Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus security pro


  • This topic is locked This topic is locked
23 replies to this topic

#1 storefrontbill

storefrontbill

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 27 October 2013 - 10:19 PM

I have the virus antivirus security pro on my computer.  I read how to take it out but the virus will not allow me in safe mode.  It will kick me out of safe mode and take me right to windows.  How do I keep from getting kicked out of safe mode or what is my next step?

 

Thanks



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 28 October 2013 - 12:49 AM


Hello storefrontbill

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe or e:\frst.exe and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • First Press the Scan button.
  • It will make a log (FRST.txt)
I want you to poste the FRST.txt report into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 30 October 2013 - 06:51 PM

I cannot go to safe mode. It will automatically kick me out. If I go to windows it will not let me do anything. Everything you have asked me to do I can't do because it won't let me. How do I get so that I can work in safe mode

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 30 October 2013 - 08:23 PM

Hello

That is not safe mode, What operating system are you using - lets start with that


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 31 October 2013 - 01:11 PM

Gringo

It is windows XP home edition

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 31 October 2013 - 08:14 PM

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Remove the USB drive and insert it back in your working computer and navigate to report.txt

    Please note - all text entries are case sensitive
Copy and paste the report.txt for my review
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 01 November 2013 - 05:25 PM

I hope this is what you are looking for.  this is how it came across.

 

Fri Nov 1 14:15:48 UTC 2013
Driver report for /mnt/sda2/WINDOWS/system32/drivers
940d50c4c2cbeedb1bd1150b01344869 USBkey.sys has NO Company Name!

9859c0f6936e723e4892d7141b1327d5  acpiec.sys
Microsoft Corporation

15634a4d4371423ad438b93ee0519cb8  acpi.sys
Microsoft Corporation

11c04b17ed2abbb4833694bcd644ac90  aeaudio.sys
Andrea Electronics Corporation

8bed39e3c35d6a489438b8141717a557  aec.sys
Microsoft Corporation

e5d9213212ed08dc5f985049f7c68c09  afd.sys
Microsoft Corporation

1961590aa191b6b7dcf18a6a693af7b8  AFGSp50.sys
tH`FVS_VERSION_INFO?bStringFileInfoB|.CompanyNamePrintingCommunicationsAssoc.,Inc.(PCAUSA)p$FileDescriptionPCAUSANDIS.SPRProtocolDrivernFileVersion...bInternalNamePCASp.SYSDLegalCopyrightCopyright-PrintingCommunicationsAssoc.,Inc.(PCAUSA)@bOriginalFilenamePCASp.SYSXProductNamePCAUSARawetherforWindowsnProductVersion...DVarFileInfo$Translationt

a42abfaee59a1dc0e47014e7b5d76ad6  agp440.sys
Microsoft Corporation

5bca168ae64cf68e71136313dab99533  agpcpq.sys
Microsoft Corporation

044af10f3fb5a284b8dbdbb28084ca14  alim1541.sys
Microsoft Corporation

6f49c51fa7db9aa37472f72b25a88598  amdagp.sys
Advanced Micro Devices

59d395f727b90f118a9119143107de16  amdk6.sys
Microsoft Corporation

1f4bb35aa965e1310ad45b64c23845a7  amdk7.sys
Microsoft Corporation

135e26db492bf04084efcb0bb4ad3117  arp1394.sys
Microsoft Corporation

0d4681f78a20b50d691a4f3c9f75eb41  asyncmac.sys
Microsoft Corporation

335bb30ed68cf3dc0ee2bddb438b6a9b  atapi.sys
Microsoft Corporation

d649c57da6fa762c64013747e5d7d2d6  ati1btxx.sys
ATI Technologies

60b6aa2dc1521da343f781b70eb7895a  ati1mdxx.sys
ATI Technologies

6fdc61e8e8e17f6ecc2d9a10fa8df347  ati1pdxx.sys
ATI Technologies

9d318099bf3876a4af4bc75966d27603  ati1raxx.sys
ATI Technologies

bcaf267b10620f8c93f6e87ab726e145  ati1rvxx.sys
ATI Technologies

dac7d785cf62f5bd41441e9d6f5a6efe  ati1snxx.sys
ATI Technologies

f7706dae7d101f1b19ce552d772ebfce  ati1ttxx.sys
ATI Technologies

6f714b4720dd80ffa9f8d2731594ea4c  ati1tuxx.sys
ATI Technologies

67ffbc158dd4d27ba3fc92c6acd87f73  ati1xbxx.sys
ATI Technologies

0d8cab1f08f7d3c4de228b49e12e596a  ati1xsxx.sys
ATI Technologies

2d030c2f6b036ca0bc243e1b16d924d1  ati2mtaa.sys
ATI Technologies

8759322ffc1a50569c1e5528ee8026b7  ati2mtag.sys
ATI Technologies

993e7bd6438fe989e328c6b4bca246a9  atinbtxx.sys
ATI Technologies

ed4c2bf8403f4437987c0ba09cf48716  atinmdxx.sys
ATI Technologies

e90ac2b14e98f1a4372e5891b4278784  atinpdxx.sys
ATI Technologies

da36687d701c833430605a298731410b  atinraxx.sys
ATI Technologies

a7a01b907db63898d40b0a14248ff9a2  atinrvxx.sys
ATI Technologies

ceddee2e0591894d19654d458fd3b9be  atinsnxx.sys
ATI Technologies

d80a8f6c0a717446496c3a06d33b0d9c  atinttxx.sys
ATI Technologies

edd66332608d27f4fd5069bcd0bc5164  atintuxx.sys
ATI Technologies

3e7d485cbd0b0d9f6ea2ad9442411831  atinxbxx.sys
ATI Technologies

77b575d7aab35d5908ae6ce681608d62  atinxsxx.sys
ATI Technologies

ecf89e5bd58e3a3cc2e7db0f0d9f6c6c  atmarpc.sys
Microsoft Corporation

39a0a59180f19946374275745b21aeba  atmepvc.sys
Microsoft Corporation

a8b509e83dad734004810aae9cd20e11  atmlane.sys
Microsoft Corporation

e7ef69b38d17ba01f914ae8f66216a38  atmuni.sys
Microsoft Corporation

d9f724aa26c010a217c97606b160ed68  audstub.sys
Microsoft Corporation

b8c187439d27aba430dd69fdcf1fa657  avgldx86.sys
9859c0f6936e723e4892d7141b1327d5  acpiec.sys
Microsoft Corporation

15634a4d4371423ad438b93ee0519cb8  acpi.sys
AVG Technologies

53b3f979930a786a614d29cafe99f645  avgmfx86.sys
AVG Technologies

9a7a93388f503a34e7339ae7f9997449  avgtdix.sys
Microsoft Corporation

11c04b17ed2abbb4833694bcd644ac90  aeaudio.sys
Andrea Electronics Corporation

8bed39e3c35d6a489438b8141717a557  aec.sys
Microsoft Corporation

e5d9213212ed08dc5f985049f7c68c09  afd.sys
AVG Technologies

da1f27d85e0d1525f6621372e7b685e9  beep.sys
Microsoft Corporation

7a5559fe80e2dcb62059dc648dbe5bf5  bridge.sys
Microsoft Corporation

1961590aa191b6b7dcf18a6a693af7b8  AFGSp50.sys
tH`FVS_VERSION_INFO?bStringFileInfoB|.CompanyNamePrintingCommunicationsAssoc.,Inc.(PCAUSA)p$FileDescriptionPCAUSANDIS.SPRProtocolDrivernFileVersion...bInternalNamePCASp.SYSDLegalCopyrightCopyright-PrintingCommunicationsAssoc.,Inc.(PCAUSA)@bOriginalFilenamePCASp.SYSXProductNamePCAUSARawetherforWindowsnProductVersion...DVarFileInfo$Translationt

