Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Google Hijacker I Can't Seem to Fix


  • Please log in to reply
6 replies to this topic

#1 liverwort23

liverwort23

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 13 March 2012 - 07:50 PM

Last night I (stupidly) opened a pdf online and today when I click on a Google search Result, I get taken to places I do not want to go. I have AVG but it finds nothing. I downloaded and ran Malwarebytes. It found Trojan.Agent and Adware.Targetsaver. It said bother were quarantined and deleted successfully, but when I tried a Google search, the hijack happened again. I am at my wit's end. Can someone please help me?

I'm running Windows 7 on a little netbook.

Help!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:02 PM

Posted 13 March 2012 - 08:23 PM

Hello and thanks for posting. Lets see some logs.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.

>>>
Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running no
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 liverwort23

liverwort23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 13 March 2012 - 08:31 PM

Thanks for responding boopme! I will do those things and post my logs. Thanks!

#4 liverwort23

liverwort23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 14 March 2012 - 10:25 AM

Dear boopme,

I ran the four programs. The logs are posted below. I've just tried and Explorer is running slow and when I tried a Google search I got redirected again. I am desolate. If there's anyway you can help, I'll be so much obliged.

LW

-

MiniToolBox by Farbar Version: 18-01-2012
Ran by (administrator) on 13-03-2012 at 21:41:35
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


::1 localhost


127.0.0.1 localhost
127.0.0.1 ad.doubleclick.net
127.0.0.1 xson1.info/?site=8
127.0.0.1 xson1.info
127.0.0.1 www.chinaontv.com
127.0.0.1 rdr.tag.channelintelligence.com
127.0.0.1 clicks.beap.ad.yieldmanager.net
127.0.0.1 yads.zedo.com
127.0.0.1 ads.bluelithium.com
127.0.0.1 global.ard.yahoo.com
127.0.0.1 clicks.beap.ad.yieldmanager.net/c
127.0.0.1 ad.adperium.com
127.0.0.1 ad.adperium.com/clk
127.0.0.1 www.adperium.com
127.0.0.1 ads.bluelithium.com/clk
127.0.0.1 global.ard.yahoo.com/sig
127.0.0.1 imp.bid.ace.advertising.com
127.0.0.1 counter.awempire.com
127.0.0.1 counter.jasmin.hu

There are 12763 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . :
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-25-D3-F5-34-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-F5-34-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b408:ac07:f452:f2d7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, March 13, 2012 9:31:26 PM
Lease Expires . . . . . . . . . . : Wednesday, March 14, 2012 9:31:25 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301999571
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-2F-D0-B8-E0-CB-4E-67-CB-87
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E0-CB-4E-67-CB-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5D2ABF3E-246F-438F-A250-B1179519108D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:ca4:258d:b7a5:aa25(Preferred)
Link-local IPv6 Address . . . . . : fe80::ca4:258d:b7a5:aa25%29(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.224
74.125.226.230
74.125.226.225
74.125.226.231
74.125.226.232
74.125.226.238
74.125.226.226
74.125.226.229
74.125.226.228
74.125.226.227
74.125.226.233


Pinging google.com [74.125.226.200] with 32 bytes of data:
Reply from 74.125.226.200: bytes=32 time=14ms TTL=55
Reply from 74.125.226.200: bytes=32 time=14ms TTL=55

Ping statistics for 74.125.226.200:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 14ms, Average = 14ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
98.139.127.62


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=71ms TTL=56
Reply from 209.191.122.70: bytes=32 time=70ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 70ms, Maximum = 71ms, Average = 70ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...06 25 d3 f5 34 9f ......Microsoft Virtual WiFi Miniport Adapter
11...00 25 d3 f5 34 9f ......Atheros AR9285 Wireless Network Adapter
10...e0 cb 4e 67 cb 87 ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
29...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
29 58 ::/0 On-link
1 306 ::1/128 On-link
29 58 2001::/32 On-link
29 306 2001:0:4137:9e76:ca4:258d:b7a5:aa25/128
On-link
11 281 fe80::/64 On-link
29 306 fe80::/64 On-link
29 306 fe80::ca4:258d:b7a5:aa25/128
On-link
11 281 fe80::b408:ac07:f452:f2d7/128
On-link
1 306 ff00::/8 On-link
29 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/13/2012 09:45:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x0000c0fb
Faulting process id: 0x16b4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 09:43:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006af9
Faulting process id: 0x1088
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 09:36:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006b44
Faulting process id: 0x730
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 09:35:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006af9
Faulting process id: 0x3e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 09:03:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006b44
Faulting process id: 0x1354
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 09:01:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006b44
Faulting process id: 0x15c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 08:56:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006d6f
Faulting process id: 0x1774
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 08:55:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006f59
Faulting process id: 0x13d0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 08:52:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x0000c3ff
Faulting process id: 0x1028
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (03/13/2012 08:34:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ws2_32.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb4a
Exception code: 0xc0000005
Fault offset: 0x00006f59
Faulting process id: 0x138c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (03/13/2012 09:33:23 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (03/13/2012 09:33:23 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2042022812/

Error: (03/13/2012 09:33:23 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (03/13/2012 09:33:23 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2042022812/

Error: (03/13/2012 09:32:45 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/13/2012 09:31:45 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/13/2012 08:01:07 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (03/13/2012 08:01:07 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2042022812/

Error: (03/13/2012 08:01:07 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (03/13/2012 08:01:07 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2042022812/


