E00000010000000110000001200000013000000140000001500000017000000


**** End of log ****

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 18 February 2012 - 03:41 PM

Hello

here is what I want you to try next

1. Locate the file - C:\Windows\inf\Nettcpip.inf
  • It's important that you first make a copy of the file. Place the copy on your Desktop.
  • Once you have done that, use Notepad open the original file for editing.

Posted Image

2. Locate the [MS_TCPIP.PrimaryInstall] section.

3. Edit the Characteristics = 0xa0 entry and replace 0xa0 with 0×80.

Posted Image

4. Save the file, and then exit Notepad.

Posted Image

5. In Control Panel, double-click Network Connections, right-click Local Area Connection, and then select Properties.

Posted Image Posted Image

6. On the General tab, click Install, select Protocol, and then click Add.

Posted Image

7. In the Select Network Protocols window, click Have Disk.

Posted Image

8. In the Copy manufacturer’s files from: text box, type c:\windows\inf, and then click OK.

Posted Image

9. Select Internet Protocol (TCP/IP), and then click OK.

Posted Image

Note This step will return you to the Local Area Connection Properties screen, but now the Uninstall button is available.

10. Select Internet Protocol (TCP/IP), click Uninstall, and then click Yes.

11. It is important that you restart the computer to complete the uninstall.

------------

Step #2 - Reinstall of TCP/IP

Posted Image

Take the nettcpip.inf which you have earlier copied to Desktop. Move it back to the directory C:\Windows\INF\ overwriting the existing copy. The file shall now look exactly like the sample above.

Redo sub-steps 4-11 to re-install TCP/IP
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 February 2012 - 08:36 PM

OK. I ran that procedure. Since you specified local network connection, I plugged an ethernet cable from the laptop to the wireless modem after running this procedure and I was connected to the internet - Wireless Network is still not connected.

Looks like there's some progress. I appreciate the time you've spent helping me with this so far.

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 18 February 2012 - 08:57 PM

Hello

I would go into the device manager now and uninstall the wireless adapter and restart the computer and let it get reinstalled


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 February 2012 - 10:08 PM

OK. I tried uninstalling the Wireless Network Adapter in my device manager and restarted the PC but it still shows no connection on the wireless. The Local Area Connection is OK. In fact, I'm using that connection on my wife's laptop now to log into this web site. When I select View Available Wireless Networks, I see the network SSID; but when I open the Wireless Network Connection Properties box, and select the tab for Wireless Networks, the list is empty. The only button below the empty list that's enabled is ADD.

So the status right now is: I can connect but only if I do not use my wireless network.

Thank you.

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 18 February 2012 - 10:14 PM

Hello

run FSS again for me please


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 February 2012 - 10:25 PM

Mr. Gringo, Here is the FSS log:


Farbar Service Scanner Version: 14-02-2012
Ran by Bonnie Stuckart (administrator) on 18-02-2012 at 22:37:33
Running from "C:\Documents and Settings\Bonnie Stuckart\Desktop\Cleaning 2-17-2012"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(25) IWCA(21) mfetdi2k(15) NetBT(26) PSched(19) s24trans(8) Tcpip(24)
0x1A0000001900000016000000040000000100000002000000030000000F00000005000000060000000700000008000000090000000A0000000B0000000C0000000D0000000E00000010000000110000001200000013000000140000001500000017000000180000001A000000


**** End of log ****

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 18 February 2012 - 11:54 PM

Hello

I want you to go to the computers website and download any drivers for the wireless and check if it works

make sure the wireless is turned on

check this - http://oit.pdx.edu/use-windows-to-manage-wireless

you can run this first and work on the wireless while waiting for me

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 19 February 2012 - 12:51 PM

Thank you, Senor.

Here is some update information: To update drivers, I went into Network Connections - right-click on Wireless Network Connection - select Properties, and the Properties box came up. When I clicked the Advanced tab, a message box popped up that said, "Adapter State Not Found in Registry". Every time I click the Advanced tab, that message pops up.

I went to the DELL website to download the driver for my Intel® PRO/Wireless 2200BG Network Connection and the file was 78MB (file type was Hard Drive - ??). I went to the Intel website instead and downloaded and installed the driver. File size there was 4.4 MB.

My Wireless Network Connection is currently connected and running - but it was doing that before I loaded the new driver. It has been intermittent sometimes ON and most of the time it's OFF.

I ran tdsskiller and aswMBR. Log files attached here:

11:06:01.0890 2392 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
11:06:03.0343 2392 ============================================================
11:06:03.0343 2392 Current date / time: 2012/02/19 11:06:03.0343
11:06:03.0343 2392 SystemInfo:
11:06:03.0343 2392
11:06:03.0343 2392 OS Version: 5.1.2600 ServicePack: 3.0
11:06:03.0343 2392 Product type: Workstation
11:06:03.0343 2392 ComputerName: BONNIE
11:06:03.0343 2392 UserName: Bonnie Stuckart
11:06:03.0343 2392 Windows directory: C:\WINDOWS
11:06:03.0343 2392 System windows directory: C:\WINDOWS
11:06:03.0343 2392 Processor architecture: Intel x86
11:06:03.0343 2392 Number of processors: 1
11:06:03.0343 2392 Page size: 0x1000
11:06:03.0343 2392 Boot type: Normal boot
11:06:03.0343 2392 ============================================================
11:06:07.0359 2392 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:06:07.0359 2392 \Device\Harddisk0\DR0:
11:06:07.0359 2392 MBR used
11:06:07.0359 2392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x665BAD9
11:06:07.0375 2392 Initialize success
11:06:07.0375 2392 ============================================================
11:06:13.0125 1916 ============================================================
11:06:13.0125 1916 Scan started
11:06:13.0125 1916 Mode: Manual;
11:06:13.0125 1916 ============================================================
11:06:14.0078 1916 Abiosdsk - ok
11:06:14.0140 1916 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:06:14.0140 1916 abp480n5 - ok
11:06:14.0203 1916 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:06:14.0218 1916 ACPI - ok
11:06:14.0265 1916 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:06:14.0265 1916 ACPIEC - ok
11:06:14.0296 1916 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:06:14.0296 1916 adpu160m - ok
11:06:14.0359 1916 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:06:14.0375 1916 aec - ok
11:06:14.0437 1916 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:06:14.0437 1916 AFD - ok
11:06:14.0484 1916 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:06:14.0500 1916 agp440 - ok
11:06:14.0531 1916 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:06:14.0531 1916 agpCPQ - ok
11:06:14.0562 1916 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:06:14.0562 1916 Aha154x - ok
11:06:14.0593 1916 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:06:14.0593 1916 aic78u2 - ok
11:06:14.0640 1916 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:06:14.0640 1916 aic78xx - ok
11:06:14.0687 1916 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:06:14.0687 1916 AliIde - ok
11:06:14.0890 1916 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:06:14.0890 1916 alim1541 - ok
11:06:14.0921 1916 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:06:14.0921 1916 amdagp - ok
11:06:14.0968 1916 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:06:14.0968 1916 amsint - ok
11:06:15.0015 1916 ApfiltrService (aeb775a2bae0f392ba6adc0bb706233a) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:06:15.0015 1916 ApfiltrService - ok
11:06:15.0093 1916 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
11:06:15.0093 1916 APPDRV - ok
11:06:15.0156 1916 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:06:15.0171 1916 Arp1394 - ok
11:06:15.0203 1916 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:06:15.0203 1916 asc - ok
11:06:15.0234 1916 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:06:15.0234 1916 asc3350p - ok
11:06:15.0265 1916 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:06:15.0265 1916 asc3550 - ok
11:06:15.0609 1916 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:06:15.0609 1916 ASCTRM - ok
11:06:15.0656 1916 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:06:15.0656 1916 AsyncMac - ok
11:06:15.0781 1916 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:06:15.0781 1916 atapi - ok
11:06:15.0859 1916 Atdisk - ok
11:06:16.0031 1916 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:06:16.0046 1916 ati2mtag - ok
11:06:16.0140 1916 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:06:16.0140 1916 Atmarpc - ok
11:06:16.0171 1916 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:06:16.0171 1916 audstub - ok
11:06:16.0218 1916 bcm4sbxp (78123f44be9e4768852a3a017e02d637) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
11:06:16.0218 1916 bcm4sbxp - ok
11:06:16.0265 1916 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:06:16.0265 1916 Beep - ok
11:06:16.0312 1916 bvrp_pci - ok
11:06:16.0312 1916 catchme - ok
11:06:16.0359 1916 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:06:16.0359 1916 cbidf - ok
11:06:16.0375 1916 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:06:16.0375 1916 cbidf2k - ok
11:06:16.0421 1916 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:06:16.0421 1916 cd20xrnt - ok
11:06:16.0500 1916 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:06:16.0500 1916 Cdaudio - ok
11:06:16.0546 1916 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:06:16.0546 1916 Cdfs - ok
11:06:16.0671 1916 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:06:16.0671 1916 Cdrom - ok
11:06:16.0796 1916 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys
11:06:16.0812 1916 cfwids - ok
11:06:16.0828 1916 Changer - ok
11:06:16.0906 1916 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:06:16.0906 1916 CmBatt - ok
11:06:16.0953 1916 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:06:16.0953 1916 CmdIde - ok
11:06:17.0000 1916 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:06:17.0000 1916 Compbatt - ok
11:06:17.0062 1916 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:06:17.0062 1916 Cpqarray - ok
11:06:17.0109 1916 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:06:17.0109 1916 dac2w2k - ok
11:06:17.0156 1916 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:06:17.0156 1916 dac960nt - ok
11:06:17.0203 1916 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:06:17.0203 1916 Disk - ok
11:06:17.0265 1916 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:06:17.0296 1916 dmboot - ok
11:06:17.0406 1916 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:06:17.0406 1916 dmio - ok
11:06:17.0453 1916 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:06:17.0453 1916 dmload - ok
11:06:17.0515 1916 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:06:17.0515 1916 DMusic - ok
11:06:17.0578 1916 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:06:17.0593 1916 dot4 - ok
11:06:17.0640 1916 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:06:17.0640 1916 Dot4Print - ok
11:06:17.0703 1916 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:06:17.0703 1916 dot4usb - ok
11:06:17.0765 1916 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:06:17.0765 1916 dpti2o - ok
11:06:17.0812 1916 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:06:17.0812 1916 drmkaud - ok
11:06:17.0875 1916 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
11:06:17.0875 1916 drvmcdb - ok
11:06:17.0921 1916 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
11:06:17.0921 1916 drvnddm - ok
11:06:18.0125 1916 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
11:06:18.0125 1916 DSproct - ok
11:06:18.0234 1916 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
11:06:18.0234 1916 dsunidrv - ok
11:06:18.0281 1916 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:06:18.0281 1916 E100B - ok
11:06:18.0390 1916 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:06:18.0390 1916 Fastfat - ok
11:06:18.0453 1916 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:06:18.0453 1916 Fdc - ok
11:06:18.0500 1916 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:06:18.0500 1916 Fips - ok
11:06:18.0546 1916 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:06:18.0546 1916 Flpydisk - ok
11:06:18.0609 1916 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:06:18.0609 1916 FltMgr - ok
11:06:18.0640 1916 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:06:18.0640 1916 Fs_Rec - ok