a42abfaee59a1dc0e47014e7b5d76ad6  agp440.sys
Microsoft Corporation

94b18b93f50a80bff064fc1ad8a22c83  bthenum.sys
Microsoft Corporation

3921bed963d7b6c36ccfb758bfa96057  bthmodem.sys
Microsoft Corporation

5bca168ae64cf68e71136313dab99533  agpcpq.sys
Microsoft Corporation

531a63062e8e292c46f3c0c0f6a91c31  bthpan.sys
Microsoft Corporation

044af10f3fb5a284b8dbdbb28084ca14  alim1541.sys
Microsoft Corporation

6f49c51fa7db9aa37472f72b25a88598  amdagp.sys
Microsoft Corporation

2c8ccaf9e22cfe845bf1e6ce702e9e7b  bthport.sys
Advanced Micro Devices

59d395f727b90f118a9119143107de16  amdk6.sys
Microsoft Corporation

1f4bb35aa965e1310ad45b64c23845a7  amdk7.sys
Microsoft Corporation

135e26db492bf04084efcb0bb4ad3117  arp1394.sys
Microsoft Corporation

0d4681f78a20b50d691a4f3c9f75eb41  asyncmac.sys
Microsoft Corporation

335bb30ed68cf3dc0ee2bddb438b6a9b  atapi.sys
Microsoft Corporation

d649c57da6fa762c64013747e5d7d2d6  ati1btxx.sys
Microsoft Corporation

b5671e6613651c9a3ec412bb1f60bff4  bthprint.sys
Microsoft Corporation

3f04d4479303a9f1fbda5a18f7c8d0aa  bthusb.sys
ATI Technologies

60b6aa2dc1521da343f781b70eb7895a  ati1mdxx.sys
Microsoft Corporation

90a673fc8e12a79afbed2576f6a7aaf9  cbidf2k.sys
ATI Technologies

6fdc61e8e8e17f6ecc2d9a10fa8df347  ati1pdxx.sys
Microsoft Corporation

c1b486a7658353d33a10cc15211a873b  cdaudio.sys
ATI Technologies

9d318099bf3876a4af4bc75966d27603  ati1raxx.sys
Microsoft Corporation

b7b2efd695bb6e937eb3e5b5465b6f47  cdfs.sys
ATI Technologies

bcaf267b10620f8c93f6e87ab726e145  ati1rvxx.sys
Microsoft Corporation

bf79e659c506674c0497cc9c61f1a165  cdr4_xp.sys
Sonic Solutions

2c41cd49d82d5fd85c72d57b6ca25471  cdralw2k.sys
ATI Technologies

dac7d785cf62f5bd41441e9d6f5a6efe  ati1snxx.sys
Sonic Solutions

1f29616b1fc4d66a988cf97531bcf729  cdrom.sys
ATI Technologies

f7706dae7d101f1b19ce552d772ebfce  ati1ttxx.sys
ATI Technologies

6f714b4720dd80ffa9f8d2731594ea4c  ati1tuxx.sys
Microsoft Corporation

84853b3fd012251690570e9e7e43343f  cercsr6.sys
ATI Technologies

67ffbc158dd4d27ba3fc92c6acd87f73  ati1xbxx.sys
Adaptec

b562592b7f5759c99e179ca467ecfb4c  cinemst2.sys
ATI Technologies

0d8cab1f08f7d3c4de228b49e12e596a  ati1xsxx.sys
ATI Technologies

2d030c2f6b036ca0bc243e1b16d924d1  ati2mtaa.sys
Ravisent Technologies

b2b2e2c75acee21396ad584266733662  classpnp.sys
Microsoft Corporation

9624293e55ad405415862b504ca95b73  cpqdap01.sys
Compaq Computer Corp

8f304540b219f6ee8a4993038f8ab16e  crusoe.sys
Microsoft Corporation

734bbe7c66e6fd6047a1bd29b9343b30  dc3d.sys
Microsoft Corporation

96c25c84d31f3569e579baa434a85174  dfg.sys
tH`VS_VERSION_INFO?StringFileInfobPCompanyNamedefragDevelopmentTeamDFileDescriptiondefragDrivervFileVersion,,,(InternalNamedfgFLegalCopyrightCopyrightbOriginalFilenamedfg.sys.aProductNamedefrag:vProductVersion,,,DVarFileInfo$Translationt*

e5a9120638aa13b6c9bb2dde03dd1a6f  diskdump.sys
Microsoft Corporation
ATI Technologies

023712144c69e60fcb662cda2715bf16  disk.sys
8759322ffc1a50569c1e5528ee8026b7  ati2mtag.sys
Microsoft Corporation

1e5c89a65465f6d9674898eb4989cb86  dmboot.sys
Microsoft Corp

6cf151f832ec417ffaf68f20ed7d39fb  dmio.sys
Microsoft Corp

e9317282a63ca4d188c0df5e09c6ac5f  dmload.sys
Microsoft Corp

c561840c22148f5affb659d547efdbb0  dmusic.sys
Microsoft Corporation

c13ee685aa1a8950146f7f968eb090bd  drmkaud.sys
Microsoft Corporation

52de70853d430db942bee7b04fbf29dd  drmk.sys
Microsoft Corporation

f8918c6b6e5f756db20a8b8c42b5a0ac  dumpdrv.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87  dxapi.sys
Microsoft Corporation

21d59843d394e33076d13940bb28b650  dxg.sys
Microsoft Corporation

a73f5d6705b1d820c19b18782e176efd  dxgthk.sys
Microsoft Corporation

98b46b331404a951cabad8b4877e1276  e100b325.sys
ATI Technologies

993e7bd6438fe989e328c6b4bca246a9  atinbtxx.sys
ATI Technologies

ed4c2bf8403f4437987c0ba09cf48716  atinmdxx.sys
ATI Technologies

e90ac2b14e98f1a4372e5891b4278784  atinpdxx.sys
ATI Technologies

da36687d701c833430605a298731410b  atinraxx.sys
Intel Corporation

f696cf49c72f50ea0c1038c2daa98a00  fastfat.sys
ATI Technologies

a7a01b907db63898d40b0a14248ff9a2  atinrvxx.sys
ATI Technologies

ceddee2e0591894d19654d458fd3b9be  atinsnxx.sys
Microsoft Corporation

650fa0d37498f9e2b201a09dbca0b85b  fdc.sys
ATI Technologies

Microsoft Corporation

d80a8f6c0a717446496c3a06d33b0d9c  atinttxx.sys
74947fd2d6a9151c0bb9c72bdaf0e894  fips.sys
ATI Technologies

