Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web Browser Redirect that won't DIe!!


  • Please log in to reply
6 replies to this topic

#1 REDWORC

REDWORC

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 13 March 2012 - 06:46 PM

I have a Windows 7, 64 bit system and I have a redirect bug that will not go away. I have tried using my McAfee and I also have tried Super Anti Spyware and also Malware Bytes. All that they found were tracking cookies. I restarted in safe mode adn it found a registry setting that it considered a trojan. I can probably find the log (I asume that it is saved in the program folder) and post it if needed. While it is not doing harm (that I know of) it is very frustrating copying and pasting links so I won't get redirected. Thanks.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:42 AM

Posted 13 March 2012 - 09:29 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 REDWORC

REDWORC
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 19 March 2012 - 09:55 PM

OK here is the infor from the scans:
Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee AntiVirus Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````



Farbar Service Scanner Version: 01-03-2012
Ran by Angie on 19-03-2012 at 21:08:27
Running from "C:\Users\Angie\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
Checking ServiceDll: Attention! Unable to open Nsi registry key. The service key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




MiniToolBox by Farbar Version: 18-01-2012
Ran by Angie on 19-03-2012 at 21:12:06
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Redworc
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : myhome.westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 20-CF-30-9C-05-BD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::41b4:fcbf:1554:c7e4%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, March 19, 2012 8:51:04 PM
Lease Expires . . . . . . . . . . : Tuesday, March 20, 2012 8:51:03 PM
Default Gateway . . . . . . . . . : 192.168.1.25
DHCP Server . . . . . . . . . . . : 192.168.1.25
DHCPv6 IAID . . . . . . . . . . . : 237031216
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-77-91-59-20-CF-30-9C-05-BD
DNS Servers . . . . . . . . . . . : 64.91.3.46
208.54.220.20
64.91.3.60
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.myhome.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:8de:1ca1:ba4c:4a94(Preferred)
Link-local IPv6 Address . . . . . : fe80::8de:1ca1:ba4c:4a94%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dnsc1-clm.mo.centurylink.net
Address: 64.91.3.46

Name: google.com
Addresses: 74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99
74.125.225.100
74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110


Pinging google.com [74.125.225.97] with 32 bytes of data:
Reply from 74.125.225.97: bytes=32 time=302ms TTL=53
Reply from 74.125.225.97: bytes=32 time=48ms TTL=53

Ping statistics for 74.125.225.97:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 302ms, Average = 175ms
Server: dnsc1-clm.mo.centurylink.net
Address: 64.91.3.46

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=88ms TTL=54
Reply from 209.191.122.70: bytes=32 time=32ms TTL=54

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 88ms, Average = 60ms
Server: dnsc1-clm.mo.centurylink.net
Address: 64.91.3.46

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
10...20 cf 30 9c 05 bd ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.25 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:8de:1ca1:ba4c:4a94/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::8de:1ca1:ba4c:4a94/128
On-link
10 276 fe80::41b4:fcbf:1554:c7e4/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ================================

Could not start eventlog service, could not read events.

System error 5 has occurred.