Microsoft Office Sessions:
=========================
Error: (03/12/2012 02:34:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/21/2011 02:55:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2498 seconds with 300 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 7.1.4)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.3.0)
Adobe Acrobat 9.3.0 - CPSID_52073
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Ashampoo Burning Studio 9.21 (Version: 9.2.1)
ASUS VIBE (Version: 1.0.187)
ASUSUpdate for Eee PC
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
AXIS Media Control Embedded
Boingo Wi-Fi (Version: 1.7.0048)
BufferChm (Version: 140.0.212.000)
calibre (Version: 0.8.36)
Canon CanoScan LiDE 100 User Registration
Canon MP Navigator EX 2.0
CanoScan LiDE 100 Scanner Driver
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
D110 (Version: 140.0.283.000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
E-Cam (Version: 2.0.2.1)
ebi.BookReader3J (Version: 3.75.14)
Eee Docking 3.6.0 (Version: 3.6.0)
EeeSplendid (Version: 5.1.2.0004)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
FontResizer (Version: 1.01.0007)
GPBaseService2 (Version: 140.0.211.000)
GrabBee (Version: 1.0.7.6)
Hotkey Service (Version: 1.14)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8064.206)
K-Lite Codec Pack 5.5.3 (Full) BETA (Version: 5.5.3)
LiveUpdate (Version: 1.21)
LocaleMe (Version: 1.2)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 140.0.212.000)
Media Player Classic - Home Cinema 1.6.0.4014 (Version: 1.6.0.4014)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (Version: 12.0.6425.1000)
Microsoft Office Language Pack 2007 - French/Français (Version: 12.0.6425.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (Version: 12.0.6425.1000)
Microsoft Office Language Pack 2007 - Italian/Italiano (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office O MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office O MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office O MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office O MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office SharePoint Designer MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Office X MUI (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office X MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office X MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office X MUI (Italian) 2007 (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network (Version: 140.0.215.000)
Octoshape add-in for Adobe Flash Player
OOBERegBackup
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickTransfer (Version: 140.0.98.000)
Ralink RT2860 Wireless LAN Card (Version: 1.2.0.1)
Real Alternative 2.0.2 Lite (Version: 2.0.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5948)
RealUpgrade 1.1 (Version: 1.1.0)
RecordPad Sound Recorder
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
Skype Toolbars (Version: 5.5.7896)
Skype™ 5.5 (Version: 5.5.124)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
SoundTap Streaming Audio Recorder
Status (Version: 140.0.256.000)
Super Hybrid Engine (Version: 2.09)
Switch Sound File Converter
Synaptics Pointing Device Driver (Version: 13.2.6.1)
SystemSetting
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
USB Video/Audio Device Driver (Version: 1.00.0000)
WavePad Sound Editor
WebReg (Version: 140.0.212.017)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Family Safety (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)
WinRAR archiver
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 79%
Total physical RAM: 1015.24 MB
Available physical RAM: 210.86 MB
Total Pagefile: 2039.24 MB
Available Pagefile: 916.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:139.03 GB) (Free:3.55 GB) NTFS