edd66332608d27f4fd5069bcd0bc5164  atintuxx.sys
Microsoft Corporation

3b8607a2bf5aec3dab18cf3612c07c1d  flpydisk.sys
Microsoft Corporation

87ec219a7ae5553144e2086d2d7daa8a  fltmgr.sys
ATI Technologies

3e7d485cbd0b0d9f6ea2ad9442411831  atinxbxx.sys
ATI Technologies

77b575d7aab35d5908ae6ce681608d62  atinxsxx.sys
ATI Technologies

ecf89e5bd58e3a3cc2e7db0f0d9f6c6c  atmarpc.sys
Microsoft Corporation

3e1e2bd4f39b0e2b7dc4f4d2bcc2779a  fs_rec.sys
Microsoft Corporation

455f778ee14368468560bd7cb8c854d0  fsvga.sys
Microsoft Corporation

6ac26732762483366c3969c9e4d2259d  ftdisk.sys
Microsoft Corporation

39a0a59180f19946374275745b21aeba  atmepvc.sys
Microsoft Corporation

a8b509e83dad734004810aae9cd20e11  atmlane.sys
Microsoft Corporation

e7ef69b38d17ba01f914ae8f66216a38  atmuni.sys
Microsoft Corporation

601509b647422d641cc1a61c3e48def4  gagp30kx.sys
Microsoft Corporation

7e3a6df46d3f28e1f56f3768796aba93  hidbth.sys
Microsoft Corporation

d0e0698cc89c254ea6524a4c37139b5f  hidclass.sys
Microsoft Corporation

58d92bcbc411dfedb80c5a66c74c1e19  hidir.sys
Microsoft Corporation

12a08a287b78cf33c472f3a6b8a971f6  hidparse.sys
Microsoft Corporation

5f845228561e9545edc6f9ebfa15d338  hidusb.sys
Microsoft Corporation

d03d10f7ded688fecf50f8fbf1ea9b8a  HPZid412.sys
HP

89f41658929393487b6b7d13c8528ce3  HPZipr12.sys
HP
Microsoft Corporation

d9f724aa26c010a217c97606b160ed68  audstub.sys
abcb05ccdbf03000354b9553820e39f8  HPZius12.sys
Microsoft Corporation

b8c187439d27aba430dd69fdcf1fa657  avgldx86.sys
HP

970178e8e003eb1481293830069624b9  hsfbs2s2.sys
Conexant

1225ebea76aac3c84df6c54fe5e5d8be  hsfcxts2.sys
AVG Technologies

53b3f979930a786a614d29cafe99f645  avgmfx86.sys
AVG Technologies

9a7a93388f503a34e7339ae7f9997449  avgtdix.sys
AVG Technologies

da1f27d85e0d1525f6621372e7b685e9  beep.sys
Microsoft Corporation

7a5559fe80e2dcb62059dc648dbe5bf5  bridge.sys
Conexant

Microsoft Corporation
ebb354438a4c5a3327fb97306260714a  hsfdpsp2.sys

94b18b93f50a80bff064fc1ad8a22c83  bthenum.sys
Microsoft Corporation

3921bed963d7b6c36ccfb758bfa96057  bthmodem.sys
Microsoft Corporation

531a63062e8e292c46f3c0c0f6a91c31  bthpan.sys
Microsoft Corporation

2c8ccaf9e22cfe845bf1e6ce702e9e7b  bthport.sys
Microsoft Corporation

b5671e6613651c9a3ec412bb1f60bff4  bthprint.sys
Microsoft Corporation

3f04d4479303a9f1fbda5a18f7c8d0aa  bthusb.sys
Microsoft Corporation

90a673fc8e12a79afbed2576f6a7aaf9  cbidf2k.sys
Microsoft Corporation

c1b486a7658353d33a10cc15211a873b  cdaudio.sys
Microsoft Corporation

b7b2efd695bb6e937eb3e5b5465b6f47  cdfs.sys
Microsoft Corporation

bf79e659c506674c0497cc9c61f1a165  cdr4_xp.sys
Sonic Solutions

2c41cd49d82d5fd85c72d57b6ca25471  cdralw2k.sys
Sonic Solutions

1f29616b1fc4d66a988cf97531bcf729  cdrom.sys
Microsoft Corporation

84853b3fd012251690570e9e7e43343f  cercsr6.sys
Adaptec

b562592b7f5759c99e179ca467ecfb4c  cinemst2.sys
Conexant

681afd0f5d6a12be948181b11a7f80a6  http.sys
Ravisent Technologies

b2b2e2c75acee21396ad584266733662  classpnp.sys
Microsoft Corporation

Microsoft Corporation

30abe7000df369d8b1c4174429260aad  i8042prt.sys
9624293e55ad405415862b504ca95b73  cpqdap01.sys
Compaq Computer Corp

8f304540b219f6ee8a4993038f8ab16e  crusoe.sys
Microsoft Corporation

734bbe7c66e6fd6047a1bd29b9343b30  dc3d.sys
Microsoft Corporation

96c25c84d31f3569e579baa434a85174  dfg.sys
tH`VS_VERSION_INFO?StringFileInfobPCompanyNamedefragDevelopmentTeamDFileDescriptiondefragDrivervFileVersion,,,(InternalNamedfgFLegalCopyrightCopyrightbOriginalFilenamedfg.sys.aProductNamedefrag:vProductVersion,,,DVarFileInfo$Translationt*

e5a9120638aa13b6c9bb2dde03dd1a6f  diskdump.sys
Microsoft Corporation

023712144c69e60fcb662cda2715bf16  disk.sys
Microsoft Corporation

1e5c89a65465f6d9674898eb4989cb86  dmboot.sys
Microsoft Corporation

0acebb31989cbf9a5663fe4a33d28d21  ialmnt5.sys
Microsoft Corp

6cf151f832ec417ffaf68f20ed7d39fb  dmio.sys
Microsoft Corp

e9317282a63ca4d188c0df5e09c6ac5f  dmload.sys
Microsoft Corp

c561840c22148f5affb659d547efdbb0  dmusic.sys
Microsoft Corporation

c13ee685aa1a8950146f7f968eb090bd  drmkaud.sys
Microsoft Corporation

52de70853d430db942bee7b04fbf29dd  drmk.sys
Microsoft Corporation

f8918c6b6e5f756db20a8b8c42b5a0ac  dumpdrv.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87  dxapi.sys
Microsoft Corporation