11:06:18.0703 1916 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:06:18.0703 1916 Ftdisk - ok
11:06:18.0781 1916 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
11:06:18.0796 1916 GEARAspiWDM - ok
11:06:18.0812 1916 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:06:18.0812 1916 Gpc - ok
11:06:18.0859 1916 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:06:18.0859 1916 HidUsb - ok
11:06:18.0906 1916 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:06:18.0921 1916 hpn - ok
11:06:19.0015 1916 HSFHWICH (140ba850417896b6b3322048de280368) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
11:06:19.0015 1916 HSFHWICH - ok
11:06:19.0156 1916 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
11:06:19.0218 1916 HSF_DP - ok
11:06:19.0312 1916 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:06:19.0328 1916 HTTP - ok
11:06:19.0421 1916 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:06:19.0421 1916 i2omgmt - ok
11:06:19.0468 1916 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:06:19.0468 1916 i2omp - ok
11:06:19.0515 1916 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
11:06:19.0515 1916 i8042prt - ok
11:06:19.0625 1916 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:06:19.0625 1916 Imapi - ok
11:06:19.0703 1916 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:06:19.0718 1916 ini910u - ok
11:06:19.0781 1916 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:06:19.0781 1916 IntelIde - ok
11:06:19.0843 1916 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:06:19.0843 1916 intelppm - ok
11:06:19.0890 1916 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:06:19.0890 1916 Ip6Fw - ok
11:06:19.0937 1916 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:06:19.0937 1916 IpFilterDriver - ok
11:06:19.0984 1916 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:06:19.0984 1916 IpInIp - ok
11:06:20.0046 1916 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:06:20.0046 1916 IpNat - ok
11:06:20.0156 1916 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:06:20.0156 1916 IPSec - ok
11:06:20.0218 1916 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:06:20.0218 1916 IRENUM - ok
11:06:20.0281 1916 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:06:20.0296 1916 isapnp - ok
11:06:20.0390 1916 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
11:06:20.0390 1916 IWCA - ok
11:06:20.0421 1916 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:06:20.0421 1916 Kbdclass - ok
11:06:20.0468 1916 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:06:20.0484 1916 kmixer - ok
11:06:20.0578 1916 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:06:20.0578 1916 KSecDD - ok
11:06:20.0671 1916 Lavasoft Kernexplorer - ok
11:06:20.0703 1916 lbrtfdc - ok
11:06:20.0781 1916 LHidFlt2 (b97d05e656818572b6b04ba682d3aa8f) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
11:06:20.0812 1916 LHidFlt2 - ok
11:06:20.0906 1916 LMouFlt2 (b666f835c18974f392a387c6e863072f) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
11:06:20.0906 1916 LMouFlt2 - ok
11:06:21.0062 1916 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:06:21.0062 1916 mdmxsdk - ok
11:06:21.0140 1916 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys
11:06:21.0156 1916 mfeapfk - ok
11:06:21.0234 1916 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys
11:06:21.0234 1916 mfeavfk - ok
11:06:21.0265 1916 mfeavfk01 - ok
11:06:21.0312 1916 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys
11:06:21.0328 1916 mfebopk - ok
11:06:21.0406 1916 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys
11:06:21.0421 1916 mfefirek - ok
11:06:21.0531 1916 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys
11:06:21.0546 1916 mfehidk - ok
11:06:21.0640 1916 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:06:21.0640 1916 mfendisk - ok
11:06:21.0656 1916 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:06:21.0656 1916 mfendiskmp - ok
11:06:21.0703 1916 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys
11:06:21.0718 1916 mferkdet - ok
11:06:21.0796 1916 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
11:06:21.0796 1916 mferkdk - ok
11:06:21.0843 1916 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
11:06:21.0843 1916 mfesmfk - ok
11:06:21.0906 1916 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:06:21.0906 1916 mfetdi2k - ok
11:06:21.0968 1916 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
11:06:21.0984 1916 MHNDRV - ok
11:06:22.0015 1916 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:06:22.0015 1916 mnmdd - ok
11:06:22.0140 1916 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:06:22.0140 1916 Modem - ok
11:06:22.0187 1916 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:06:22.0187 1916 Mouclass - ok
11:06:22.0250 1916 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:06:22.0250 1916 mouhid - ok
11:06:22.0281 1916 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:06:22.0281 1916 MountMgr - ok
11:06:22.0328 1916 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:06:22.0343 1916 mraid35x - ok
11:06:22.0390 1916 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:06:22.0406 1916 MRxDAV - ok
11:06:22.0484 1916 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:06:22.0500 1916 MRxSmb - ok
11:06:22.0578 1916 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:06:22.0578 1916 Msfs - ok
11:06:22.0640 1916 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:06:22.0640 1916 MSKSSRV - ok
11:06:22.0671 1916 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:06:22.0671 1916 MSPCLOCK - ok
11:06:22.0703 1916 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:06:22.0703 1916 MSPQM - ok
11:06:22.0859 1916 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:06:22.0859 1916 mssmbios - ok
11:06:22.0921 1916 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:06:22.0921 1916 Mup - ok
11:06:23.0000 1916 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:06:23.0015 1916 NDIS - ok
11:06:23.0046 1916 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:06:23.0046 1916 NdisTapi - ok
11:06:23.0125 1916 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:06:23.0125 1916 Ndisuio - ok
11:06:23.0156 1916 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:06:23.0171 1916 NdisWan - ok
11:06:23.0234 1916 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:06:23.0250 1916 NDProxy - ok
11:06:23.0281 1916 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:06:23.0281 1916 NetBIOS - ok
11:06:23.0312 1916 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:06:23.0328 1916 NetBT - ok
11:06:23.0437 1916 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:06:23.0437 1916 NIC1394 - ok
11:06:23.0484 1916 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:06:23.0484 1916 Npfs - ok
11:06:23.0562 1916 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:06:23.0578 1916 Ntfs - ok
11:06:23.0656 1916 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:06:23.0656 1916 Null - ok
11:06:23.0859 1916 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:06:23.0921 1916 nv - ok
11:06:24.0015 1916 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:06:24.0031 1916 NwlnkFlt - ok
11:06:24.0109 1916 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:06:24.0109 1916 NwlnkFwd - ok
11:06:24.0171 1916 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:06:24.0171 1916 ohci1394 - ok
11:06:24.0250 1916 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
11:06:24.0250 1916 omci - ok
11:06:24.0312 1916 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:06:24.0312 1916 Parport - ok
11:06:24.0359 1916 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:06:24.0359 1916 PartMgr - ok
11:06:24.0421 1916 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:06:24.0421 1916 ParVdm - ok
11:06:24.0468 1916 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:06:24.0468 1916 PCI - ok
11:06:24.0500 1916 PCIDump - ok
11:06:24.0562 1916 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:06:24.0562 1916 PCIIde - ok