========================= Users: ========================================




**** End of log ****


TDSSKiller



21:55:33.0239 2864 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
21:55:35.0283 2864 ============================================================
21:55:35.0283 2864 Current date / time: 2012/03/13 21:55:35.0283
21:55:35.0283 2864 SystemInfo:
21:55:35.0283 2864
21:55:35.0283 2864 OS Version: 6.1.7600 ServicePack: 0.0
21:55:35.0283 2864 Product type: Workstation
21:55:35.0283 2864 ComputerName:
21:55:35.0283 2864 UserName:
21:55:35.0283 2864 Windows directory: C:\windows
21:55:35.0283 2864 System windows directory: C:\windows
21:55:35.0283 2864 Processor architecture: Intel x86
21:55:35.0283 2864 Number of processors: 2
21:55:35.0283 2864 Page size: 0x1000
21:55:35.0283 2864 Boot type: Normal boot
21:55:35.0283 2864 ============================================================
21:55:37.0732 2864 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:55:37.0732 2864 \Device\Harddisk0\DR0:
21:55:37.0748 2864 MBR used
21:55:37.0748 2864 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x11610800
21:55:37.0904 2864 Initialize success
21:55:37.0904 2864 ============================================================
21:55:50.0961 5688 ============================================================
21:55:50.0961 5688 Scan started
21:55:50.0961 5688 Mode: Manual;
21:55:50.0961 5688 ============================================================
21:55:53.0816 5688 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\drivers\1394ohci.sys
21:55:53.0831 5688 1394ohci - ok
21:55:53.0956 5688 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\drivers\ACPI.sys
21:55:53.0972 5688 ACPI - ok
21:55:54.0112 5688 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\drivers\acpipmi.sys
21:55:54.0128 5688 AcpiPmi - ok
21:55:54.0331 5688 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
21:55:54.0362 5688 adp94xx - ok
21:55:54.0533 5688 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
21:55:54.0549 5688 adpahci - ok
21:55:54.0736 5688 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
21:55:54.0736 5688 adpu320 - ok
21:55:54.0939 5688 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
21:55:54.0955 5688 AFD - ok
21:55:55.0048 5688 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
21:55:55.0064 5688 agp440 - ok
21:55:55.0189 5688 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
21:55:55.0189 5688 aic78xx - ok
21:55:55.0641 5688 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
21:55:55.0657 5688 aliide - ok
21:55:55.0953 5688 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
21:55:55.0953 5688 amdagp - ok
21:55:56.0187 5688 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
21:55:56.0203 5688 amdide - ok
21:55:56.0359 5688 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
21:55:56.0359 5688 AmdK8 - ok
21:55:56.0468 5688 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
21:55:56.0483 5688 AmdPPM - ok
21:55:56.0671 5688 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
21:55:56.0686 5688 amdsata - ok
21:55:56.0858 5688 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
21:55:56.0873 5688 amdsbs - ok
21:55:57.0014 5688 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
21:55:57.0029 5688 amdxata - ok
21:55:57.0154 5688 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
21:55:57.0154 5688 AppID - ok
21:55:57.0451 5688 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
21:55:57.0466 5688 arc - ok
21:55:57.0607 5688 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
21:55:57.0607 5688 arcsas - ok
21:55:57.0809 5688 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\windows\system32\drivers\AsUpIO.sys
21:55:57.0825 5688 AsUpIO - ok
21:55:57.0934 5688 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
21:55:57.0934 5688 AsyncMac - ok
21:55:58.0137 5688 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
21:55:58.0137 5688 atapi - ok
21:55:58.0543 5688 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys
21:55:58.0699 5688 athr - ok
21:55:59.0525 5688 Avgfwfd (c46ba2c177df0b84f9c0bfc1e4574dc7) C:\windows\system32\DRIVERS\avgfwd6x.sys
21:55:59.0541 5688 Avgfwfd - ok
21:55:59.0993 5688 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
21:56:00.0025 5688 AVGIDSDriver - ok
21:56:01.0819 5688 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
21:56:01.0819 5688 AVGIDSEH - ok
21:56:02.0209 5688 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
21:56:02.0209 5688 AVGIDSFilter - ok
21:56:02.0489 5688 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\windows\system32\DRIVERS\AVGIDSShim.Sys
21:56:02.0521 5688 AVGIDSShim - ok
21:56:02.0723 5688 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\windows\system32\DRIVERS\avgldx86.sys
21:56:02.0739 5688 Avgldx86 - ok
21:56:02.0989 5688 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\windows\system32\DRIVERS\avgmfx86.sys
21:56:02.0989 5688 Avgmfx86 - ok
21:56:03.0363 5688 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\windows\system32\DRIVERS\avgrkx86.sys
21:56:03.0379 5688 Avgrkx86 - ok
21:56:03.0566 5688 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\windows\system32\DRIVERS\avgtdix.sys
21:56:03.0566 5688 Avgtdix - ok
21:56:03.0784 5688 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
21:56:03.0800 5688 b06bdrv - ok
21:56:03.0940 5688 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
21:56:03.0956 5688 b57nd60x - ok
21:56:04.0127 5688 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
21:56:04.0143 5688 Beep - ok
21:56:04.0237 5688 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
21:56:04.0252 5688 blbdrive - ok
21:56:04.0424 5688 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
21:56:04.0439 5688 bowser - ok
21:56:04.0595 5688 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
21:56:04.0595 5688 BrFiltLo - ok
21:56:04.0673 5688 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
21:56:04.0673 5688 BrFiltUp - ok
21:56:04.0845 5688 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
21:56:04.0861 5688 Brserid - ok
21:56:05.0001 5688 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
21:56:05.0017 5688 BrSerWdm - ok