Access is denied.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 1.2.0)
ActivClient CAC x64 (Version: 6.2)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
AI Manager (Version: 1.08.07)
America's Army 3
ApproveIt Desktop (Version: 6.50.25.1000)
Army Men RTS (remove only)
ASUS Backup Wizard (Version: 1.00.09)
ASUS VIBE (Version: 1.0.188)
ASUSUpdate (Version: 7.18.03)
Bamboo
Best Buy pc app (Version: 3.0.0.0)
Brother Internet Print 1.63
Corel Painter Essentials 4
Corel Painter Essentials 4 (Version: 4.2)
Coupon Printer for Windows (Version: 5.0.0.1)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)
D3DX10 (Version: 15.4.2368.0902)
DBsign Web Signer (Version: 2.3.6.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX 9 Runtime (Version: 1.00.0000)
ebi.BookReader3J (Version: 3.75.14)
EPU-4 Engine (Version: 1.01.02)
Family Toolbar (Version: 1.0.4)
FoxTab PDF Creator
GenoPro 2.5.3.4
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
Intel® Management Engine Components (Version: 6.0.0.1179)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee AntiVirus Plus (Version: 11.0.654)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nero 8 (Version: 8.3.500)
neroxml (Version: 1.0.0)
PaperPort (Version: 9.02.0814)
Power MP3 WMA Converter 2010, (ver 6.0) (Version: 6.0)
PunkBuster Services (Version: 0.989)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek High Definition Audio Driver (Version: 6.0.1.5919)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Easy VHS to DVD (Version: 2.0)
Roxio Easy VHS to DVD (Version: 2.0.123)
Roxio Express Labeler (Version: 3.2.1)
Roxio Video Capture USB (Version: 1.22.0000)
Skype Toolbars (Version: 5.0.4126)
Skype™ 5.0 (Version: 5.0.152)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Steam (Version: 1.0.0.0)
Super Collapse!
SUPERAntiSpyware (Version: 5.0.1146)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VCRedistSetup (Version: 1.0.0)
WD Discovery Software (Version: 1.80)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 6031.05 MB
Available physical RAM: 4544.55 MB
Total Pagefile: 12060.3 MB
Available Pagefile: 9682.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.79 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:824.78 GB) NTFS
7 Drive z: (WDTVLiveHub) (Network) (Total:930.44 GB) (Free:892.47 GB) NTFS

========================= Users: ========================================

User accounts for \\REDWORC

Administrator Angie Guest
Scott


**** End of log ****


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Angie :: REDWORC [limited]

Protection: Enabled

3/18/2012 10:03:13 PM
mbam-log-2012-03-18 (22-03-13).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 368052
Time elapsed: 1 hour(s), 3 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Angie\AppData\Roaming\WTablet\WTablet\klzgc.dll (Trojan.Agent.GMAGen) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) -> Data: rundll32.exe "C:\Users\Angie\AppData\Roaming\WTablet\WTablet\klzgc.dll",DllRegisterServer -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Angie\AppData\Roaming\WTablet\WTablet\klzgc.dll (Trojan.Agent.GMAGen) -> Delete on reboot.

(end)



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-19 21:28:46
-----------------------------
21:28:46.468 OS Version: Windows x64 6.1.7601 Service Pack 1
21:28:46.468 Number of processors: 4 586 0x2502
21:28:46.468 ComputerName: REDWORC UserName: Scott
21:28:49.557 Initialize success
21:33:30.359 AVAST engine defs: 12031700
21:33:35.788 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:33:35.788 Disk 0 Vendor: ST31000528AS CC44 Size: 953869MB BusType: 3
21:33:35.803 Disk 0 MBR read successfully
21:33:35.803 Disk 0 MBR scan
21:33:35.819 Disk 0 unknown MBR code
21:33:35.819 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
21:33:35.834 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 939343 MB offset 29747200
21:33:35.850 Disk 0 scanning C:\Windows\system32\drivers
21:33:49.282 Service scanning
21:34:03.493 Modules scanning
21:34:03.493 Disk 0 trace - called modules:
21:34:03.509 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:34:03.509 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065b2060]
21:34:03.509 3 CLASSPNP.SYS[fffff8800199843f] -> nt!IofCallDriver -> [0xfffffa8006295520]
21:34:03.509 5 ACPI.sys[fffff88000ec37a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800628f060]
21:34:11.714 AVAST engine scan C:\Windows
21:34:15.459 AVAST engine scan C:\Windows\system32
21:37:30.786 AVAST engine scan C:\Windows\system32\drivers
21:37:41.722 AVAST engine scan C:\Users\Scott
21:43:00.275 AVAST engine scan C:\ProgramData
21:52:04.466 Scan finished successfully
21:52:35.947 Disk 0 MBR has been saved successfully to "C:\Users\Angie\Desktop\MBR.dat"
21:52:35.962 The log file has been saved successfully to "C:\Users\Angie\Desktop\aswMBR.txt"

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:42 AM

Posted 19 March 2012 - 10:23 PM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 REDWORC

REDWORC
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 20 March 2012 - 06:37 PM