21d59843d394e33076d13940bb28b650  dxg.sys
Microsoft Corporation

a73f5d6705b1d820c19b18782e176efd  dxgthk.sys
Microsoft Corporation

98b46b331404a951cabad8b4877e1276  e100b325.sys
Intel Corporation

f696cf49c72f50ea0c1038c2daa98a00  fastfat.sys
Intel Corporation

e32bf30d20b5c162775f9a3451e87b67  imapi.sys
Microsoft Corporation

650fa0d37498f9e2b201a09dbca0b85b  fdc.sys
Microsoft Corporation

f019c4688b8f36c2fd6eb1743d0898d6  intelide.sys
Microsoft Corporation

74947fd2d6a9151c0bb9c72bdaf0e894  fips.sys
Microsoft Corporation

b3731ca1bdb32f83c817263646c31c15  intelppm.sys
Microsoft Corporation

3b8607a2bf5aec3dab18cf3612c07c1d  flpydisk.sys
Microsoft Corporation

ef9bb587e33c2c245b5b83e882501ff6  ip6fw.sys
Microsoft Corporation

87ec219a7ae5553144e2086d2d7daa8a  fltmgr.sys
Microsoft Corporation

731f22ba402ee4b62748adaf6363c182  ipfltdrv.sys
Microsoft Corporation

30aba7a3f81e4b76c963cd6caa23cb49  ipinip.sys
Microsoft Corporation

eeb5787bd1445c8dc592f40691781774  ipnat.sys
Microsoft Corporation

3e1e2bd4f39b0e2b7dc4f4d2bcc2779a  fs_rec.sys
Microsoft Corporation

455f778ee14368468560bd7cb8c854d0  fsvga.sys
Microsoft Corporation

6ac26732762483366c3969c9e4d2259d  ftdisk.sys
Microsoft Corporation

bfea19daff955239a16a80c3cdf64fbe  ipsec.sys
Microsoft Corporation

64e28d94089cff1c3c77f02f99ffac3f  irenum.sys
Microsoft Corporation

81a40a1118265dfc09c036f7776ebcc0  isapnp.sys
Microsoft Corporation

601509b647422d641cc1a61c3e48def4  gagp30kx.sys
Microsoft Corporation

4ff969b48f320f6ce0b07247069c4c22  kbdclass.sys
Microsoft Corporation

7e3a6df46d3f28e1f56f3768796aba93  hidbth.sys
Microsoft Corporation

0cded60b750cb5023e901f1fe4e15556  kbdhid.sys
Microsoft Corporation

d0e0698cc89c254ea6524a4c37139b5f  hidclass.sys
Microsoft Corporation

55e8d7039254728e9f071118184ff53b  kmixer.sys
Microsoft Corporation

58d92bcbc411dfedb80c5a66c74c1e19  hidir.sys
Microsoft Corporation

12a08a287b78cf33c472f3a6b8a971f6  hidparse.sys
Microsoft Corporation

5f845228561e9545edc6f9ebfa15d338  hidusb.sys
Microsoft Corporation

d03d10f7ded688fecf50f8fbf1ea9b8a  HPZid412.sys
HP

89f41658929393487b6b7d13c8528ce3  HPZipr12.sys
HP

Microsoft Corporation

abcb05ccdbf03000354b9553820e39f8  HPZius12.sys
23ea4c1a4ca28fd766ed2d3a5beaee3f  ksecdd.sys
HP

970178e8e003eb1481293830069624b9  hsfbs2s2.sys
Microsoft Corporation

b22b731579953321fee58914f568e17b  ks.sys
Conexant

1225ebea76aac3c84df6c54fe5e5d8be  hsfcxts2.sys
Microsoft Corporation

4470e3c1e0c3378e4cab137893c12c3a  mbam.sys
Malwarebytes Corporation

d1f8be91ed4ddb671d42e473e3fe71ab  mcd.sys
Microsoft Corporation

195741aee20369980796b557358cd774  mdmxsdk.sys
Conexant

9f682ff15efa5187f306d7dd66ee9a7c  mf.sys
Microsoft Corporation

4ae068242760a1fb6e1a44bf4e16afa6  mnmdd.sys
Microsoft Corporation

add0bb36498e4da9b1b6a3e201b60a18  modem.sys
Microsoft Corporation

78833e368ada63bcbc95d79ff3c04de0  monblanking.sys
tH`XXVS_VERSION_INFO?baStringFileInfoBJCompanyNameCitrixSystems,Inc.FileDescriptionCitrixHDXDforProGraphicsMonitorBlankingDrivertFileVersion...bInternalNamemonblankingv)LegalCopyrightCopyright-CitrixSystems,Inc.HOriginalFilenamemonblanking.sys@ProductNameCitrixICAHost,ProductVersion.DVarFileInfo$Translationt*

e70558b84cb0cb9c739cc48ead2a4323  mouclass.sys
Microsoft Corporation

b1c303e17fb9d46e87a98e4ba6769685  mouhid.sys
Microsoft Corporation

07be8cafd246a7dfb7fd4a387e936e92  mountmgr.sys
Microsoft Corporation

ac816eff53bca79369f0b8643165368c  mrxdav.sys
Conexant

ebb354438a4c5a3327fb97306260714a  hsfdpsp2.sys
Microsoft Corporation

73484c0377fefa76a4ddd48112ec93a3  mrxsmb.sys
Microsoft Corporation

4d563545581e72c477ab00741b119853  msfs.sys
Microsoft Corporation

9479c26a5691ccea495e2438ef11c948  msgpc.sys
Microsoft Corporation

b16206732e541c04c1860d84447ef5bf  mskssrv.sys
Microsoft Corporation

bd33cfa58c156cbd5419a87c3a4cd0b2  mspclock.sys
Microsoft Corporation

a7ec2f88fae0f03252a60950660cc3e1  mspqm.sys
Microsoft Corporation

f41814fd8811b2ba2a43a79aa8cce82a  mssmbios.sys
Microsoft Corporation

c53775780148884ac87c455489a0c070  mtlmnt5.sys
Smart Link

54886a652bf5685192141df304e923fd  mtlstrm.sys
Conexant

681afd0f5d6a12be948181b11a7f80a6  http.sys
Microsoft Corporation

30abe7000df369d8b1c4174429260aad  i8042prt.sys
Microsoft Corporation

0acebb31989cbf9a5663fe4a33d28d21  ialmnt5.sys
Smart Link

6dda78a0be692b61b668fab860f276cf  mtxparhm.sys
Intel Corporation

e32bf30d20b5c162775f9a3451e87b67  imapi.sys
Microsoft Corporation

f019c4688b8f36c2fd6eb1743d0898d6  intelide.sys
Microsoft Corporation

b3731ca1bdb32f83c817263646c31c15  intelppm.sys
Matrox Graphics

2bb00d68cc9fbda1ee3d9bab9e4fd620  mup.sys
Microsoft Corporation

ef9bb587e33c2c245b5b83e882501ff6  ip6fw.sys
Microsoft Corporation

731f22ba402ee4b62748adaf6363c182  ipfltdrv.sys
Microsoft Corporation

30aba7a3f81e4b76c963cd6caa23cb49  ipinip.sys
Microsoft Corporation

0cce5960bcae1135317428637521948b  mutohpen.sys
Microsoft Corporation

eeb5787bd1445c8dc592f40691781774  ipnat.sys
Microsoft Corporation

d1b364f049eb84a883c8a45d3b92ff3b  ndis.sys
Microsoft Corporation

bfea19daff955239a16a80c3cdf64fbe  ipsec.sys
Microsoft Corporation

7d0d0f2bf199c2df0a9d1b01406168ac  ndistapi.sys
Microsoft Corporation

64e28d94089cff1c3c77f02f99ffac3f  irenum.sys
Microsoft Corporation

e8969046dc350ecd1e9209dfe341c170  ndisuio.sys
Microsoft Corporation

81a40a1118265dfc09c036f7776ebcc0  isapnp.sys
Microsoft Corporation

266fded9836490ff227ad13e677ba4fb  ndiswan.sys
Microsoft Corporation

4ff969b48f320f6ce0b07247069c4c22  kbdclass.sys
Microsoft Corporation

0cded60b750cb5023e901f1fe4e15556  kbdhid.sys
Microsoft Corporation

55e8d7039254728e9f071118184ff53b  kmixer.sys
Microsoft Corporation

5aa58d218431c79e36a4878f18414637  ndproxy.sys
Microsoft Corporation

c70b403d8158e11bf0d43d5b153cbe6b  netbios.sys
Microsoft Corporation

c181e1f7a2a251b7af6352dcbd8457f3  netbt.sys
Microsoft Corporation

23ea4c1a4ca28fd766ed2d3a5beaee3f  ksecdd.sys
Microsoft Corporation

17d865dd3bc94ae76e1909aeaee55f22  nic1394.sys
Microsoft Corporation

b22b731579953321fee58914f568e17b  ks.sys
Microsoft Corporation

be984d604d91c217355cdd3737aad25d  nikedrv.sys
Diamond Multimedia Systems

9b6da3f502cec60292262eb143ef7de9  nmnt.sys
Microsoft Corporation

20c123afc574abf76ba35d39c26ae6df  npfs.sys
Microsoft Corporation

4470e3c1e0c3378e4cab137893c12c3a  mbam.sys
Microsoft Corporation

Malwarebytes Corporation

34a993d7e519364f5d548b5726917753  ntfs.sys
d1f8be91ed4ddb671d42e473e3fe71ab  mcd.sys
Microsoft Corporation