21:56:05.0095 5688 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
21:56:05.0110 5688 BrUsbMdm - ok
21:56:05.0141 5688 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
21:56:05.0173 5688 BrUsbSer - ok
21:56:05.0344 5688 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
21:56:05.0344 5688 BthEnum - ok
21:56:05.0500 5688 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
21:56:05.0516 5688 BTHMODEM - ok
21:56:05.0609 5688 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
21:56:05.0625 5688 BthPan - ok
21:56:05.0797 5688 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
21:56:05.0812 5688 BTHPORT - ok
21:56:06.0031 5688 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
21:56:06.0031 5688 BTHUSB - ok
21:56:06.0155 5688 btwaudio - ok
21:56:06.0296 5688 btwavdt - ok
21:56:06.0327 5688 btwl2cap - ok
21:56:06.0374 5688 btwrchid - ok
21:56:06.0421 5688 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
21:56:06.0436 5688 cdfs - ok
21:56:06.0577 5688 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\drivers\cdrom.sys
21:56:06.0592 5688 cdrom - ok
21:56:06.0748 5688 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
21:56:06.0764 5688 circlass - ok
21:56:06.0842 5688 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
21:56:06.0857 5688 CLFS - ok
21:56:06.0998 5688 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
21:56:07.0013 5688 CmBatt - ok
21:56:07.0107 5688 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
21:56:07.0123 5688 cmdide - ok
21:56:07.0232 5688 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
21:56:07.0247 5688 CNG - ok
21:56:07.0435 5688 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
21:56:07.0450 5688 Compbatt - ok
21:56:07.0653 5688 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\drivers\CompositeBus.sys
21:56:07.0653 5688 CompositeBus - ok
21:56:07.0809 5688 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
21:56:07.0809 5688 crcdisk - ok
21:56:07.0996 5688 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\windows\system32\drivers\csc.sys
21:56:08.0012 5688 CSC - ok
21:56:08.0230 5688 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
21:56:08.0230 5688 DfsC - ok
21:56:08.0308 5688 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
21:56:08.0308 5688 discache - ok
21:56:08.0433 5688 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
21:56:08.0464 5688 Disk - ok
21:56:08.0636 5688 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
21:56:08.0651 5688 drmkaud - ok
21:56:08.0776 5688 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
21:56:08.0807 5688 DXGKrnl - ok
21:56:09.0088 5688 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
21:56:09.0244 5688 ebdrv - ok
21:56:09.0447 5688 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
21:56:09.0478 5688 elxstor - ok
21:56:09.0650 5688 emAudio (8bc8294ab15a472d05650cc6c255204a) C:\windows\system32\drivers\emAudio.sys
21:56:09.0665 5688 emAudio - ok
21:56:09.0743 5688 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
21:56:09.0743 5688 ErrDev - ok
21:56:09.0946 5688 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
21:56:09.0962 5688 exfat - ok
21:56:10.0024 5688 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
21:56:10.0024 5688 fastfat - ok
21:56:10.0165 5688 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
21:56:10.0165 5688 fdc - ok
21:56:10.0321 5688 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
21:56:10.0336 5688 FileInfo - ok
21:56:10.0399 5688 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
21:56:10.0399 5688 Filetrace - ok
21:56:10.0523 5688 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
21:56:10.0539 5688 flpydisk - ok
21:56:10.0757 5688 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
21:56:10.0773 5688 FltMgr - ok
21:56:10.0867 5688 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
21:56:10.0867 5688 FsDepends - ok
21:56:11.0023 5688 fssfltr (574cea4d3510ec905c0163c42d305ba5) C:\windows\system32\DRIVERS\fssfltr.sys
21:56:11.0038 5688 fssfltr - ok
21:56:11.0179 5688 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
21:56:11.0194 5688 Fs_Rec - ok
21:56:11.0381 5688 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
21:56:11.0381 5688 fvevol - ok
21:56:11.0506 5688 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
21:56:11.0522 5688 gagp30kx - ok
21:56:11.0647 5688 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
21:56:11.0647 5688 hcw85cir - ok
21:56:11.0865 5688 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
21:56:11.0881 5688 HdAudAddService - ok
21:56:12.0052 5688 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\drivers\HDAudBus.sys
21:56:12.0068 5688 HDAudBus - ok
21:56:12.0224 5688 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
21:56:12.0224 5688 HidBatt - ok
21:56:12.0302 5688 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
21:56:12.0317 5688 HidBth - ok
21:56:12.0458 5688 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
21:56:12.0458 5688 HidIr - ok
21:56:12.0645 5688 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\drivers\hidusb.sys
21:56:12.0661 5688 HidUsb - ok
21:56:12.0863 5688 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
21:56:12.0863 5688 HpSAMD - ok
21:56:13.0066 5688 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
21:56:13.0082 5688 HTTP - ok
21:56:13.0191 5688 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
21:56:13.0191 5688 hwpolicy - ok
21:56:13.0378 5688 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
21:56:13.0378 5688 i8042prt - ok
21:56:13.0550 5688 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys
21:56:13.0550 5688 iaStor - ok
21:56:13.0753 5688 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
21:56:13.0768 5688 iaStorV - ok
21:56:14.0143 5688 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys
21:56:14.0392 5688 igfx - ok
21:56:14.0548 5688 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
21:56:14.0564 5688 iirsp - ok
21:56:14.0767 5688 IntcAzAudAddService (db96b8bd676bb24bd4f1dc53ca1f182c) C:\windows\system32\drivers\RTKVHDA.sys
21:56:14.0938 5688 IntcAzAudAddService - ok
21:56:15.0094 5688 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
21:56:15.0125 5688 intelide - ok