11:06:24.0593 1916 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:06:24.0593 1916 Pcmcia - ok
11:06:24.0609 1916 PDCOMP - ok
11:06:24.0640 1916 PDFRAME - ok
11:06:24.0656 1916 PDRELI - ok
11:06:24.0687 1916 PDRFRAME - ok
11:06:24.0796 1916 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:06:24.0796 1916 perc2 - ok
11:06:24.0890 1916 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:06:24.0890 1916 perc2hib - ok
11:06:25.0015 1916 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:06:25.0031 1916 PptpMiniport - ok
11:06:25.0078 1916 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:06:25.0078 1916 PSched - ok
11:06:25.0125 1916 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:06:25.0140 1916 Ptilink - ok
11:06:25.0171 1916 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:06:25.0171 1916 PxHelp20 - ok
11:06:25.0218 1916 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:06:25.0218 1916 ql1080 - ok
11:06:25.0265 1916 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:06:25.0265 1916 Ql10wnt - ok
11:06:25.0296 1916 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:06:25.0296 1916 ql12160 - ok
11:06:25.0343 1916 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:06:25.0343 1916 ql1240 - ok
11:06:25.0390 1916 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:06:25.0390 1916 ql1280 - ok
11:06:25.0421 1916 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:06:25.0421 1916 RasAcd - ok
11:06:25.0468 1916 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:06:25.0468 1916 Rasl2tp - ok
11:06:25.0515 1916 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:06:25.0515 1916 RasPppoe - ok
11:06:25.0546 1916 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:06:25.0546 1916 Raspti - ok
11:06:25.0593 1916 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:06:25.0593 1916 Rdbss - ok
11:06:25.0734 1916 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:06:25.0734 1916 RDPCDD - ok
11:06:25.0859 1916 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:06:25.0875 1916 rdpdr - ok
11:06:25.0968 1916 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:06:25.0968 1916 RDPWD - ok
11:06:26.0015 1916 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:06:26.0015 1916 redbook - ok
11:06:26.0125 1916 s24trans (81aa6f0d6a2be1c550f814b036215888) C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:06:26.0125 1916 s24trans - ok
11:06:26.0203 1916 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:06:26.0203 1916 sdbus - ok
11:06:26.0281 1916 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:06:26.0281 1916 Secdrv - ok
11:06:26.0421 1916 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:06:26.0421 1916 serenum - ok
11:06:26.0468 1916 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:06:26.0468 1916 Serial - ok
11:06:26.0531 1916 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:06:26.0546 1916 Sfloppy - ok
11:06:26.0578 1916 Simbad - ok
11:06:26.0625 1916 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:06:26.0625 1916 sisagp - ok
11:06:26.0671 1916 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:06:26.0687 1916 Sparrow - ok
11:06:26.0734 1916 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:06:26.0750 1916 splitter - ok
11:06:26.0812 1916 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:06:26.0812 1916 sr - ok
11:06:26.0906 1916 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:06:26.0906 1916 Srv - ok
11:06:27.0015 1916 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
11:06:27.0015 1916 sscdbhk5 - ok
11:06:27.0046 1916 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
11:06:27.0046 1916 ssrtln - ok
11:06:27.0156 1916 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys
11:06:27.0171 1916 STAC97 - ok
11:06:27.0265 1916 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:06:27.0265 1916 swenum - ok
11:06:27.0312 1916 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:06:27.0312 1916 swmidi - ok
11:06:27.0375 1916 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:06:27.0375 1916 symc810 - ok
11:06:27.0421 1916 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:06:27.0421 1916 symc8xx - ok
11:06:27.0453 1916 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:06:27.0453 1916 sym_hi - ok
11:06:27.0500 1916 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:06:27.0500 1916 sym_u3 - ok
11:06:27.0546 1916 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:06:27.0546 1916 sysaudio - ok
11:06:27.0625 1916 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:06:27.0640 1916 Tcpip - ok
11:06:27.0796 1916 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:06:27.0796 1916 TDPIPE - ok
11:06:27.0828 1916 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:06:27.0828 1916 TDTCP - ok
11:06:27.0875 1916 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:06:27.0875 1916 TermDD - ok
11:06:27.0984 1916 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
11:06:27.0984 1916 tfsnboio - ok
11:06:28.0015 1916 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
11:06:28.0015 1916 tfsncofs - ok
11:06:28.0046 1916 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
11:06:28.0046 1916 tfsndrct - ok
11:06:28.0109 1916 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
11:06:28.0109 1916 tfsndres - ok
11:06:28.0156 1916 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
11:06:28.0156 1916 tfsnifs - ok
11:06:28.0203 1916 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
11:06:28.0203 1916 tfsnopio - ok
11:06:28.0234 1916 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
11:06:28.0234 1916 tfsnpool - ok
11:06:28.0281 1916 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
11:06:28.0281 1916 tfsnudf - ok
11:06:28.0328 1916 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
11:06:28.0328 1916 tfsnudfa - ok
11:06:28.0390 1916 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
11:06:28.0406 1916 TosIde - ok
11:06:28.0484 1916 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:06:28.0484 1916 tunmp - ok
11:06:28.0609 1916 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:06:28.0609 1916 Udfs - ok
11:06:28.0671 1916 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:06:28.0687 1916 ultra - ok
11:06:28.0796 1916 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:06:28.0812 1916 Update - ok
11:06:28.0906 1916 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:06:28.0906 1916 USBAAPL - ok
11:06:28.0953 1916 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:06:28.0953 1916 usbehci - ok
11:06:29.0000 1916 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:06:29.0000 1916 usbhub - ok
11:06:29.0046 1916 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:06:29.0046 1916 USBSTOR - ok
11:06:29.0125 1916 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:06:29.0125 1916 usbuhci - ok
11:06:29.0171 1916 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:06:29.0171 1916 VgaSave - ok
11:06:29.0265 1916 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:06:29.0265 1916 viaagp - ok
11:06:29.0328 1916 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:06:29.0328 1916 ViaIde - ok
11:06:29.0375 1916 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:06:29.0375 1916 VolSnap - ok
11:06:29.0562 1916 w29n51 (f0608f3b5b6d16f4870e867f9d069b6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:06:29.0625 1916 w29n51 - ok
11:06:29.0812 1916 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:06:29.0828 1916 Wanarp - ok
11:06:29.0875 1916 wanatw - ok
11:06:29.0984 1916 WDICA - ok
11:06:30.0015 1916 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:06:30.0015 1916 wdmaud - ok
11:06:30.0156 1916 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:06:30.0218 1916 winachsf - ok
11:06:30.0453 1916 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:06:30.0468 1916 WS2IFSL - ok
11:06:30.0546 1916 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:06:30.0546 1916 WudfPf - ok
11:06:30.0609 1916 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:06:30.0609 1916 WudfRd - ok
