Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

multiple browser issue, certain pages wont open aswell as dobe reader


  • This topic is locked This topic is locked

#16
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
i downloaded safari as a last resort which allows me to open the files. logs below TDS found a infected file but said it was locked the only option i had was continue or skip, so i have attached the log for both anyways

aswMBR version 0.9.7.753 Copyright© 2011 AVAST Software
Run date: 2011-07-17 18:29:11
-----------------------------
18:29:11.906 OS Version: Windows 5.1.2600 Service Pack 3
18:29:11.906 Number of processors: 2 586 0xF0B
18:29:11.906 ComputerName: NICOLA-86150 UserName:
18:29:13.687 Initialize success
18:29:25.703 AVAST engine download error: 0
18:29:33.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:29:33.546 Disk 0 Vendor: Hitachi_ SBDO Size: 114473MB BusType: 3
18:29:35.578 Disk 0 MBR read successfully
18:29:35.578 Disk 0 MBR scan
18:29:35.578 Disk 0 unknown MBR code
18:29:37.593 Disk 0 scanning sectors +234436545
18:29:37.656 Disk 0 scanning C:\WINDOWS\system32\drivers
18:30:03.734 Service scanning
18:30:05.390 Disk 0 trace - called modules:
18:30:05.515 ntkrnlpa.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll iaStor.sys spex.sys
18:30:05.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f17030]
18:30:05.515 3 CLASSPNP.SYS[f75bcfd7] -> nt!IofCallDriver -> \Device\THPDRV[0x86f18030]
18:30:05.515 5 thpdrv.sys[f78167a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86f19030]
18:30:05.531 Scan finished successfully
18:31:11.687 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nicola Scullion\Desktop\MBR.dat"
18:31:11.703 The log file has been saved successfully to "C:\Documents and Settings\Nicola Scullion\Desktop\aswMBR.txt"