21:56:15.0235 5688 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
21:56:15.0235 5688 intelppm - ok
21:56:15.0375 5688 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:56:15.0375 5688 IpFilterDriver - ok
21:56:15.0578 5688 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\drivers\IPMIDrv.sys
21:56:15.0578 5688 IPMIDRV - ok
21:56:15.0703 5688 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
21:56:15.0718 5688 IPNAT - ok
21:56:15.0859 5688 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
21:56:15.0859 5688 IRENUM - ok
21:56:16.0030 5688 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
21:56:16.0046 5688 isapnp - ok
21:56:16.0171 5688 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\drivers\msiscsi.sys
21:56:16.0171 5688 iScsiPrt - ok
21:56:16.0373 5688 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
21:56:16.0373 5688 kbdclass - ok
21:56:16.0498 5688 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\drivers\kbdhid.sys
21:56:16.0498 5688 kbdhid - ok
21:56:16.0639 5688 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys
21:56:16.0654 5688 kbfiltr - ok
21:56:16.0810 5688 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
21:56:16.0810 5688 KSecDD - ok
21:56:16.0904 5688 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
21:56:16.0919 5688 KSecPkg - ok
21:56:17.0060 5688 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys
21:56:17.0060 5688 L1C - ok
21:56:17.0247 5688 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
21:56:17.0263 5688 lltdio - ok
21:56:17.0512 5688 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
21:56:17.0528 5688 LSI_FC - ok
21:56:17.0606 5688 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
21:56:17.0606 5688 LSI_SAS - ok
21:56:17.0715 5688 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
21:56:17.0731 5688 LSI_SAS2 - ok
21:56:17.0824 5688 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
21:56:17.0824 5688 LSI_SCSI - ok
21:56:17.0949 5688 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
21:56:17.0949 5688 luafv - ok
21:56:18.0105 5688 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
21:56:18.0121 5688 megasas - ok
21:56:18.0277 5688 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
21:56:18.0292 5688 MegaSR - ok
21:56:18.0386 5688 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
21:56:18.0386 5688 Modem - ok
21:56:18.0557 5688 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
21:56:18.0573 5688 monitor - ok
21:56:18.0776 5688 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
21:56:18.0776 5688 mouclass - ok
21:56:18.0963 5688 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
21:56:18.0979 5688 mouhid - ok
21:56:19.0103 5688 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
21:56:19.0103 5688 mountmgr - ok
21:56:19.0244 5688 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\drivers\mpio.sys
21:56:19.0275 5688 mpio - ok
21:56:19.0462 5688 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
21:56:19.0478 5688 mpsdrv - ok
21:56:19.0587 5688 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
21:56:19.0618 5688 MRxDAV - ok
21:56:19.0790 5688 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
21:56:19.0790 5688 mrxsmb - ok
21:56:19.0946 5688 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:56:19.0961 5688 mrxsmb10 - ok
21:56:20.0117 5688 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:56:20.0133 5688 mrxsmb20 - ok
21:56:20.0242 5688 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\drivers\msahci.sys
21:56:20.0258 5688 msahci - ok
21:56:20.0320 5688 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\drivers\msdsm.sys
21:56:20.0336 5688 msdsm - ok
21:56:20.0476 5688 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
21:56:20.0492 5688 Msfs - ok
21:56:20.0570 5688 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
21:56:20.0570 5688 mshidkmdf - ok
21:56:20.0695 5688 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
21:56:20.0695 5688 msisadrv - ok
21:56:20.0882 5688 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
21:56:20.0882 5688 MSKSSRV - ok
21:56:20.0960 5688 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
21:56:20.0960 5688 MSPCLOCK - ok
21:56:21.0069 5688 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
21:56:21.0069 5688 MSPQM - ok
21:56:21.0147 5688 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
21:56:21.0163 5688 MsRPC - ok
21:56:21.0303 5688 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
21:56:21.0319 5688 mssmbios - ok
21:56:21.0459 5688 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
21:56:21.0475 5688 MSTEE - ok
21:56:21.0568 5688 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
21:56:21.0584 5688 MTConfig - ok
21:56:21.0724 5688 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
21:56:21.0740 5688 Mup - ok
21:56:21.0927 5688 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
21:56:21.0943 5688 NativeWifiP - ok
21:56:22.0130 5688 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
21:56:22.0161 5688 NDIS - ok
21:56:22.0301 5688 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
21:56:22.0301 5688 NdisCap - ok
21:56:22.0457 5688 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
21:56:22.0457 5688 NdisTapi - ok
21:56:22.0613 5688 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
21:56:22.0629 5688 Ndisuio - ok
21:56:22.0691 5688 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
21:56:22.0691 5688 NdisWan - ok
21:56:22.0879 5688 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
21:56:22.0894 5688 NDProxy - ok
21:56:23.0035 5688 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
21:56:23.0050 5688 NetBIOS - ok
21:56:23.0128 5688 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
21:56:23.0128 5688 NetBT - ok
21:56:23.0300 5688 netr28 (596e25b4631df2be98fd2bade8bcc625) C:\windows\system32\DRIVERS\netr28.sys
21:56:23.0315 5688 netr28 - ok
21:56:23.0487 5688 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
21:56:23.0487 5688 nfrd960 - ok
21:56:23.0674 5688 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
21:56:23.0690 5688 Npfs - ok
21:56:23.0783 5688 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
21:56:23.0799 5688 nsiproxy - ok