11:06:30.0687 1916 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:06:30.0968 1916 \Device\Harddisk0\DR0 - ok
11:06:30.0984 1916 Boot (0x1200) (a7bdc1e057db24bde115768e6896c3a1) \Device\Harddisk0\DR0\Partition0
11:06:30.0984 1916 \Device\Harddisk0\DR0\Partition0 - ok
11:06:30.0984 1916 ============================================================
11:06:30.0984 1916 Scan finished
11:06:30.0984 1916 ============================================================
11:06:31.0000 3288 Detected object count: 0
11:06:31.0015 3288 Actual detected object count: 0
11:08:01.0765 3068 ============================================================
11:08:01.0765 3068 Scan started
11:08:01.0765 3068 Mode: Manual;
11:08:01.0765 3068 ============================================================
11:08:02.0109 3068 Abiosdsk - ok
11:08:02.0156 3068 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:08:02.0156 3068 abp480n5 - ok
11:08:02.0234 3068 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:08:02.0234 3068 ACPI - ok
11:08:02.0296 3068 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:08:02.0296 3068 ACPIEC - ok
11:08:02.0312 3068 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:08:02.0328 3068 adpu160m - ok
11:08:02.0375 3068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:08:02.0375 3068 aec - ok
11:08:02.0437 3068 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:08:02.0453 3068 AFD - ok
11:08:02.0500 3068 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:08:02.0500 3068 agp440 - ok
11:08:02.0531 3068 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:08:02.0531 3068 agpCPQ - ok
11:08:02.0562 3068 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:08:02.0578 3068 Aha154x - ok
11:08:02.0609 3068 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:08:02.0609 3068 aic78u2 - ok
11:08:02.0656 3068 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:08:02.0656 3068 aic78xx - ok
11:08:02.0703 3068 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:08:02.0703 3068 AliIde - ok
11:08:02.0906 3068 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:08:02.0906 3068 alim1541 - ok
11:08:02.0937 3068 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:08:02.0937 3068 amdagp - ok
11:08:03.0000 3068 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:08:03.0000 3068 amsint - ok
11:08:03.0046 3068 ApfiltrService (aeb775a2bae0f392ba6adc0bb706233a) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:08:03.0046 3068 ApfiltrService - ok
11:08:03.0140 3068 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
11:08:03.0140 3068 APPDRV - ok
11:08:03.0203 3068 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:08:03.0218 3068 Arp1394 - ok
11:08:03.0250 3068 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:08:03.0250 3068 asc - ok
11:08:03.0296 3068 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:08:03.0296 3068 asc3350p - ok
11:08:03.0328 3068 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:08:03.0328 3068 asc3550 - ok
11:08:03.0375 3068 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:08:03.0375 3068 ASCTRM - ok
11:08:03.0437 3068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:08:03.0437 3068 AsyncMac - ok
11:08:03.0531 3068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:08:03.0531 3068 atapi - ok
11:08:03.0625 3068 Atdisk - ok
11:08:03.0765 3068 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:08:03.0781 3068 ati2mtag - ok
11:08:03.0890 3068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:08:03.0890 3068 Atmarpc - ok
11:08:03.0921 3068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:08:03.0921 3068 audstub - ok
11:08:03.0968 3068 bcm4sbxp (78123f44be9e4768852a3a017e02d637) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
11:08:03.0984 3068 bcm4sbxp - ok
11:08:04.0015 3068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:08:04.0015 3068 Beep - ok
11:08:04.0046 3068 bvrp_pci - ok
11:08:04.0062 3068 catchme - ok
11:08:04.0109 3068 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:08:04.0109 3068 cbidf - ok
11:08:04.0218 3068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:08:04.0218 3068 cbidf2k - ok
11:08:04.0265 3068 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:08:04.0265 3068 cd20xrnt - ok
11:08:04.0296 3068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:08:04.0312 3068 Cdaudio - ok
11:08:04.0328 3068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:08:04.0328 3068 Cdfs - ok
11:08:04.0359 3068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:08:04.0359 3068 Cdrom - ok
11:08:04.0437 3068 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys
11:08:04.0437 3068 cfwids - ok
11:08:04.0453 3068 Changer - ok
11:08:04.0515 3068 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:08:04.0515 3068 CmBatt - ok
11:08:04.0562 3068 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:08:04.0562 3068 CmdIde - ok
11:08:04.0625 3068 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:08:04.0625 3068 Compbatt - ok
11:08:04.0687 3068 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:08:04.0687 3068 Cpqarray - ok
11:08:04.0734 3068 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:08:04.0750 3068 dac2w2k - ok
11:08:04.0781 3068 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:08:04.0796 3068 dac960nt - ok
11:08:04.0843 3068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:08:04.0843 3068 Disk - ok
11:08:04.0953 3068 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:08:04.0968 3068 dmboot - ok
11:08:05.0062 3068 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:08:05.0062 3068 dmio - ok
11:08:05.0109 3068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:08:05.0109 3068 dmload - ok
11:08:05.0156 3068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:08:05.0156 3068 DMusic - ok
11:08:05.0218 3068 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:08:05.0218 3068 dot4 - ok
11:08:05.0281 3068 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:08:05.0281 3068 Dot4Print - ok
11:08:05.0343 3068 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:08:05.0343 3068 dot4usb - ok
11:08:05.0390 3068 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:08:05.0390 3068 dpti2o - ok
11:08:05.0484 3068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:08:05.0484 3068 drmkaud - ok
11:08:05.0531 3068 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
11:08:05.0531 3068 drvmcdb - ok
11:08:05.0578 3068 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
11:08:05.0593 3068 drvnddm - ok
11:08:05.0812 3068 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
11:08:05.0812 3068 DSproct - ok
11:08:05.0937 3068 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
11:08:05.0937 3068 dsunidrv - ok
11:08:05.0984 3068 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:08:06.0000 3068 E100B - ok
11:08:06.0078 3068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:08:06.0078 3068 Fastfat - ok
11:08:06.0140 3068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:08:06.0140 3068 Fdc - ok
11:08:06.0234 3068 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:08:06.0234 3068 Fips - ok
11:08:06.0281 3068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:08:06.0281 3068 Flpydisk - ok
11:08:06.0343 3068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:08:06.0343 3068 FltMgr - ok
11:08:06.0375 3068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:08:06.0390 3068 Fs_Rec - ok
11:08:06.0406 3068 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:08:06.0406 3068 Ftdisk - ok
11:08:06.0468 3068 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
11:08:06.0468 3068 GEARAspiWDM - ok
11:08:06.0500 3068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:08:06.0500 3068 Gpc - ok
11:08:06.0546 3068 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:08:06.0546 3068 HidUsb - ok
11:08:06.0593 3068 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:08:06.0609 3068 hpn - ok
11:08:06.0671 3068 HSFHWICH (140ba850417896b6b3322048de280368) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