2011/07/17 18:31:35.0531 3264 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/17 18:31:35.0609 3264 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/17 18:31:35.0796 3264 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/07/17 18:31:36.0031 3264 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/17 18:31:36.0187 3264 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/17 18:31:36.0250 3264 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/17 18:31:36.0312 3264 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/17 18:31:36.0656 3264 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/17 18:31:36.0734 3264 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/17 18:31:36.0828 3264 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/17 18:31:37.0000 3264 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/17 18:31:37.0093 3264 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/17 18:31:37.0125 3264 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/17 18:31:37.0281 3264 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/17 18:31:37.0359 3264 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/17 18:31:37.0531 3264 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/17 18:31:37.0609 3264 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/07/17 18:31:37.0734 3264 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/07/17 18:31:37.0890 3264 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/17 18:31:37.0968 3264 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/17 18:31:38.0031 3264 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/17 18:31:38.0125 3264 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/07/17 18:31:38.0203 3264 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/07/17 18:31:38.0281 3264 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/17 18:31:38.0406 3264 smihlp (94eede27fd7d46707be49127922695a7) C:\Program Files\Protector Suite QL\smihlp.sys
2011/07/17 18:31:38.0500 3264 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/17 18:31:38.0656 3264 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/17 18:31:38.0656 3264 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/07/17 18:31:38.0656 3264 sptd - detected LockedFile.Multi.Generic (1)
2011/07/17 18:31:38.0750 3264 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/17 18:31:38.0875 3264 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/17 18:31:38.0953 3264 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/17 18:31:39.0046 3264 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/17 18:31:39.0156 3264 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/17 18:31:39.0437 3264 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/17 18:31:39.0546 3264 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/17 18:31:39.0625 3264 TcUsb (fc6fe02f400308606a911640e72326b5) C:\WINDOWS\system32\Drivers\tcusb.sys
2011/07/17 18:31:39.0687 3264 tdcmdpst (2f8bfbdb5824c71f672779b4b8cf8b01) C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
2011/07/17 18:31:39.0765 3264 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/17 18:31:39.0796 3264 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/17 18:31:39.0875 3264 tdudf (f56a9327c58ff985616c5e197472932c) C:\WINDOWS\system32\DRIVERS\tdudf.sys
2011/07/17 18:31:39.0937 3264 TEchoCan (65855534483d0c1330703100b31cac00) C:\WINDOWS\system32\DRIVERS\TEchoCan.sys
2011/07/17 18:31:40.0062 3264 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/17 18:31:40.0187 3264 Thpdrv (557cfdb7869499d357da1877ed93043f) C:\WINDOWS\system32\DRIVERS\thpdrv.sys
2011/07/17 18:31:40.0234 3264 Thpevm (681b0132a9e0ec12e674c2b2ae75e201) C:\WINDOWS\system32\DRIVERS\Thpevm.SYS
2011/07/17 18:31:40.0296 3264 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys
2011/07/17 18:31:40.0375 3264 TMEI3E (684bfb1e9abb05d3f48c53f3cd16a3e6) C:\WINDOWS\system32\Drivers\TMEI3E.SYS
2011/07/17 18:31:40.0484 3264 tosporte (90afa1a4451bbbee87c9f18a665d8121) C:\WINDOWS\system32\DRIVERS\tosporte.sys
2011/07/17 18:31:40.0531 3264 tosrfbd (51d7f024a66814f8bee33e4be394a03e) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
2011/07/17 18:31:40.0609 3264 tosrfbnp (74392bab3f0d4810da8436ec79d6955d) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
2011/07/17 18:31:40.0750 3264 Tosrfcom (1ad9eb1b5abd0aeee4084c8153476f1e) C:\WINDOWS\system32\Drivers\tosrfcom.sys
2011/07/17 18:31:40.0781 3264 tosrfec (9ee240f7029771b21cc6200be6516d60) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
2011/07/17 18:31:40.0843 3264 Tosrfhid (a72a3473180f378cc07d342803ffd580) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2011/07/17 18:31:40.0906 3264 tosrfnds (b2a1a6538245fd69578224bbf2fd4677) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
2011/07/17 18:31:40.0968 3264 tosrfusb (18dfbb06907c169bb54f6960b9f95367) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
2011/07/17 18:31:41.0109 3264 trudf (3f9ba8878aa26d0831116733f9bc53ff) C:\WINDOWS\system32\DRIVERS\trudf.sys
2011/07/17 18:31:41.0140 3264 TVALZ (73d3312955f805054e32fabdca5230b1) C:\WINDOWS\system32\DRIVERS\TVALZ.SYS
2011/07/17 18:31:41.0203 3264 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/17 18:31:41.0406 3264 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/17 18:31:41.0484 3264 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/17 18:31:41.0531 3264 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/17 18:31:41.0593 3264 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/17 18:31:41.0765 3264 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/17 18:31:41.0828 3264 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/17 18:31:41.0984 3264 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/17 18:31:42.0046 3264 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/17 18:31:42.0078 3264 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/17 18:31:42.0140 3264 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/17 18:31:42.0250 3264 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/17 18:31:42.0375 3264 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/17 18:31:42.0437 3264 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/17 18:31:42.0671 3264 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/07/17 18:31:42.0750 3264 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/17 18:31:42.0781 3264 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/17 18:31:42.0875 3264 MBR (0x1B8) (db27c7df7a410af148ead3a4b2cf426a) \Device\Harddisk0\DR0
2011/07/17 18:31:43.0015 3264 Boot (0x1200) (18bb9d138fa81d98383cd3df88a47b62) \Device\Harddisk0\DR0\Partition0
2011/07/17 18:31:43.0046 3264 Boot (0x1200) (73a7f0f44a344356d28364a7a7879ad2) \Device\Harddisk0\DR0\Partition1
2011/07/17 18:31:43.0046 3264 ================================================================================
2011/07/17 18:31:43.0046 3264 Scan finished
2011/07/17 18:31:43.0046 3264 ================================================================================
2011/07/17 18:31:43.0078 2020 Detected object count: 1
2011/07/17 18:31:43.0078 2020 Actual detected object count: 1
2011/07/17 18:31:50.0921 2020 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/17 18:32:02.0406 3236 ================================================================================
2011/07/17 18:32:02.0406 3236 Scan started
2011/07/17 18:32:02.0406 3236 Mode: Manual;
2011/07/17 18:32:02.0406 3236 ================================================================================
2011/07/17 18:32:02.0875 3236 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/17 18:32:02.0906 3236 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/17 18:32:03.0109 3236 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/17 18:32:03.0171 3236 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/17 18:32:03.0531 3236 ApfiltrService (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/07/17 18:32:03.0718 3236 AR5211 (78e15866befe8b940046c36ba92f9eb6) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2011/07/17 18:32:03.0796 3236 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/17 18:32:04.0453 3236 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
  • 0

Advertisements


#17
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
You did well there

re-Run aswMBR

  • click Scan
  • on completion of the scan click the Fix button
Posted Image

Save the log as before and post in your next reply

Download and run ComboFix

Download ComboFix from the following location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue its malware removal procedures.

Posted Image


  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
Note: Do not mouse-click combofix's window while it is running. That may cause it to stall.