No threats found


18:33:26.0349 4432 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
18:33:28.0350 4432 ============================================================
18:33:28.0350 4432 Current date / time: 2012/03/20 18:33:28.0350
18:33:28.0350 4432 SystemInfo:
18:33:28.0350 4432
18:33:28.0350 4432 OS Version: 6.1.7601 ServicePack: 1.0
18:33:28.0350 4432 Product type: Workstation
18:33:28.0350 4432 ComputerName: REDWORC
18:33:28.0351 4432 UserName: Scott
18:33:28.0351 4432 Windows directory: C:\Windows
18:33:28.0351 4432 System windows directory: C:\Windows
18:33:28.0351 4432 Running under WOW64
18:33:28.0351 4432 Processor architecture: Intel x64
18:33:28.0351 4432 Number of processors: 4
18:33:28.0351 4432 Page size: 0x1000
18:33:28.0351 4432 Boot type: Normal boot
18:33:28.0351 4432 ============================================================
18:33:29.0423 4432 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:29.0480 4432 \Device\Harddisk0\DR0:
18:33:29.0501 4432 MBR used
18:33:29.0501 4432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x72AA7800
18:33:29.0518 4432 Initialize success
18:33:29.0518 4432 ============================================================
18:33:43.0289 5096 ============================================================
18:33:43.0289 5096 Scan started
18:33:43.0289 5096 Mode: Manual;
18:33:43.0289 5096 ============================================================
18:33:43.0926 5096 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\drivers\1394ohci.sys
18:33:43.0929 5096 1394ohci - ok
18:33:43.0983 5096 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:33:43.0987 5096 ACPI - ok
18:33:44.0001 5096 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:33:44.0002 5096 AcpiPmi - ok
18:33:44.0046 5096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:44.0051 5096 adp94xx - ok
18:33:44.0068 5096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:33:44.0072 5096 adpahci - ok
18:33:44.0093 5096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:33:44.0099 5096 adpu320 - ok
18:33:44.0142 5096 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:33:44.0147 5096 AFD - ok
18:33:44.0167 5096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:33:44.0168 5096 agp440 - ok
18:33:44.0182 5096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:33:44.0183 5096 aliide - ok
18:33:44.0200 5096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:33:44.0201 5096 amdide - ok
18:33:44.0217 5096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:33:44.0221 5096 AmdK8 - ok
18:33:44.0236 5096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:33:44.0237 5096 AmdPPM - ok
18:33:44.0263 5096 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:33:44.0265 5096 amdsata - ok
18:33:44.0287 5096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:44.0292 5096 amdsbs - ok
18:33:44.0311 5096 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:33:44.0311 5096 amdxata - ok
18:33:44.0371 5096 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:33:44.0373 5096 AppID - ok
18:33:44.0405 5096 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:33:44.0407 5096 arc - ok
18:33:44.0421 5096 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:33:44.0422 5096 arcsas - ok
18:33:44.0434 5096 AsIO - ok
18:33:44.0442 5096 AsUpIO - ok
18:33:44.0456 5096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:44.0457 5096 AsyncMac - ok
18:33:44.0469 5096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:33:44.0469 5096 atapi - ok
18:33:44.0507 5096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:44.0512 5096 b06bdrv - ok
18:33:44.0536 5096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:44.0540 5096 b57nd60a - ok
18:33:44.0560 5096 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:33:44.0562 5096 Beep - ok
18:33:44.0593 5096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:44.0594 5096 blbdrive - ok
18:33:44.0626 5096 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:33:44.0627 5096 bowser - ok
18:33:44.0640 5096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:44.0641 5096 BrFiltLo - ok
18:33:44.0658 5096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:44.0659 5096 BrFiltUp - ok
18:33:44.0700 5096 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:33:44.0702 5096 BridgeMP - ok
18:33:44.0724 5096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:33:44.0728 5096 Brserid - ok
18:33:44.0744 5096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:44.0745 5096 BrSerWdm - ok
18:33:44.0764 5096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:44.0765 5096 BrUsbMdm - ok
18:33:44.0784 5096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:44.0785 5096 BrUsbSer - ok
18:33:44.0804 5096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:44.0806 5096 BTHMODEM - ok
18:33:44.0812 5096 catchme - ok