11:08:06.0671 3068 HSFHWICH - ok
11:08:06.0906 3068 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
11:08:06.0921 3068 HSF_DP - ok
11:08:07.0015 3068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:08:07.0031 3068 HTTP - ok
11:08:07.0093 3068 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:08:07.0093 3068 i2omgmt - ok
11:08:07.0156 3068 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:08:07.0156 3068 i2omp - ok
11:08:07.0203 3068 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
11:08:07.0203 3068 i8042prt - ok
11:08:07.0234 3068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:08:07.0234 3068 Imapi - ok
11:08:07.0312 3068 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:08:07.0312 3068 ini910u - ok
11:08:07.0359 3068 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:08:07.0375 3068 IntelIde - ok
11:08:07.0406 3068 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:08:07.0406 3068 intelppm - ok
11:08:07.0500 3068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:08:07.0515 3068 Ip6Fw - ok
11:08:07.0546 3068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:08:07.0546 3068 IpFilterDriver - ok
11:08:07.0593 3068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:08:07.0593 3068 IpInIp - ok
11:08:07.0656 3068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:08:07.0656 3068 IpNat - ok
11:08:07.0734 3068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:08:07.0734 3068 IPSec - ok
11:08:07.0828 3068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:08:07.0828 3068 IRENUM - ok
11:08:07.0906 3068 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:08:07.0906 3068 isapnp - ok
11:08:07.0968 3068 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
11:08:07.0984 3068 IWCA - ok
11:08:08.0015 3068 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:08:08.0031 3068 Kbdclass - ok
11:08:08.0062 3068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:08:08.0062 3068 kmixer - ok
11:08:08.0203 3068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:08:08.0203 3068 KSecDD - ok
11:08:08.0296 3068 Lavasoft Kernexplorer - ok
11:08:08.0328 3068 lbrtfdc - ok
11:08:08.0390 3068 LHidFlt2 (b97d05e656818572b6b04ba682d3aa8f) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
11:08:08.0390 3068 LHidFlt2 - ok
11:08:08.0437 3068 LMouFlt2 (b666f835c18974f392a387c6e863072f) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
11:08:08.0437 3068 LMouFlt2 - ok
11:08:08.0562 3068 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:08:08.0562 3068 mdmxsdk - ok
11:08:08.0687 3068 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys
11:08:08.0687 3068 mfeapfk - ok
11:08:08.0796 3068 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys
11:08:08.0796 3068 mfeavfk - ok
11:08:08.0828 3068 mfeavfk01 - ok
11:08:08.0875 3068 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys
11:08:08.0875 3068 mfebopk - ok
11:08:08.0968 3068 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys
11:08:08.0968 3068 mfefirek - ok
11:08:09.0125 3068 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys
11:08:09.0125 3068 mfehidk - ok
11:08:09.0218 3068 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:08:09.0218 3068 mfendisk - ok
11:08:09.0234 3068 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:08:09.0234 3068 mfendiskmp - ok
11:08:09.0281 3068 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys
11:08:09.0281 3068 mferkdet - ok
11:08:09.0312 3068 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
11:08:09.0328 3068 mferkdk - ok
11:08:09.0359 3068 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
11:08:09.0375 3068 mfesmfk - ok
11:08:09.0437 3068 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:08:09.0437 3068 mfetdi2k - ok
11:08:09.0500 3068 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
11:08:09.0500 3068 MHNDRV - ok
11:08:09.0562 3068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:08:09.0562 3068 mnmdd - ok
11:08:09.0640 3068 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:08:09.0640 3068 Modem - ok
11:08:09.0656 3068 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:08:09.0656 3068 Mouclass - ok
11:08:09.0718 3068 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:08:09.0718 3068 mouhid - ok
11:08:09.0843 3068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:08:09.0843 3068 MountMgr - ok
11:08:09.0906 3068 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:08:09.0921 3068 mraid35x - ok
11:08:09.0968 3068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:08:09.0968 3068 MRxDAV - ok
11:08:10.0062 3068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:08:10.0062 3068 MRxSmb - ok
11:08:10.0156 3068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:08:10.0156 3068 Msfs - ok
11:08:10.0218 3068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:08:10.0218 3068 MSKSSRV - ok
11:08:10.0250 3068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:08:10.0250 3068 MSPCLOCK - ok
11:08:10.0296 3068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:08:10.0296 3068 MSPQM - ok
11:08:10.0359 3068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:08:10.0359 3068 mssmbios - ok
11:08:10.0406 3068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:08:10.0406 3068 Mup - ok
11:08:10.0515 3068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:08:10.0531 3068 NDIS - ok
11:08:10.0593 3068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:08:10.0593 3068 NdisTapi - ok
11:08:10.0640 3068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:08:10.0640 3068 Ndisuio - ok
11:08:10.0687 3068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:08:10.0687 3068 NdisWan - ok
11:08:10.0781 3068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:08:10.0781 3068 NDProxy - ok
11:08:10.0843 3068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:08:10.0843 3068 NetBIOS - ok
11:08:10.0890 3068 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:08:10.0906 3068 NetBT - ok
11:08:10.0984 3068 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:08:10.0984 3068 NIC1394 - ok
11:08:11.0046 3068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:08:11.0046 3068 Npfs - ok
11:08:11.0125 3068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:08:11.0125 3068 Ntfs - ok
11:08:11.0234 3068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:08:11.0234 3068 Null - ok
11:08:11.0468 3068 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:08:11.0484 3068 nv - ok
11:08:11.0609 3068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:08:11.0609 3068 NwlnkFlt - ok
11:08:11.0671 3068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:08:11.0687 3068 NwlnkFwd - ok
11:08:11.0750 3068 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:08:11.0750 3068 ohci1394 - ok
11:08:11.0828 3068 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
11:08:11.0828 3068 omci - ok
11:08:11.0906 3068 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:08:11.0906 3068 Parport - ok
11:08:11.0953 3068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:08:11.0953 3068 PartMgr - ok
11:08:12.0000 3068 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:08:12.0000 3068 ParVdm - ok
11:08:12.0093 3068 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:08:12.0093 3068 PCI - ok
11:08:12.0125 3068 PCIDump - ok
11:08:12.0187 3068 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:08:12.0187 3068 PCIIde - ok
11:08:12.0218 3068 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:08:12.0234 3068 Pcmcia - ok
11:08:12.0250 3068 PDCOMP - ok
11:08:12.0281 3068 PDFRAME - ok
11:08:12.0312 3068 PDRELI - ok
11:08:12.0328 3068 PDRFRAME - ok
11:08:12.0390 3068 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:08:12.0390 3068 perc2 - ok
11:08:12.0437 3068 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:08:12.0437 3068 perc2hib - ok
11:08:12.0546 3068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:08:12.0546 3068 PptpMiniport - ok
11:08:12.0609 3068 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:08:12.0609 3068 PSched - ok