21:56:24.0017 5688 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
21:56:24.0049 5688 Ntfs - ok
21:56:24.0205 5688 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
21:56:24.0220 5688 Null - ok
21:56:24.0407 5688 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
21:56:24.0407 5688 nvraid - ok
21:56:24.0485 5688 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
21:56:24.0485 5688 nvstor - ok
21:56:24.0641 5688 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
21:56:24.0657 5688 nv_agp - ok
21:56:24.0813 5688 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
21:56:24.0829 5688 ohci1394 - ok
21:56:24.0953 5688 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
21:56:24.0969 5688 Parport - ok
21:56:25.0109 5688 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
21:56:25.0125 5688 partmgr - ok
21:56:25.0219 5688 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
21:56:25.0219 5688 Parvdm - ok
21:56:25.0359 5688 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\drivers\pci.sys
21:56:25.0375 5688 pci - ok
21:56:25.0484 5688 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
21:56:25.0484 5688 pciide - ok
21:56:25.0640 5688 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
21:56:25.0655 5688 pcmcia - ok
21:56:25.0765 5688 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
21:56:25.0765 5688 pcw - ok
21:56:25.0936 5688 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
21:56:25.0952 5688 PEAUTH - ok
21:56:26.0264 5688 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
21:56:26.0264 5688 PptpMiniport - ok
21:56:26.0295 5688 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
21:56:26.0311 5688 Processor - ok
21:56:26.0498 5688 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
21:56:26.0498 5688 Psched - ok
21:56:26.0654 5688 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
21:56:26.0669 5688 PxHelp20 - ok
21:56:26.0810 5688 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
21:56:26.0841 5688 ql2300 - ok
21:56:26.0997 5688 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
21:56:26.0997 5688 ql40xx - ok
21:56:27.0075 5688 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
21:56:27.0075 5688 QWAVEdrv - ok
21:56:27.0184 5688 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
21:56:27.0200 5688 RasAcd - ok
21:56:27.0371 5688 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
21:56:27.0371 5688 RasAgileVpn - ok
21:56:27.0434 5688 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
21:56:27.0449 5688 Rasl2tp - ok
21:56:27.0652 5688 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
21:56:27.0652 5688 RasPppoe - ok
21:56:27.0824 5688 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
21:56:27.0839 5688 RasSstp - ok
21:56:27.0949 5688 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
21:56:27.0964 5688 rdbss - ok
21:56:28.0105 5688 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
21:56:28.0105 5688 rdpbus - ok
21:56:28.0214 5688 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
21:56:28.0229 5688 RDPCDD - ok
21:56:28.0417 5688 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\windows\system32\drivers\rdpdr.sys
21:56:28.0432 5688 RDPDR - ok
21:56:28.0588 5688 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
21:56:28.0604 5688 RDPENCDD - ok
21:56:28.0760 5688 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
21:56:28.0760 5688 RDPREFMP - ok
21:56:28.0838 5688 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
21:56:28.0853 5688 RDPWD - ok
21:56:28.0994 5688 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
21:56:29.0009 5688 rdyboost - ok
21:56:29.0197 5688 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
21:56:29.0212 5688 RFCOMM - ok
21:56:29.0415 5688 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
21:56:29.0431 5688 rspndr - ok
21:56:29.0680 5688 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\drivers\sbp2port.sys
21:56:29.0696 5688 sbp2port - ok
21:56:29.0821 5688 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
21:56:29.0821 5688 scfilter - ok
21:56:30.0023 5688 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
21:56:30.0039 5688 secdrv - ok
21:56:30.0257 5688 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
21:56:30.0273 5688 Serenum - ok
21:56:30.0445 5688 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
21:56:30.0445 5688 Serial - ok
21:56:30.0569 5688 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
21:56:30.0585 5688 sermouse - ok
21:56:30.0741 5688 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
21:56:30.0757 5688 sffdisk - ok
21:56:30.0819 5688 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
21:56:30.0819 5688 sffp_mmc - ok
21:56:30.0881 5688 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\drivers\sffp_sd.sys
21:56:30.0881 5688 sffp_sd - ok
21:56:30.0991 5688 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
21:56:31.0006 5688 sfloppy - ok
21:56:31.0193 5688 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
21:56:31.0209 5688 sisagp - ok
21:56:31.0318 5688 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
21:56:31.0334 5688 SiSRaid2 - ok
21:56:31.0443 5688 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
21:56:31.0459 5688 SiSRaid4 - ok
21:56:31.0646 5688 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
21:56:31.0661 5688 Smb - ok
21:56:31.0849 5688 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
21:56:31.0864 5688 spldr - ok
21:56:32.0098 5688 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
21:56:32.0114 5688 srv - ok
21:56:32.0176 5688 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
21:56:32.0192 5688 srv2 - ok
21:56:32.0317 5688 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
21:56:32.0332 5688 srvnet - ok
21:56:32.0519 5688 stdriver (8bb19094def583e0eece1830457444ee) C:\windows\system32\DRIVERS\stdriver32.sys
21:56:32.0535 5688 stdriver - ok
21:56:32.0613 5688 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
21:56:32.0613 5688 stexstor - ok
21:56:32.0816 5688 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
21:56:32.0831 5688 swenum - ok
21:56:33.0003 5688 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
21:56:33.0019 5688 SynTP - ok
21:56:33.0284 5688 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