18:33:44.0836 5096 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:33:44.0838 5096 cdfs - ok
18:33:44.0865 5096 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:33:44.0898 5096 cdrom - ok
18:33:44.0940 5096 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
18:33:44.0942 5096 cfwids - ok
18:33:44.0960 5096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:33:44.0962 5096 circlass - ok
18:33:45.0030 5096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:33:45.0055 5096 CLFS - ok
18:33:45.0161 5096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:45.0165 5096 CmBatt - ok
18:33:45.0178 5096 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:33:45.0180 5096 cmdide - ok
18:33:45.0205 5096 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:33:45.0209 5096 CNG - ok
18:33:45.0230 5096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:33:45.0232 5096 Compbatt - ok
18:33:45.0268 5096 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:33:45.0303 5096 CompositeBus - ok
18:33:45.0323 5096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:45.0325 5096 crcdisk - ok
18:33:45.0375 5096 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:33:45.0377 5096 DfsC - ok
18:33:45.0392 5096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:33:45.0394 5096 discache - ok
18:33:45.0413 5096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:33:45.0414 5096 Disk - ok
18:33:45.0432 5096 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:33:45.0433 5096 drmkaud - ok
18:33:45.0478 5096 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:33:45.0488 5096 DXGKrnl - ok
18:33:45.0551 5096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:33:45.0594 5096 ebdrv - ok
18:33:45.0625 5096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:33:45.0630 5096 elxstor - ok
18:33:45.0650 5096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:33:45.0652 5096 ErrDev - ok
18:33:45.0696 5096 esgiguard - ok
18:33:45.0719 5096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:33:45.0722 5096 exfat - ok
18:33:45.0742 5096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:33:45.0744 5096 fastfat - ok
18:33:45.0766 5096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:33:45.0767 5096 fdc - ok
18:33:45.0793 5096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:33:45.0794 5096 FileInfo - ok
18:33:45.0809 5096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:33:45.0810 5096 Filetrace - ok
18:33:45.0830 5096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:45.0831 5096 flpydisk - ok
18:33:45.0866 5096 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:33:45.0869 5096 FltMgr - ok
18:33:45.0889 5096 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:33:45.0891 5096 FsDepends - ok
18:33:45.0936 5096 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
18:33:45.0938 5096 fssfltr - ok
18:33:45.0953 5096 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:33:45.0955 5096 Fs_Rec - ok
18:33:45.0997 5096 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:33:46.0000 5096 fvevol - ok
18:33:46.0014 5096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:46.0016 5096 gagp30kx - ok
18:33:46.0034 5096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:33:46.0039 5096 hcw85cir - ok
18:33:46.0090 5096 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:33:46.0094 5096 HdAudAddService - ok
18:33:46.0131 5096 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:33:46.0133 5096 HDAudBus - ok
18:33:46.0158 5096 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
18:33:46.0160 5096 HECIx64 - ok
18:33:46.0178 5096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:46.0179 5096 HidBatt - ok
18:33:46.0193 5096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:33:46.0195 5096 HidBth - ok
18:33:46.0207 5096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:33:46.0208 5096 HidIr - ok
18:33:46.0239 5096 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:33:46.0240 5096 HidUsb - ok
18:33:46.0262 5096 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:33:46.0264 5096 HpSAMD - ok
18:33:46.0318 5096 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:33:46.0326 5096 HTTP - ok
18:33:46.0362 5096 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:33:46.0362 5096 hwpolicy - ok
18:33:46.0378 5096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:33:46.0381 5096 i8042prt - ok
18:33:46.0419 5096 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:33:46.0459 5096 iaStorV - ok
18:33:46.0633 5096 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:33:46.0763 5096 igfx - ok
18:33:46.0780 5096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:33:46.0782 5096 iirsp - ok
18:33:46.0851 5096 IntcAzAudAddService (f04d22d7a49a1b2210dbadf0b803e870) C:\Windows\system32\drivers\RTKVHD64.sys