11:08:12.0640 3068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:08:12.0640 3068 Ptilink - ok
11:08:12.0671 3068 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:08:12.0687 3068 PxHelp20 - ok
11:08:12.0734 3068 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:08:12.0734 3068 ql1080 - ok
11:08:12.0796 3068 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:08:12.0796 3068 Ql10wnt - ok
11:08:12.0828 3068 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:08:12.0828 3068 ql12160 - ok
11:08:12.0875 3068 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:08:12.0875 3068 ql1240 - ok
11:08:12.0906 3068 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:08:12.0906 3068 ql1280 - ok
11:08:13.0046 3068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:08:13.0046 3068 RasAcd - ok
11:08:13.0125 3068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:08:13.0140 3068 Rasl2tp - ok
11:08:13.0171 3068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:08:13.0171 3068 RasPppoe - ok
11:08:13.0203 3068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:08:13.0203 3068 Raspti - ok
11:08:13.0250 3068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:08:13.0250 3068 Rdbss - ok
11:08:13.0281 3068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:08:13.0281 3068 RDPCDD - ok
11:08:13.0328 3068 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:08:13.0328 3068 rdpdr - ok
11:08:13.0406 3068 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:08:13.0406 3068 RDPWD - ok
11:08:13.0453 3068 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:08:13.0453 3068 redbook - ok
11:08:13.0562 3068 s24trans (81aa6f0d6a2be1c550f814b036215888) C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:08:13.0562 3068 s24trans - ok
11:08:13.0656 3068 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:08:13.0656 3068 sdbus - ok
11:08:13.0718 3068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:08:13.0718 3068 Secdrv - ok
11:08:13.0875 3068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:08:13.0875 3068 serenum - ok
11:08:13.0937 3068 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:08:13.0937 3068 Serial - ok
11:08:14.0015 3068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:08:14.0015 3068 Sfloppy - ok
11:08:14.0046 3068 Simbad - ok
11:08:14.0109 3068 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:08:14.0109 3068 sisagp - ok
11:08:14.0171 3068 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:08:14.0171 3068 Sparrow - ok
11:08:14.0218 3068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:08:14.0234 3068 splitter - ok
11:08:14.0281 3068 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:08:14.0281 3068 sr - ok
11:08:14.0359 3068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:08:14.0375 3068 Srv - ok
11:08:14.0437 3068 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
11:08:14.0437 3068 sscdbhk5 - ok
11:08:14.0484 3068 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
11:08:14.0484 3068 ssrtln - ok
11:08:14.0531 3068 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys
11:08:14.0531 3068 STAC97 - ok
11:08:14.0640 3068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:08:14.0640 3068 swenum - ok
11:08:14.0781 3068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:08:14.0781 3068 swmidi - ok
11:08:14.0859 3068 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:08:14.0859 3068 symc810 - ok
11:08:14.0906 3068 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:08:14.0906 3068 symc8xx - ok
11:08:14.0937 3068 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:08:14.0937 3068 sym_hi - ok
11:08:14.0984 3068 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:08:14.0984 3068 sym_u3 - ok
11:08:15.0046 3068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:08:15.0046 3068 sysaudio - ok
11:08:15.0125 3068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:08:15.0125 3068 Tcpip - ok
11:08:15.0250 3068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:08:15.0250 3068 TDPIPE - ok
11:08:15.0312 3068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:08:15.0312 3068 TDTCP - ok
11:08:15.0359 3068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:08:15.0375 3068 TermDD - ok
11:08:15.0453 3068 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
11:08:15.0453 3068 tfsnboio - ok
11:08:15.0484 3068 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
11:08:15.0484 3068 tfsncofs - ok
11:08:15.0515 3068 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
11:08:15.0515 3068 tfsndrct - ok
11:08:15.0562 3068 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
11:08:15.0562 3068 tfsndres - ok
11:08:15.0609 3068 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
11:08:15.0609 3068 tfsnifs - ok
11:08:15.0671 3068 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
11:08:15.0671 3068 tfsnopio - ok
11:08:15.0703 3068 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
11:08:15.0703 3068 tfsnpool - ok
11:08:15.0781 3068 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
11:08:15.0781 3068 tfsnudf - ok
11:08:15.0812 3068 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
11:08:15.0812 3068 tfsnudfa - ok
11:08:15.0890 3068 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
11:08:15.0890 3068 TosIde - ok
11:08:16.0031 3068 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:08:16.0031 3068 tunmp - ok
11:08:16.0109 3068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:08:16.0109 3068 Udfs - ok
11:08:16.0171 3068 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:08:16.0171 3068 ultra - ok
11:08:16.0234 3068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:08:16.0234 3068 Update - ok
11:08:16.0312 3068 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:08:16.0312 3068 USBAAPL - ok
11:08:16.0359 3068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:08:16.0359 3068 usbehci - ok
11:08:16.0406 3068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:08:16.0406 3068 usbhub - ok
11:08:16.0453 3068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:08:16.0453 3068 USBSTOR - ok
11:08:16.0500 3068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:08:16.0500 3068 usbuhci - ok
11:08:16.0546 3068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:08:16.0546 3068 VgaSave - ok
11:08:16.0593 3068 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:08:16.0593 3068 viaagp - ok
11:08:16.0625 3068 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:08:16.0625 3068 ViaIde - ok
11:08:16.0687 3068 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:08:16.0687 3068 VolSnap - ok
11:08:16.0968 3068 w29n51 (f0608f3b5b6d16f4870e867f9d069b6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:08:17.0000 3068 w29n51 - ok
11:08:17.0125 3068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:08:17.0125 3068 Wanarp - ok
11:08:17.0156 3068 wanatw - ok
11:08:17.0187 3068 WDICA - ok
11:08:17.0218 3068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:08:17.0218 3068 wdmaud - ok
11:08:17.0343 3068 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:08:17.0343 3068 winachsf - ok
11:08:17.0531 3068 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:08:17.0531 3068 WS2IFSL - ok
11:08:17.0640 3068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:08:17.0640 3068 WudfPf - ok
11:08:17.0703 3068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:08:17.0703 3068 WudfRd - ok
11:08:17.0781 3068 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:08:18.0031 3068 \Device\Harddisk0\DR0 - ok
11:08:18.0046 3068 Boot (0x1200) (a7bdc1e057db24bde115768e6896c3a1) \Device\Harddisk0\DR0\Partition0
11:08:18.0046 3068 \Device\Harddisk0\DR0\Partition0 - ok
11:08:18.0046 3068 ============================================================
11:08:18.0046 3068 Scan finished
11:08:18.0046 3068 ============================================================
11:08:18.0062 2232 Detected object count: 0
11:08:18.0062 2232 Actual detected object count: 0
11:09:06.0078 2916 Deinitialize success