21:56:33.0331 5688 Tcpip - ok
21:56:33.0658 5688 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
21:56:33.0674 5688 TCPIP6 - ok
21:56:33.0877 5688 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
21:56:33.0908 5688 tcpipreg - ok
21:56:34.0095 5688 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
21:56:34.0111 5688 TDPIPE - ok
21:56:34.0220 5688 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
21:56:34.0220 5688 TDTCP - ok
21:56:34.0360 5688 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
21:56:34.0391 5688 tdx - ok
21:56:34.0516 5688 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\drivers\termdd.sys
21:56:34.0532 5688 TermDD - ok
21:56:34.0735 5688 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
21:56:34.0750 5688 tssecsrv - ok
21:56:34.0937 5688 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
21:56:34.0969 5688 tunnel - ok
21:56:35.0109 5688 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
21:56:35.0125 5688 uagp35 - ok
21:56:35.0249 5688 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
21:56:35.0265 5688 udfs - ok
21:56:35.0468 5688 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
21:56:35.0468 5688 uliagpkx - ok
21:56:35.0686 5688 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\drivers\umbus.sys
21:56:35.0686 5688 umbus - ok
21:56:35.0780 5688 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
21:56:35.0795 5688 UmPass - ok
21:56:36.0029 5688 USB28xxBGA (62e22a4fa518bafef35bdc17bc5b2819) C:\windows\system32\DRIVERS\emBDA.sys
21:56:36.0061 5688 USB28xxBGA - ok
21:56:36.0248 5688 USB28xxOEM (9d055ed70e584df1563b745a7b86de59) C:\windows\system32\DRIVERS\emOEM.sys
21:56:36.0263 5688 USB28xxOEM - ok
21:56:36.0435 5688 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
21:56:36.0435 5688 usbccgp - ok
21:56:36.0544 5688 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
21:56:36.0544 5688 usbcir - ok
21:56:36.0669 5688 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
21:56:36.0685 5688 usbehci - ok
21:56:36.0887 5688 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
21:56:36.0887 5688 usbhub - ok
21:56:37.0012 5688 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
21:56:37.0012 5688 usbohci - ok
21:56:37.0231 5688 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
21:56:37.0246 5688 usbprint - ok
21:56:37.0402 5688 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
21:56:37.0402 5688 usbscan - ok
21:56:37.0543 5688 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\drivers\USBSTOR.SYS
21:56:37.0558 5688 USBSTOR - ok
21:56:37.0714 5688 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
21:56:37.0730 5688 usbuhci - ok
21:56:37.0839 5688 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
21:56:37.0839 5688 usbvideo - ok
21:56:38.0011 5688 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
21:56:38.0026 5688 vdrvroot - ok
21:56:38.0120 5688 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
21:56:38.0135 5688 vga - ok
21:56:38.0213 5688 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
21:56:38.0229 5688 VgaSave - ok
21:56:38.0369 5688 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\drivers\vhdmp.sys
21:56:38.0369 5688 vhdmp - ok
21:56:38.0525 5688 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
21:56:38.0541 5688 viaagp - ok
21:56:38.0697 5688 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
21:56:38.0697 5688 ViaC7 - ok
21:56:38.0869 5688 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
21:56:38.0869 5688 viaide - ok
21:56:39.0056 5688 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\drivers\volmgr.sys
21:56:39.0056 5688 volmgr - ok
21:56:39.0227 5688 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
21:56:39.0243 5688 volmgrx - ok
21:56:39.0446 5688 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\drivers\volsnap.sys
21:56:39.0461 5688 volsnap - ok
21:56:39.0633 5688 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
21:56:39.0649 5688 vsmraid - ok
21:56:39.0898 5688 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
21:56:39.0898 5688 vwifibus - ok
21:56:40.0054 5688 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
21:56:40.0070 5688 vwififlt - ok
21:56:40.0226 5688 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
21:56:40.0241 5688 vwifimp - ok
21:56:40.0319 5688 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
21:56:40.0319 5688 WacomPen - ok
21:56:40.0507 5688 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:56:40.0522 5688 WANARP - ok
21:56:40.0538 5688 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:56:40.0538 5688 Wanarpv6 - ok
21:56:40.0725 5688 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
21:56:40.0741 5688 Wd - ok
21:56:40.0819 5688 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
21:56:40.0834 5688 Wdf01000 - ok
21:56:41.0053 5688 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
21:56:41.0068 5688 WfpLwf - ok
21:56:41.0131 5688 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
21:56:41.0146 5688 WIMMount - ok
21:56:41.0365 5688 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
21:56:41.0380 5688 WinUsb - ok
21:56:41.0489 5688 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
21:56:41.0521 5688 WmiAcpi - ok
21:56:41.0708 5688 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
21:56:41.0723 5688 ws2ifsl - ok
21:56:41.0817 5688 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
21:56:41.0833 5688 WSDPrintDevice - ok
21:56:41.0973 5688 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
21:56:41.0989 5688 WudfPf - ok
21:56:42.0067 5688 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
21:56:42.0098 5688 WUDFRd - ok
21:56:42.0207 5688 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:56:42.0269 5688 \Device\Harddisk0\DR0 - ok
21:56:42.0285 5688 Boot (0x1200) (ddc7dac6645ba0f136e2867a62ca5f90) \Device\Harddisk0\DR0\Partition0
21:56:42.0301 5688 \Device\Harddisk0\DR0\Partition0 - ok
21:56:42.0301 5688 ============================================================
21:56:42.0301 5688 Scan finished
21:56:42.0301 5688 ============================================================
21:56:42.0347 2748 Detected object count: 0
21:56:42.0347 2748 Actual detected object count: 0