18:33:46.0885 5096 IntcAzAudAddService - ok
18:33:46.0912 5096 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:33:46.0916 5096 IntcDAud - ok
18:33:46.0934 5096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:33:46.0935 5096 intelide - ok
18:33:46.0965 5096 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:33:46.0966 5096 intelppm - ok
18:33:47.0004 5096 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:47.0006 5096 IpFilterDriver - ok
18:33:47.0040 5096 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:33:47.0042 5096 IPMIDRV - ok
18:33:47.0060 5096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:33:47.0063 5096 IPNAT - ok
18:33:47.0084 5096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:33:47.0085 5096 IRENUM - ok
18:33:47.0099 5096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:33:47.0100 5096 isapnp - ok
18:33:47.0121 5096 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:33:47.0125 5096 iScsiPrt - ok
18:33:47.0145 5096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:33:47.0147 5096 kbdclass - ok
18:33:47.0164 5096 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:33:47.0165 5096 kbdhid - ok
18:33:47.0195 5096 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:33:47.0197 5096 KSecDD - ok
18:33:47.0221 5096 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:33:47.0223 5096 KSecPkg - ok
18:33:47.0235 5096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:33:47.0236 5096 ksthunk - ok
18:33:47.0266 5096 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:33:47.0270 5096 lltdio - ok
18:33:47.0302 5096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:47.0304 5096 LSI_FC - ok
18:33:47.0322 5096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:47.0324 5096 LSI_SAS - ok
18:33:47.0340 5096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:47.0342 5096 LSI_SAS2 - ok
18:33:47.0359 5096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:47.0361 5096 LSI_SCSI - ok
18:33:47.0381 5096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:33:47.0383 5096 luafv - ok
18:33:47.0425 5096 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
18:33:47.0425 5096 MBAMProtector - ok
18:33:47.0491 5096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:33:47.0493 5096 megasas - ok
18:33:47.0510 5096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:47.0517 5096 MegaSR - ok
18:33:47.0544 5096 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
18:33:47.0546 5096 mfeapfk - ok
18:33:47.0581 5096 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
18:33:47.0583 5096 mfeavfk - ok
18:33:47.0592 5096 mfeavfk01 - ok
18:33:47.0620 5096 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
18:33:47.0622 5096 mfefirek - ok
18:33:47.0651 5096 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
18:33:47.0657 5096 mfehidk - ok
18:33:47.0673 5096 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
18:33:47.0675 5096 mfenlfk - ok
18:33:47.0690 5096 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
18:33:47.0692 5096 mferkdet - ok
18:33:47.0729 5096 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
18:33:47.0732 5096 mfewfpk - ok
18:33:47.0755 5096 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:33:47.0757 5096 Modem - ok
18:33:47.0782 5096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:33:47.0783 5096 monitor - ok
18:33:47.0826 5096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:33:47.0827 5096 mouclass - ok
18:33:47.0852 5096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:33:47.0856 5096 mouhid - ok
18:33:47.0893 5096 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:33:47.0895 5096 mountmgr - ok
18:33:47.0918 5096 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:33:47.0920 5096 mpio - ok
18:33:47.0936 5096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:33:47.0938 5096 mpsdrv - ok
18:33:47.0981 5096 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:33:47.0983 5096 MRxDAV - ok
18:33:48.0021 5096 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:48.0022 5096 mrxsmb - ok
18:33:48.0059 5096 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:48.0062 5096 mrxsmb10 - ok
18:33:48.0077 5096 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:48.0079 5096 mrxsmb20 - ok
18:33:48.0112 5096 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:33:48.0113 5096 msahci - ok
18:33:48.0128 5096 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:33:48.0130 5096 msdsm - ok
18:33:48.0158 5096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:33:48.0159 5096 Msfs - ok
18:33:48.0170 5096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:33:48.0172 5096 mshidkmdf - ok
18:33:48.0189 5096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:33:48.0190 5096 msisadrv - ok
18:33:48.0216 5096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:33:48.0218 5096 MSKSSRV - ok