____________________________________________________________________________________
aswMBR:

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-19 11:15:18
-----------------------------
11:15:18.031 OS Version: Windows 5.1.2600 Service Pack 3
11:15:18.031 Number of processors: 1 586 0xD08
11:15:18.031 ComputerName: BONNIE UserName:
11:15:18.609 Initialize success
11:30:15.781 AVAST engine defs: 12021900
11:39:59.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:39:59.203 Disk 0 Vendor: HTS726060M9AT00 MH4OA6EA Size: 57231MB BusType: 3
11:39:59.218 Disk 0 MBR read successfully
11:39:59.218 Disk 0 MBR scan
11:39:59.328 Disk 0 Windows XP default MBR code
11:39:59.328 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
11:39:59.640 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 52407 MB offset 128520
11:39:59.953 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 107458785
11:40:00.250 Disk 0 scanning sectors +117194175
11:40:00.343 Disk 0 scanning C:\WINDOWS\system32\drivers
11:40:33.703 Service scanning
11:41:16.484 Modules scanning
11:41:25.296 Disk 0 trace - called modules:
11:41:25.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
11:41:25.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87166ab8]
11:41:25.828 3 CLASSPNP.SYS[f761bfd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8714ed98]
11:41:26.390 AVAST engine scan C:\WINDOWS
11:42:53.390 AVAST engine scan C:\WINDOWS\system32
11:48:58.359 AVAST engine scan C:\WINDOWS\system32\drivers
11:49:25.546 AVAST engine scan C:\Documents and Settings\Bonnie Stuckart
12:00:29.781 AVAST engine scan C:\Documents and Settings\All Users
12:47:59.656 Scan finished successfully
12:49:12.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bonnie Stuckart\Desktop\Cleaning 2-17-2012\2-17-2012 Log Files\MBR.dat"
12:49:12.109 The log file has been saved successfully to "C:\Documents and Settings\Bonnie Stuckart\Desktop\Cleaning 2-17-2012\2-17-2012 Log Files\aswMBR.txt"


Thanks again.

#14 TMS_CT_12

TMS_CT_12
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 19 February 2012 - 12:53 PM

Oh - I forgot to add: I did run through the process you directed me to: "Use windows to manage wireless". There were no issues and there is nothing new to report about that.

Thank you.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:43 AM

Posted 19 February 2012 - 01:12 PM

Hello

which dell do you have?

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job

Programs to remove

Adobe Reader 6.0.1
Internet Explorer Default Page
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 22
Viewpoint Media Player
WildTangent Web Driver
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]
Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close


TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users