195741aee20369980796b557358cd774  mdmxsdk.sys
Conexant

9f682ff15efa5187f306d7dd66ee9a7c  mf.sys
Microsoft Corporation

4ae068242760a1fb6e1a44bf4e16afa6  mnmdd.sys
Microsoft Corporation

add0bb36498e4da9b1b6a3e201b60a18  modem.sys
Microsoft Corporation

78833e368ada63bcbc95d79ff3c04de0  monblanking.sys
tH`XXVS_VERSION_INFO?baStringFileInfoBJCompanyNameCitrixSystems,Inc.FileDescriptionCitrixHDXDforProGraphicsMonitorBlankingDrivertFileVersion...bInternalNamemonblankingv)LegalCopyrightCopyright-CitrixSystems,Inc.HOriginalFilenamemonblanking.sys@ProductNameCitrixICAHost,ProductVersion.DVarFileInfo$Translationt*

e70558b84cb0cb9c739cc48ead2a4323  mouclass.sys
Microsoft Corporation

b1c303e17fb9d46e87a98e4ba6769685  mouhid.sys
Microsoft Corporation

07be8cafd246a7dfb7fd4a387e936e92  mountmgr.sys
Microsoft Corporation

ac816eff53bca79369f0b8643165368c  mrxdav.sys
Microsoft Corporation

576b34ceae5b7e5d9fd2775e93b3db53  ntmtlfax.sys
Microsoft Corporation

73484c0377fefa76a4ddd48112ec93a3  mrxsmb.sys
Smart Link

73c1e1f395918bc2c6dd67af7591a3ad  null.sys
Microsoft Corporation

2b298519edbfcf451d43e0f1e8f1006d  nv4_mini.sys
Microsoft Corporation

4d563545581e72c477ab00741b119853  msfs.sys
Microsoft Corporation

9479c26a5691ccea495e2438ef11c948  msgpc.sys
Microsoft Corporation

b16206732e541c04c1860d84447ef5bf  mskssrv.sys
Microsoft Corporation

bd33cfa58c156cbd5419a87c3a4cd0b2  mspclock.sys
Microsoft Corporation

a7ec2f88fae0f03252a60950660cc3e1  mspqm.sys
Microsoft Corporation

f41814fd8811b2ba2a43a79aa8cce82a  mssmbios.sys
Microsoft Corporation

c53775780148884ac87c455489a0c070  mtlmnt5.sys
Smart Link

54886a652bf5685192141df304e923fd  mtlstrm.sys
Smart Link

6dda78a0be692b61b668fab860f276cf  mtxparhm.sys
Matrox Graphics

2bb00d68cc9fbda1ee3d9bab9e4fd620  mup.sys
Microsoft Corporation

0cce5960bcae1135317428637521948b  mutohpen.sys
Microsoft Corporation

d1b364f049eb84a883c8a45d3b92ff3b  ndis.sys
Microsoft Corporation

7d0d0f2bf199c2df0a9d1b01406168ac  ndistapi.sys
Microsoft Corporation

e8969046dc350ecd1e9209dfe341c170  ndisuio.sys
Microsoft Corporation

266fded9836490ff227ad13e677ba4fb  ndiswan.sys
Microsoft Corporation

5aa58d218431c79e36a4878f18414637  ndproxy.sys
Microsoft Corporation

c70b403d8158e11bf0d43d5b153cbe6b  netbios.sys
NVIDIA Corporation

a1f88223528aadbb6374132becbbdcc1  NvAtaBus.sys
Microsoft Corporation

c181e1f7a2a251b7af6352dcbd8457f3  netbt.sys
NVIDIA Corporation

30dd670c6ffa1e0ef51955c08a7fe5bf  nvraid.sys
NVIDIA Corporation

b305f3fad35083837ef46a0bbce2fc57  nwlnkflt.sys
Microsoft Corporation

c99b3415198d1aab7227f2c88fd664b9  nwlnkfwd.sys
Microsoft Corporation

17d865dd3bc94ae76e1909aeaee55f22  nic1394.sys
Microsoft Corporation

6fd296f9a891c2ca812c0f90015ef55b  nwlnkipx.sys
Microsoft Corporation

be984d604d91c217355cdd3737aad25d  nikedrv.sys
Diamond Multimedia Systems

9b6da3f502cec60292262eb143ef7de9  nmnt.sys
Microsoft Corporation

56d34a67c05e94e16377c60609741ff8  nwlnknb.sys
Microsoft Corporation

20c123afc574abf76ba35d39c26ae6df  npfs.sys
Microsoft Corporation

34a993d7e519364f5d548b5726917753  ntfs.sys
Microsoft Corporation

c0bb7d1615e1acbdc99757f6ceaf8cf0  nwlnkspx.sys
Microsoft Corporation

4bb30ddc53ebc76895e38694580cdfe9  oprghdlr.sys
Microsoft Corporation

ec66855193aa90eb8d405f30a631a0c8  p3.sys
Microsoft Corporation

4512940ecd930438670cdca7fff1a878  parclass.sys
Microsoft Corporation

10572a94d8978619ce4845fe8595c9a5  parport.sys
Microsoft Corporation

67075da61516adedd710a9da6c6c8acb  partmgr.sys
Microsoft Corporation

70e98b3fd8e963a6a46a2e6247e0bea1  parvdm.sys
Microsoft Corporation

ccf5f451bb1a5a2a522a76e670000ff0  pciide.sys
Microsoft Corporation

14a46dc4658af65f06b3ef2f2dadd4b7  pciidex.sys
Microsoft Corporation

f3cebed46dc3a7f1758745c1d1fa5fcf  pci.sys
Microsoft Corporation

1ec157cb90d06455d67c007ada4973ac  pcmcia.sys
Microsoft Corporation

576b34ceae5b7e5d9fd2775e93b3db53  ntmtlfax.sys
Smart Link

73c1e1f395918bc2c6dd67af7591a3ad  null.sys
Microsoft Corporation

2b298519edbfcf451d43e0f1e8f1006d  nv4_mini.sys
Microsoft Corporation

7d7a9c17d5455203dea11e5ef886cc59  point32.sys
Microsoft Corporation

74cdbe4c057b066bbb65d10adfd219ac  portcls.sys
Microsoft Corporation

7169253efd25e3213c432f59350f16a8  processr.sys
Microsoft Corporation

8dc29e493cce832784a60bf7c120f132  psched.sys
Microsoft Corporation

80d317bd1c3dbc5d4fe7b1678c60cadd  ptilink.sys
 Parallel Technologies

0457e25bb122b854e267cf552dcdc370  pxhelp20.sys
Sonic Solutions

fe0d99d6f31e4fad8159f690d68ded9c  rasacd.sys
Microsoft Corporation

dbc6aeda3111edaf60948fc063565006  rasl2tp.sys
Microsoft Corporation

96467fc3e135f0b174b8978bd8ce69f9  raspppoe.sys