18:33:48.0238 5096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:48.0239 5096 MSPCLOCK - ok
18:33:48.0252 5096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:33:48.0253 5096 MSPQM - ok
18:33:48.0301 5096 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:33:48.0304 5096 MsRPC - ok
18:33:48.0323 5096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:33:48.0324 5096 mssmbios - ok
18:33:48.0340 5096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:33:48.0342 5096 MSTEE - ok
18:33:48.0356 5096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:48.0357 5096 MTConfig - ok
18:33:48.0380 5096 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
18:33:48.0380 5096 MTsensor - ok
18:33:48.0402 5096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:33:48.0403 5096 Mup - ok
18:33:48.0436 5096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:33:48.0440 5096 NativeWifiP - ok
18:33:48.0484 5096 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:33:48.0488 5096 NDIS - ok
18:33:48.0506 5096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:48.0508 5096 NdisCap - ok
18:33:48.0535 5096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:48.0537 5096 NdisTapi - ok
18:33:48.0586 5096 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:48.0588 5096 Ndisuio - ok
18:33:48.0627 5096 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:48.0630 5096 NdisWan - ok
18:33:48.0663 5096 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:33:48.0664 5096 NDProxy - ok
18:33:48.0696 5096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:33:48.0697 5096 NetBIOS - ok
18:33:48.0718 5096 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:33:48.0720 5096 NetBT - ok
18:33:48.0748 5096 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
18:33:48.0754 5096 netr28x - ok
18:33:48.0785 5096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:48.0786 5096 nfrd960 - ok
18:33:48.0810 5096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:33:48.0811 5096 Npfs - ok
18:33:48.0828 5096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:33:48.0829 5096 nsiproxy - ok
18:33:48.0883 5096 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:33:48.0909 5096 Ntfs - ok
18:33:48.0926 5096 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:33:48.0927 5096 Null - ok
18:33:48.0970 5096 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:33:48.0973 5096 nvraid - ok
18:33:49.0000 5096 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:33:49.0003 5096 nvstor - ok
18:33:49.0028 5096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:33:49.0030 5096 nv_agp - ok
18:33:49.0050 5096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:33:49.0052 5096 ohci1394 - ok
18:33:49.0093 5096 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:33:49.0100 5096 Parport - ok
18:33:49.0130 5096 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:33:49.0132 5096 partmgr - ok
18:33:49.0166 5096 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:33:49.0168 5096 pci - ok
18:33:49.0206 5096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:33:49.0207 5096 pciide - ok
18:33:49.0224 5096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:49.0227 5096 pcmcia - ok
18:33:49.0241 5096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:33:49.0242 5096 pcw - ok
18:33:49.0259 5096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:33:49.0265 5096 PEAUTH - ok
18:33:49.0353 5096 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:33:49.0355 5096 PptpMiniport - ok
18:33:49.0369 5096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:33:49.0370 5096 Processor - ok
18:33:49.0406 5096 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:33:49.0438 5096 Psched - ok
18:33:49.0467 5096 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:33:49.0467 5096 PxHlpa64 - ok
18:33:49.0514 5096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:33:49.0540 5096 ql2300 - ok
18:33:49.0569 5096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:49.0571 5096 ql40xx - ok
18:33:49.0594 5096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:33:49.0595 5096 QWAVEdrv - ok
18:33:49.0654 5096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:33:49.0655 5096 RasAcd - ok
18:33:49.0681 5096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:49.0683 5096 RasAgileVpn - ok
18:33:49.0728 5096 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:49.0731 5096 Rasl2tp - ok
18:33:49.0758 5096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:49.0760 5096 RasPppoe - ok
18:33:49.0778 5096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:33:49.0780 5096 RasSstp - ok
18:33:49.0822 5096 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:33:49.0825 5096 rdbss - ok
18:33:49.0841 5096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:49.0842 5096 rdpbus - ok