THIS DID NOT REQUIRE A REBOOT.



===

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/14/2012 at 02:19 AM

Application Version : 5.0.1146

Core Rules Database Version : 8333
Trace Rules Database Version: 6145

Scan type : Complete Scan
Total Scan Time : 04:08:59

Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC Off - Administrator

Memory items scanned : 622
Memory threats detected : 0
Registry items scanned : 35222
Registry threats detected : 1
File items scanned : 162246
File threats detected : 72

Malware.Trace
HKU\S-1-5-21-1457238553-2638413587-3634725375-1001\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

Adware.Tracking Cookie
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@pointroll[2].txt [ Cookie:Computer-User@pointroll.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@server.iad.liveperson[1].txt [ Cookie:Computer-User@server.iad.liveperson.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@atdmt[2].txt [ Cookie:Computer-User@atdmt.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@liveperson[1].txt [ Cookie:Computer-User@liveperson.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@content.yieldmanager[3].txt [ Cookie:Computer-User@content.yieldmanager.com/ak/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@yieldmanager[1].txt [ Cookie:Computer-User@yieldmanager.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@doubleclick[1].txt [ Cookie:Computer-User@doubleclick.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@avgtechnologies.112.2o7[1].txt [ Cookie:Computer-User@avgtechnologies.112.2o7.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@imrworldwide[2].txt [ Cookie:Computer-User@imrworldwide.com/cgi-bin ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@revsci[1].txt [ Cookie:Computer-User@revsci.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@apmebf[1].txt [ Cookie:Computer-User@apmebf.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@2o7[2].txt [ Cookie:Computer-User@2o7.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@invitemedia[1].txt [ Cookie:Computer-User@invitemedia.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@insightexpressai[2].txt [ Cookie:Computer-User@insightexpressai.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@trafficmp[1].txt [ Cookie:Computer-User@trafficmp.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Computer-User@ad.yieldmanager[1].txt [ Cookie:Computer-User@ad.yieldmanager.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\94D23WH1.txt [ Cookie:Computer-User@interclick.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@pointroll[2].txt [ Cookie:Computer-User@pointroll.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@burstbeacon[1].txt [ Cookie:Computer-User@burstbeacon.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@atdmt[1].txt [ Cookie:Computer-User@atdmt.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@www.burstbeacon[2].txt [ Cookie:Computer-User@www.burstbeacon.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@content.yieldmanager[3].txt [ Cookie:Computer-User@content.yieldmanager.com/ak/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@doubleclick[1].txt [ Cookie:Computer-User@doubleclick.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@avgtechnologies.112.2o7[1].txt [ Cookie:Computer-User@avgtechnologies.112.2o7.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@revsci[1].txt [ Cookie:Computer-User@revsci.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@apmebf[1].txt [ Cookie:Computer-User@apmebf.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:Computer-User@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@burstnet[2].txt [ Cookie:Computer-User@burstnet.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@invitemedia[1].txt [ Cookie:Computer-User@invitemedia.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@insightexpressai[1].txt [ Cookie:Computer-User@insightexpressai.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@trafficmp[2].txt [ Cookie:Computer-User@trafficmp.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@ad.yieldmanager[1].txt [ Cookie:Computer-User@ad.yieldmanager.com/ ]
C:\USERS\Computer-User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Computer-User@interclick[2].txt [ Cookie:Computer-User@interclick.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@pointroll[2].txt [ Cookie:Computer-User@pointroll.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@server.iad.liveperson[1].txt [ Cookie:Computer-User@server.iad.liveperson.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@atdmt[2].txt [ Cookie:Computer-User@atdmt.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@liveperson[1].txt [ Cookie:Computer-User@liveperson.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@content.yieldmanager[3].txt [ Cookie:Computer-User@content.yieldmanager.com/ak/ ]
C:\USERS\Computer-User\Cookies\Computer-User@yieldmanager[1].txt [ Cookie:Computer-User@yieldmanager.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@doubleclick[1].txt [ Cookie:Computer-User@doubleclick.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@avgtechnologies.112.2o7[1].txt [ Cookie:Computer-User@avgtechnologies.112.2o7.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@imrworldwide[2].txt [ Cookie:Computer-User@imrworldwide.com/cgi-bin ]
C:\USERS\Computer-User\Cookies\Computer-User@revsci[1].txt [ Cookie:Computer-User@revsci.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@apmebf[1].txt [ Cookie:Computer-User@apmebf.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@2o7[2].txt [ Cookie:Computer-User@2o7.net/ ]
C:\USERS\Computer-User\Cookies\Computer-User@invitemedia[1].txt [ Cookie:Computer-User@invitemedia.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@insightexpressai[2].txt [ Cookie:Computer-User@insightexpressai.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@trafficmp[1].txt [ Cookie:Computer-User@trafficmp.com/ ]
C:\USERS\Computer-User\Cookies\Computer-User@ad.yieldmanager[1].txt [ Cookie:Computer-User@ad.yieldmanager.com/ ]
C:\USERS\Computer-User\Cookies\94D23WH1.txt [ Cookie:Computer-User@interclick.com/ ]
ia.media-imdb.com [ C:\USERS\Computer-User\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J7J99ZE5 ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@ADS.CNN[1].TXT [ /ADS.CNN ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@ADS.POINTROLL[1].TXT [ /ADS.POINTROLL ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Computer-User@WWW6.ADDFREESTATS[1].TXT [ /WWW6.ADDFREESTATS ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@ADS.POINTROLL[1].TXT [ /ADS.POINTROLL ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@OVERTURE[1].TXT [ /OVERTURE ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\USERS\Computer-User\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Computer-User@WWW.BURSTNET[2].TXT [ /WWW.BURSTNET ]
click.searchnation.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\P3N7AFSC ]
content.oddcast.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\P3N7AFSC ]

Heur.Agent/Gen-WhiteBox
C:\USERS\Computer-User\DOWNLOADS\GET_IPLAYER_SETUP_LATEST.EXE

===


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.14.01

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Computer-User-User :: Computer-User-PC [administrator]

3/14/2012 2:50:38 AM
mbam-log-2012-03-14 (02-50-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215596
Time elapsed: 25 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



===

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:02 PM

Posted 14 March 2012 - 10:57 AM

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 liverwort23

liverwort23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 17 March 2012 - 11:19 PM

I ran the hosts fix it as you suggested. My computer is still infected, running VERY slowly and google searched still hijacked. I'm so sad that my AVG, which I pay for, let this evil thing through in the first place. This is reminding me of a virus I got on a different computer a few years ago. Ran all sorts of anti-V programs which found stuff, said they got rid of them, and in the end it just kept returning. Do you have any other suggestions? Is there anything else that I can do with any real hope of getting rid of this, or am I looking at having to reinstall windows from the ground up? Any help or suggestions you can give me will be deeply appreciated. (Sorry it's taken me days to respond to your last one. My work keeps me insanely busy and thankfully I have another old laptop that's fine which I use since my trusty netbook is infected.)

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:02 PM

Posted 18 March 2012 - 01:19 PM

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users