Microsoft Corporation

87d6a848dc367056778168d40a6f1a70  raspptp.sys
Microsoft Corporation

fdbb1d60066fcfbb7452fd8f9829b242  raspti.sys
Microsoft Corporation

01524cd237223b18adbb48f70083f101  rawwan.sys
Microsoft Corporation

1116a775bfa71f2c13f3d420da455ff2  rdbss.sys
Microsoft Corporation

4912d5b403614ce99c28420f75353332  rdpcdd.sys
Microsoft Corporation

9b7b9221177c83c7cbfd20b4b67f23dc  rdpdr.sys
Microsoft Corporation

0cd1bda7f6848e4de4eed3d36874ffb5  rdpwd.sys
Microsoft Corporation

e9aaa0092d74a9d371659c4c38882e12  recagent.sys
Smart Link

11540f52cbc8a4c97467579bbf7ffae2  redbook.sys
Microsoft Corporation

56a3d460e8a056a7c084c9e03b55de71  rfcomm.sys
Microsoft Corporation

a56fe08ec7473e8580a390bb1081cdd7  rio8drv.sys
Diamond Multimedia Systems

0a854df84c77a0be205bfeab2ae4f0ec  riodrv.sys
Diamond Multimedia Systems

0e8cc7b0819f17a867c4c31ad179bc19  rmcast.sys
Microsoft Corporation

e657ef40a18cb81bbd85ba03d448fbc3  rndismp.sys
Microsoft Corporation

1140260c84380192b2ca91c121e36712  rndismpx.sys
Microsoft Corporation

d8b0b4ade32574b2d9c5cc34dc0dbbe7  rootmdm.sys
Microsoft Corporation

0dbcc071a268e0340a2ba6bdd98bace4  s3gnbm.sys
SGraphics

bce8e93f5d5dc98014dba8e8b523c733  scsiport.sys
Microsoft Corporation

b00b9087cb993aa9f67c45cc94b1324b  sdbus.sys
Microsoft Corporation

90a3935d05b494a5a39d37e71f09a677  secdrv.sys
Macrovision Corporation

de23787927cb72533d4869855e955329  serenum.sys
Microsoft Corporation

471168d4b9adfd1f9e692f8779455188  serial.sys
Microsoft Corporation

a9573045baa16eab9b1085205b82f1ed  serscan.sys
Microsoft Corporation

521697636e8379c0e6d0c30ee13912d8  sffdisk.sys
Microsoft Corporation

b3eeb24afcb861fdb135ee881f3d522e  sffp_mmc.sys
Microsoft Corporation

35b1daa09e851252aecafc022e4da388  sffp_sd.sys
Microsoft Corporation

dc495a349dfd94fbfe4cf0689ed647b2  sfloppy.sys
Microsoft Corporation

6333e9a9198048ad09a700eb6dc4fa53  sisagp.sys
Silicon Integrated Systems

d9673011648a71ed1e1f77b831bc85e6  slnt7554.sys
NVIDIA Corporation

a1f88223528aadbb6374132becbbdcc1  NvAtaBus.sys
NVIDIA Corporation

30dd670c6ffa1e0ef51955c08a7fe5bf  nvraid.sys
Smart Link

2c1779c0feb1f4a6033600305eba623a  slntamr.sys
NVIDIA Corporation

b305f3fad35083837ef46a0bbce2fc57  nwlnkflt.sys
Microsoft Corporation

c99b3415198d1aab7227f2c88fd664b9  nwlnkfwd.sys
Microsoft Corporation

6fd296f9a891c2ca812c0f90015ef55b  nwlnkipx.sys
Microsoft Corporation

56d34a67c05e94e16377c60609741ff8  nwlnknb.sys
Microsoft Corporation

c0bb7d1615e1acbdc99757f6ceaf8cf0  nwlnkspx.sys
Microsoft Corporation

4bb30ddc53ebc76895e38694580cdfe9  oprghdlr.sys
Microsoft Corporation

ec66855193aa90eb8d405f30a631a0c8  p3.sys
Smart Link

f9b8e30e82ee95cf3e1d3e495599b99c  slnthal.sys
Microsoft Corporation

4512940ecd930438670cdca7fff1a878  parclass.sys
Microsoft Corporation

10572a94d8978619ce4845fe8595c9a5  parport.sys
Smart Link

db56bb2c55723815cf549d7fc50cfceb  slwdmsup.sys
Smart Link

b95306d17e8cdac5fb69c7652acd0ecc  smbali.sys
Microsoft Corporation

017daecf0ed3aa731313433601ec40fa  smclib.sys
Microsoft Corporation

67075da61516adedd710a9da6c6c8acb  partmgr.sys
Microsoft Corporation

f1771926a47a18bd3a3edac334fc78e0  smsens.sys
Analog Devices

5018a9db5eb62e3edb3110f82f556285  smwdm.sys
Microsoft Corporation

70e98b3fd8e963a6a46a2e6247e0bea1  parvdm.sys
Microsoft Corporation

ccf5f451bb1a5a2a522a76e670000ff0  pciide.sys
Microsoft Corporation

14a46dc4658af65f06b3ef2f2dadd4b7  pciidex.sys
Microsoft Corporation

f3cebed46dc3a7f1758745c1d1fa5fcf  pci.sys
Microsoft Corporation

1ec157cb90d06455d67c007ada4973ac  pcmcia.sys
Microsoft Corporation

7d7a9c17d5455203dea11e5ef886cc59  point32.sys
Microsoft Corporation

74cdbe4c057b066bbb65d10adfd219ac  portcls.sys
Microsoft Corporation

7169253efd25e3213c432f59350f16a8  processr.sys
Microsoft Corporation

8dc29e493cce832784a60bf7c120f132  psched.sys
Microsoft Corporation

80d317bd1c3dbc5d4fe7b1678c60cadd  ptilink.sys
 Parallel Technologies

0457e25bb122b854e267cf552dcdc370  pxhelp20.sys
Sonic Solutions

fe0d99d6f31e4fad8159f690d68ded9c  rasacd.sys
Microsoft Corporation

dbc6aeda3111edaf60948fc063565006  rasl2tp.sys
Microsoft Corporation

96467fc3e135f0b174b8978bd8ce69f9  raspppoe.sys
Microsoft Corporation

87d6a848dc367056778168d40a6f1a70  raspptp.sys
Analog Devices

75cefc156e896d297afb8b143a2c7e20  sonydcam.sys
Microsoft Corporation

fdbb1d60066fcfbb7452fd8f9829b242  raspti.sys
Microsoft Corporation

e477a633ea2d387788879a30666e5998  splitter.sys
Microsoft Corporation

Microsoft Corporation

8ec0ec1508d5c0dc9f0a46b264b41bff  sr.sys
01524cd237223b18adbb48f70083f101  rawwan.sys
Microsoft Corporation