18:33:49.0862 5096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:49.0863 5096 RDPCDD - ok
18:33:49.0882 5096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:33:49.0883 5096 RDPENCDD - ok
18:33:49.0893 5096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:33:49.0893 5096 RDPREFMP - ok
18:33:49.0932 5096 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:33:49.0934 5096 RDPWD - ok
18:33:49.0967 5096 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:33:49.0969 5096 rdyboost - ok
18:33:50.0013 5096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:33:50.0015 5096 rspndr - ok
18:33:50.0056 5096 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:33:50.0061 5096 RTL8167 - ok
18:33:50.0108 5096 S3XXx64 (4f55bc63dca859a6dedc1106e0062135) C:\Windows\system32\DRIVERS\S3XXx64.sys
18:33:50.0141 5096 S3XXx64 - ok
18:33:50.0252 5096 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:33:50.0253 5096 SASDIFSV - ok
18:33:50.0322 5096 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:33:50.0323 5096 SASKUTIL - ok
18:33:50.0354 5096 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:33:50.0356 5096 sbp2port - ok
18:33:50.0387 5096 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:33:50.0388 5096 scfilter - ok
18:33:50.0409 5096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:33:50.0410 5096 secdrv - ok
18:33:50.0428 5096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:33:50.0430 5096 Serenum - ok
18:33:50.0452 5096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:33:50.0455 5096 Serial - ok
18:33:50.0505 5096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:33:50.0508 5096 sermouse - ok
18:33:50.0536 5096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:33:50.0538 5096 sffdisk - ok
18:33:50.0551 5096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:33:50.0553 5096 sffp_mmc - ok
18:33:50.0567 5096 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
18:33:50.0568 5096 sffp_sd - ok
18:33:50.0581 5096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:50.0582 5096 sfloppy - ok
18:33:50.0605 5096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:50.0606 5096 SiSRaid2 - ok
18:33:50.0625 5096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:50.0627 5096 SiSRaid4 - ok
18:33:50.0644 5096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:33:50.0646 5096 Smb - ok
18:33:50.0673 5096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:33:50.0673 5096 spldr - ok
18:33:50.0709 5096 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:33:50.0714 5096 srv - ok
18:33:50.0730 5096 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:33:50.0735 5096 srv2 - ok
18:33:50.0751 5096 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:33:50.0753 5096 srvnet - ok
18:33:50.0787 5096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:33:50.0789 5096 stexstor - ok
18:33:50.0811 5096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:33:50.0812 5096 swenum - ok
18:33:50.0884 5096 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:33:50.0910 5096 Tcpip - ok
18:33:50.0943 5096 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:33:50.0952 5096 TCPIP6 - ok
18:33:50.0995 5096 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:33:50.0996 5096 tcpipreg - ok
18:33:51.0022 5096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:33:51.0027 5096 TDPIPE - ok
18:33:51.0055 5096 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:33:51.0057 5096 TDTCP - ok
18:33:51.0096 5096 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:33:51.0099 5096 tdx - ok
18:33:51.0116 5096 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:33:51.0117 5096 TermDD - ok
18:33:51.0162 5096 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:51.0164 5096 tssecsrv - ok
18:33:51.0195 5096 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:33:51.0196 5096 TsUsbFlt - ok
18:33:51.0229 5096 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:33:51.0231 5096 tunnel - ok
18:33:51.0248 5096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:33:51.0249 5096 uagp35 - ok
18:33:51.0283 5096 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:33:51.0287 5096 udfs - ok
18:33:51.0310 5096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:33:51.0312 5096 uliagpkx - ok
18:33:51.0322 5096 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:33:51.0323 5096 umbus - ok
18:33:51.0344 5096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:33:51.0344 5096 UmPass - ok
18:33:51.0385 5096 USB28xxBGA (1e1786e15f91183be26732e89adc1817) C:\Windows\system32\DRIVERS\emBDA64.sys
18:33:51.0391 5096 USB28xxBGA - ok
18:33:51.0435 5096 USB28xxOEM (e97f0e00adbc1bcef691c71dbee77041) C:\Windows\system32\DRIVERS\emOEM64.sys
18:33:51.0442 5096 USB28xxOEM - ok
18:33:51.0475 5096 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:33:51.0508 5096 usbaudio - ok
18:33:51.0529 5096 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:33:51.0531 5096 usbccgp - ok
18:33:51.0549 5096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:33:51.0551 5096 usbcir - ok
18:33:51.0571 5096 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:33:51.0603 5096 usbehci - ok
18:33:51.0622 5096 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:33:51.0658 5096 usbhub - ok
18:33:51.0674 5096 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
18:33:51.0675 5096 usbohci - ok
18:33:51.0696 5096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:33:51.0697 5096 usbprint - ok
18:33:51.0716 5096 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:33:51.0718 5096 usbscan - ok
18:33:51.0730 5096 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:51.0763 5096 USBSTOR - ok
18:33:51.0778 5096 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
18:33:51.0779 5096 usbuhci - ok
18:33:51.0830 5096 V0330VID (102f170cf0f5304acf7fb663b7adb5e0) C:\Windows\system32\DRIVERS\V0330Vid.sys
18:33:51.0832 5096 V0330VID - ok
18:33:51.0848 5096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:33:51.0849 5096 vdrvroot - ok
18:33:51.0865 5096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:51.0867 5096 vga - ok
18:33:51.0883 5096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:33:51.0884 5096 VgaSave - ok
18:33:51.0902 5096 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:33:51.0905 5096 vhdmp - ok
18:33:51.0931 5096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:33:51.0933 5096 viaide - ok
18:33:51.0946 5096 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:33:51.0947 5096 volmgr - ok
18:33:51.0983 5096 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:33:51.0987 5096 volmgrx - ok
18:33:52.0008 5096 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:33:52.0010 5096 volsnap - ok
18:33:52.0027 5096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:33:52.0029 5096 vsmraid - ok
18:33:52.0050 5096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:33:52.0051 5096 vwifibus - ok
18:33:52.0071 5096 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:33:52.0072 5096 vwififlt - ok
18:33:52.0114 5096 wacmoumonitor (6b6718dc4b4597ec10f4f8c614282ee1) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
18:33:52.0115 5096 wacmoumonitor - ok
18:33:52.0152 5096 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
18:33:52.0152 5096 wacommousefilter - ok
18:33:52.0171 5096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:33:52.0175 5096 WacomPen - ok
18:33:52.0206 5096 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
18:33:52.0238 5096 wacomvhid - ok
18:33:52.0257 5096 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:33:52.0259 5096 WANARP - ok
18:33:52.0262 5096 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:33:52.0263 5096 Wanarpv6 - ok
18:33:52.0301 5096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:33:52.0305 5096 Wd - ok
18:33:52.0325 5096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:33:52.0331 5096 Wdf01000 - ok
18:33:52.0355 5096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:52.0356 5096 WfpLwf - ok
18:33:52.0373 5096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:33:52.0375 5096 WIMMount - ok
18:33:52.0417 5096 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.sys
18:33:52.0418 5096 WinUsb - ok
18:33:52.0436 5096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:33:52.0437 5096 WmiAcpi - ok
18:33:52.0472 5096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:33:52.0473 5096 ws2ifsl - ok
18:33:52.0511 5096 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:33:52.0513 5096 WudfPf - ok
18:33:52.0535 5096 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:52.0537 5096 WUDFRd - ok
18:33:52.0559 5096 MBR (0x1B8) (4976d4a7a40b83fc7f06ee4bdd84eb9b) \Device\Harddisk0\DR0
18:33:52.0618 5096 \Device\Harddisk0\DR0 - ok
18:33:52.0626 5096 Boot (0x1200) (c461793059bc94d6f27de81b9c7401a6) \Device\Harddisk0\DR0\Partition0
18:33:52.0628 5096 \Device\Harddisk0\DR0\Partition0 - ok
18:33:52.0628 5096 ============================================================
18:33:52.0628 5096 Scan finished
18:33:52.0628 5096 ============================================================
18:33:52.0637 7144 Detected object count: 0
18:33:52.0637 7144 Actual detected object count: 0

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:42 AM

Posted 20 March 2012 - 07:43 PM

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 REDWORC

REDWORC
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 21 March 2012 - 09:55 PM

here
Thank you for the help. I have created the new topic and posted it to the link above

Edited by REDWORC, 21 March 2012 - 09:57 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users