1116a775bfa71f2c13f3d420da455ff2  rdbss.sys
Microsoft Corporation

388a576b405fd4c8a4886aa872e8e0f1  srv.sys
Microsoft Corporation

4912d5b403614ce99c28420f75353332  rdpcdd.sys
Microsoft Corporation

9b7b9221177c83c7cbfd20b4b67f23dc  rdpdr.sys
Microsoft Corporation

0cd1bda7f6848e4de4eed3d36874ffb5  rdpwd.sys
Microsoft Corporation

4d52c90acd19db5d61c2dfb5e67bfc5d  stream.sys
Microsoft Corporation

a5491f57e70167a10ed40e19d36edd13  swenum.sys
Microsoft Corporation

5f8ab2829c52609e03560725eaf167f9  swmidi.sys
Microsoft Corporation

e9aaa0092d74a9d371659c4c38882e12  recagent.sys
Microsoft Corporation

feaee2df25f435c153756707321bbf46  sysaudio.sys
Smart Link

11540f52cbc8a4c97467579bbf7ffae2  redbook.sys
Microsoft Corporation

e17baa3fecd4458390b058be51d755c0  tape.sys
Microsoft Corporation

53c28bc37fe3dfe28cc5891b8372e80d  tcpip6.sys
Microsoft Corporation

56a3d460e8a056a7c084c9e03b55de71  rfcomm.sys
Microsoft Corporation

a56fe08ec7473e8580a390bb1081cdd7  rio8drv.sys
Diamond Multimedia Systems

0a854df84c77a0be205bfeab2ae4f0ec  riodrv.sys
Diamond Multimedia Systems

0e8cc7b0819f17a867c4c31ad179bc19  rmcast.sys
Microsoft Corporation

19ebda988da80f133dc9e28a50f606e8  tcpip.sys
Microsoft Corporation

e657ef40a18cb81bbd85ba03d448fbc3  rndismp.sys
Microsoft Corporation

1140260c84380192b2ca91c121e36712  rndismpx.sys
Microsoft Corporation

d8b0b4ade32574b2d9c5cc34dc0dbbe7  rootmdm.sys
Microsoft Corporation

0dbcc071a268e0340a2ba6bdd98bace4  s3gnbm.sys
SGraphics

bce8e93f5d5dc98014dba8e8b523c733  scsiport.sys
Microsoft Corporation

6a22a58a7fd03a70bb93b8ddf54d8e62  tdi.sys
Microsoft Corporation

76afdfea26d4cb16e81fa32a22c34376  tdpipe.sys
Microsoft Corporation

2fc82251c9e895aa48624ebe05e5774e  tdtcp.sys
Microsoft Corporation

4e55b6f75ad92f13d6abbf8d767cbcec  termdd.sys
Microsoft Corporation

b00b9087cb993aa9f67c45cc94b1324b  sdbus.sys
Microsoft Corporation

699450901c5ccfd82357cbc531cedd23  tosdvd.sys
Microsoft Corporation

90a3935d05b494a5a39d37e71f09a677  secdrv.sys
Microsoft Corporation

d74a8ec75305f1d3cfde7c7fc1bd62a9  tsbvcap.sys
Macrovision Corporation

de23787927cb72533d4869855e955329  serenum.sys
Microsoft Corporation

471168d4b9adfd1f9e692f8779455188  serial.sys
Toshiba Corporation

3338d98edecb13d1a07b0a8ad76f0e0a  tunmp.sys
Microsoft Corporation

8b92d74d14a455e113dcdce5aeb63bca  uagp35.sys
Microsoft Corporation

90374e55f93f2883377902cb9cbfc6db  udfs.sys
Microsoft Corporation

415c2a770f4b6932308f9de7b19b3139  update.sys
Microsoft Corporation

a9573045baa16eab9b1085205b82f1ed  serscan.sys
Microsoft Corporation

521697636e8379c0e6d0c30ee13912d8  sffdisk.sys
Microsoft Corporation

b3eeb24afcb861fdb135ee881f3d522e  sffp_mmc.sys
Microsoft Corporation

35b1daa09e851252aecafc022e4da388  sffp_sd.sys
Microsoft Corporation

dc495a349dfd94fbfe4cf0689ed647b2  sfloppy.sys
Microsoft Corporation

6333e9a9198048ad09a700eb6dc4fa53  sisagp.sys
Silicon Integrated Systems

d9673011648a71ed1e1f77b831bc85e6  slnt7554.sys
Microsoft Corporation

6e2eb5f1c406328b88d7b5ddd04f1078  usb8023.sys
Smart Link

2c1779c0feb1f4a6033600305eba623a  slntamr.sys
Microsoft Corporation

e1b926095c657d7dcf364e42bfe9623d  usb8023x.sys
Microsoft Corporation

540979ba175bdc337eb65c6455d0ebf5  usbcamd2.sys
Microsoft Corporation

e293f8a483a0384b2d19d801d8a54b18  usbcamd.sys
Microsoft Corporation

9a0a8be756bd7a9bad4a3d0e9fa7bd79  usbccgp.sys
Microsoft Corporation

596eb39b50d6ebd9b734dc4ae0544693  usbd.sys
Microsoft Corporation

d37fee874b49d951f68e788d40d8c196  usbehci.sys
Microsoft Corporation

8167383fe00199108f63269c2b8a99e1  usbhub.sys
Microsoft Corporation

05223e082c42a4de9b38d33415fddc58  usbintel.sys
Microsoft Corporation

940d50c4c2cbeedb1bd1150b01344869  USBkey.sys

b8fd776e19979806ab4b07cd353d8b58  usbport.sys
Smart Link

f9b8e30e82ee95cf3e1d3e495599b99c  slnthal.sys
Microsoft Corporation

14caa438f4ebd12dbd43db0273bc0fdc  usbprint.sys
Smart Link

db56bb2c55723815cf549d7fc50cfceb  slwdmsup.sys
Smart Link

b95306d17e8cdac5fb69c7652acd0ecc  smbali.sys
Microsoft Corporation

5be9c3f196c607aaa072ed660f9c0423  usbscan.sys
Microsoft Corporation

017daecf0ed3aa731313433601ec40fa  smclib.sys
Microsoft Corporation

e3eef7ae5105a9f99b1807031edb4171  usbstor.sys
Microsoft Corporation

f1771926a47a18bd3a3edac334fc78e0  smsens.sys
Microsoft Corporation

b02addb9a345cbae360a29b2865c36a1  usbuhci.sys
Analog Devices

5018a9db5eb62e3edb3110f82f556285  smwdm.sys
Microsoft Corporation

ec8d4524fb0d96b4e9ab5ab0a49caa31  usbvideo.sys
Microsoft Corporation

55e01061c74a8cefff58dc36114a8d3f  vdmindvd.sys
Ravisent Technologies

cc1f0dd100f577e9b029547fee285813  vga.sys
Microsoft Corporation

da0544377111322ae5ebf4cb12dfab87  viaagp.sys
Microsoft Corporation

f107896ce3beb3ec2c7c068a39424315  videoprt.sys
Microsoft Corporation

2abf037f9d447424b58d73706b55b762  volsnap.sys
Microsoft Corporation

0420c97e80bab8bd84fa66a6150a645c  wacompen.sys
Microsoft Corporation

0308aef61941e4af478fa1a0f83812f5  wadv07nt.sys
Intel Corporation

714038a8aa5de08e12062202cd7eaeb5  wadv08nt.sys
Intel Corporation

7bb3aa595e4507a788de1cdc63f4c8c4  wadv09nt.sys
Intel Corporation

36e6c405b6143d09687f4056fd9a0d10  wadv11nt.sys
Intel Corporation

8794191476e6b93161baaa136e309454  wanarp.sys
Microsoft Corporation

352fa0e98bc461ce1ce5d41f64db558d  watv06nt.sys
Intel Corporation

791cc45de6e50445be72e8ad6401ff45  watv10nt.sys
Intel Corporation

d918617b46457b9ac28027722e30f647  wdf01000.sys
Analog Devices

75cefc156e896d297afb8b143a2c7e20  sonydcam.sys
Microsoft Corporation

e477a633ea2d387788879a30666e5998  splitter.sys
Microsoft Corporation

8ec0ec1508d5c0dc9f0a46b264b41bff  sr.sys
Microsoft Corporation

399c974dda25fd3e59f22bab787f662b  wdfldr.sys
Microsoft Corporation

388a576b405fd4c8a4886aa872e8e0f1  srv.sys
Microsoft Corporation

cf66393a0b2e361503bf381ac013b34a  wdmaud.sys
Microsoft Corporation

2f31b7f954bed437f2c75026c65caf7b  wmilib.sys
Microsoft Corporation

6abe6e225adb5a751622a9cc3bc19ce8  ws2ifsl.sys
Microsoft Corporation

41cf36a3cc7786575247ed456918e112  x10ufx2.sys
tt>P;HaMOFDATAMOFRESOURCENAMEHVS_VERSION_INFO?bStringFileInfoBCompanyNameXWirelessTechnology,Inc.FileDescriptionXUSBControlInterfacenFileVersion...bInternalNamexufx.sys|,LegalCopyright©XWirelessTechnology,Inc.-@bOriginalFilenamexufx.sysTProductNameXUSBControlInterfacenProductVersion...DVarFileInfo$TranslationtFOMB@DS}T

Microsoft Corporation

4d52c90acd19db5d61c2dfb5e67bfc5d  stream.sys
Microsoft Corporation

a5491f57e70167a10ed40e19d36edd13  swenum.sys
Microsoft Corporation

5f8ab2829c52609e03560725eaf167f9  swmidi.sys
Microsoft Corporation

feaee2df25f435c153756707321bbf46  sysaudio.sys
Microsoft Corporation

e17baa3fecd4458390b058be51d755c0  tape.sys
Microsoft Corporation

53c28bc37fe3dfe28cc5891b8372e80d  tcpip6.sys
Microsoft Corporation

19ebda988da80f133dc9e28a50f606e8  tcpip.sys
Microsoft Corporation

6a22a58a7fd03a70bb93b8ddf54d8e62  tdi.sys
Microsoft Corporation

76afdfea26d4cb16e81fa32a22c34376  tdpipe.sys
Microsoft Corporation

2fc82251c9e895aa48624ebe05e5774e  tdtcp.sys
Microsoft Corporation

4e55b6f75ad92f13d6abbf8d767cbcec  termdd.sys
Microsoft Corporation

699450901c5ccfd82357cbc531cedd23  tosdvd.sys
Microsoft Corporation

d74a8ec75305f1d3cfde7c7fc1bd62a9  tsbvcap.sys
Toshiba Corporation

3338d98edecb13d1a07b0a8ad76f0e0a  tunmp.sys
Microsoft Corporation

8b92d74d14a455e113dcdce5aeb63bca  uagp35.sys
Microsoft Corporation

90374e55f93f2883377902cb9cbfc6db  udfs.sys
Microsoft Corporation

415c2a770f4b6932308f9de7b19b3139  update.sys
Microsoft Corporation

6e2eb5f1c406328b88d7b5ddd04f1078  usb8023.sys
Microsoft Corporation

e1b926095c657d7dcf364e42bfe9623d  usb8023x.sys
Microsoft Corporation

540979ba175bdc337eb65c6455d0ebf5  usbcamd2.sys
Microsoft Corporation

e293f8a483a0384b2d19d801d8a54b18  usbcamd.sys
Microsoft Corporation

9a0a8be756bd7a9bad4a3d0e9fa7bd79  usbccgp.sys
Microsoft Corporation

596eb39b50d6ebd9b734dc4ae0544693  usbd.sys
Microsoft Corporation

d37fee874b49d951f68e788d40d8c196  usbehci.sys
Microsoft Corporation

8167383fe00199108f63269c2b8a99e1  usbhub.sys
940d50c4c2cbeedb1bd1150b01344869 USBkey.sys has NO Company Name!

05223e082c42a4de9b38d33415fddc58  usbintel.sys
Microsoft Corporation

940d50c4c2cbeedb1bd1150b01344869  USBkey.sys

b8fd776e19979806ab4b07cd353d8b58  usbport.sys
Microsoft Corporation

14caa438f4ebd12dbd43db0273bc0fdc  usbprint.sys
Microsoft Corporation

5be9c3f196c607aaa072ed660f9c0423  usbscan.sys
Microsoft Corporation

e3eef7ae5105a9f99b1807031edb4171  usbstor.sys
Microsoft Corporation

b02addb9a345cbae360a29b2865c36a1  usbuhci.sys
Microsoft Corporation

ec8d4524fb0d96b4e9ab5ab0a49caa31  usbvideo.sys
Microsoft Corporation

55e01061c74a8cefff58dc36114a8d3f  vdmindvd.sys
Ravisent Technologies

cc1f0dd100f577e9b029547fee285813  vga.sys
Microsoft Corporation

da0544377111322ae5ebf4cb12dfab87  viaagp.sys
Microsoft Corporation

f107896ce3beb3ec2c7c068a39424315  videoprt.sys
Microsoft Corporation

2abf037f9d447424b58d73706b55b762  volsnap.sys
Microsoft Corporation

0420c97e80bab8bd84fa66a6150a645c  wacompen.sys
Microsoft Corporation

0308aef61941e4af478fa1a0f83812f5  wadv07nt.sys
Intel Corporation

714038a8aa5de08e12062202cd7eaeb5  wadv08nt.sys
Intel Corporation

7bb3aa595e4507a788de1cdc63f4c8c4  wadv09nt.sys
Intel Corporation

36e6c405b6143d09687f4056fd9a0d10  wadv11nt.sys
Intel Corporation

8794191476e6b93161baaa136e309454  wanarp.sys
Microsoft Corporation

352fa0e98bc461ce1ce5d41f64db558d  watv06nt.sys
Intel Corporation

791cc45de6e50445be72e8ad6401ff45  watv10nt.sys
Intel Corporation

d918617b46457b9ac28027722e30f647  wdf01000.sys
Microsoft Corporation

399c974dda25fd3e59f22bab787f662b  wdfldr.sys
Microsoft Corporation

cf66393a0b2e361503bf381ac013b34a  wdmaud.sys
Microsoft Corporation

2f31b7f954bed437f2c75026c65caf7b  wmilib.sys
Microsoft Corporation

6abe6e225adb5a751622a9cc3bc19ce8  ws2ifsl.sys
Microsoft Corporation

41cf36a3cc7786575247ed456918e112  x10ufx2.sys
tt>P;HaMOFDATAMOFRESOURCENAMEHVS_VERSION_INFO?bStringFileInfoBCompanyNameXWirelessTechnology,Inc.FileDescriptionXUSBControlInterfacenFileVersion...bInternalNamexufx.sys|,LegalCopyright©XWirelessTechnology,Inc.-@bOriginalFilenamexufx.sysTProductNameXUSBControlInterfacenProductVersion...DVarFileInfo$TranslationtFOMB@DS}T



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 01 November 2013 - 08:49 PM

Download http://noahdfear.net/downloads/rst.sh to the USB drive
  • Insert the USB drive and CD in the Sick computer and boot the computer from the CD again
  • Press File
  • Expand mnt
  • Expand your USB (sdb1)
  • Confirm that you see rst.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash rst.sh
  • Press Enter
  • After it has finished a report will be located at sdb1 named enum.log
  • Plug that USB back into the clean computer and open it
Please note: If you have an ethernet connection you can access the internet by way of xPUD (Firefox). You can perform all these steps on your sick computer. When you download the download will reside in the Download folder. It can be found under the File tab also. You can similarly access our thread by way of this OS too so you can send the logs that way.

Please also note - all text entries are case sensitive

Copy and paste the enum.log for my review
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 04 November 2013 - 02:28 PM

I ran rst.sh.  I waited for it to finish and it said done.  When I went to find it, there was no log on sdb1 named enum.log. 



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 04 November 2013 - 10:04 PM

Hello

it will be in the same place as the program was run from - check on the jump drive

if you are lucky you might be able to connect to the internet will in xpud to send me the report that way to


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 05 November 2013 - 02:22 PM

33.1M Nov  4 18:41 /mnt/sda2/WINDOWS/system32/config/software
6.3M Nov  4 18:41 /mnt/sda2/WINDOWS/system32/config/system



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 05 November 2013 - 08:29 PM

Hello

The o0nly restore point is from yesterday well after the virus got on the computer,

I have sent you a PM


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 07 November 2013 - 08:22 PM


Hello storefrontbill

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 storefrontbill

storefrontbill
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 08 November 2013 - 02:38 PM

I tried to run Combofix.  Link 1 did not work but link2 and 3 did.  Both links said the same thing when I tried to download. 

 

"Internet explorer cannot download ComboFix.exe from download Bleeping Computers.com. Internet explorer was not able to open this internet site.  The requested site is either unavailable or cannot be found.  Please try again later.  "

 

I am not sure how to get it to download.



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:51 PM

Posted 08 November 2013 - 02:59 PM

Hello try and download it from another computer and move it with a pen drive

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users