When finished, it will produce a log. Please include the ComboFix.txt in your next reply. It can be found at C:\ComboFix.txt

Satchfan
  • 0

#18
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
have just finished running a scan with aswMBR however the fix option is greyed out the only option avilable is fixMBR ?
  • 0

#19
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
It's OK to follow that option
  • 0

#20
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
just when everything was going well, i cant seem to download combofix in either browser including safari. have tried your previous tricks also with copying the link aswell
  • 0

#21
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
aswMBR log is

aswMBR version 0.9.7.753 Copyright© 2011 AVAST Software
Run date: 2011-07-17 23:34:09
-----------------------------
23:34:09.828 OS Version: Windows 5.1.2600 Service Pack 3
23:34:09.828 Number of processors: 2 586 0xF0B
23:34:09.828 ComputerName: NICOLA-86150 UserName:
23:34:14.031 Initialize success
23:34:20.406 AVAST engine download error: 0
23:34:24.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
23:34:24.671 Disk 0 Vendor: Hitachi_ SBDO Size: 114473MB BusType: 3
23:34:26.703 Disk 0 MBR read successfully
23:34:26.703 Disk 0 MBR scan
23:34:26.703 Disk 0 unknown MBR code
23:34:28.718 Disk 0 scanning sectors +234436545
23:34:28.937 Disk 0 scanning C:\WINDOWS\system32\drivers
23:35:35.156 Service scanning
23:35:36.968 Disk 0 trace - called modules:
23:35:37.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys thpdrv.sys hal.dll
23:35:37.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ec4ab8]
23:35:37.015 3 CLASSPNP.SYS[f75bcfd7] -> nt!IofCallDriver -> \Device\THPDRV[0x86fa58f0]
23:35:37.015 Scan finished successfully
23:44:51.515 Verifying
23:45:03.593 Disk 0 Windows 501 MBR fixed successfully
23:46:09.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Nicola Scullion\Desktop\MBR.dat"
23:46:09.390 The log file has been saved successfully to "C:\Documents and Settings\Nicola Scullion\Desktop\aswMBR2.txt"
  • 0

#22
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Follow the previous instructions for ComboFix but rename ComboFix to 123 before saving it.

I have an early start tomorrow so won't reply again tonight.

Satchfan
  • 0

#23
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
I just realised that you can't get to the point of renaming it :)

What happens when you try to download it?
  • 0

#24
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
the usual page cannot be displayed9 whats even more strange i just tried the link for TDS killer and aswMBR and they are both now not allowing me to download
  • 0

#25
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Try downloading the next tool in normal mode before trying safe mode and let me know what happens. If you can't download it, is there another computer where you can download it and transfer it using a flash drive?

Download/run Rkill:

Please download Rkill from one of the following links and save to your Desktop:

Link One
Link Two
Link Three
Link Four

  • Double click on Rkill.
  • A command window will open then disappear upon completion, this is normal.
  • Please leave Rkill on the Desktop until otherwise advised.

Note: If your security software warns about Rkill, please ignore and allow the download to continue.

Run rkill repeatedly if necessary until it's able to do its job. This may take a few attempts.

You'll be able to tell when rkill has done its job when your desktop (explorer.exe) cycles off and then on again.

Don’t reboot your computer after running Rkill: if you do, you’ll have to run it again.

===================================================

Run OTL

  • Double click on the icon to run it.
  • Copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Services
    
    :OTL
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" =-
    "2869:TCP" =-
    
    j:Files
    
    :Commands
    [purity]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL log (don't check the boxes beside LOP Check or Purity this time)

===================================================

Again without rebooting after Rkill, see if you can now download and run any of the previous tools I asked you to run.

Thanks

Satchfan
  • 0

Advertisements


#26
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
ran rkiller log below however you say not to reboot however the script you then give for OTL says reboot and then later you say not to do it again, i have tried to run the OTL fix without the last Rebot part however this just freezes my system and nothing responds, so not sure where you want me to go from here...

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 18/07/2011 at 12:34:29.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:



Rkill completed on 18/07/2011 at 12:34:39.

Edited by Wig86, 18 July 2011 - 05:46 AM.

  • 0

#27
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts
Apologies for the unclear post.

Rkill kills any bad processes which may prevent others being executed.

  • Run Rkill and don't reboot before running the OTL fix
  • Allow OTL to reboot
  • Try downloading and running TDSSKiller again
  • If you can't, run Rkill again and don't reboot until you have downloaded and run TDSSKiller.

Satchfan
  • 0

#28
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
the script seems to close down explorer however OTL then seems to stop responding have left it for around 20 mins and theres no activity what so ever. TDS has found 1 threat and is asking me to skip, move to quarantine or delete. i have also tried to run combox fix by donwloading from another computer. it starts ok and i then get the message access denied.
  • 0

#29
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 585 posts

TDS has found 1 threat and is asking me to skip, move to quarantine or delete

Choose "Delete" and then please send the TDSK report

Satchfan
  • 0

#30
Wig86

Wig86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
2011/07/18 16:07:49.0046 3260 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/18 16:07:49.0984 3260 ================================================================================
2011/07/18 16:07:49.0984 3260 SystemInfo:
2011/07/18 16:07:49.0984 3260
2011/07/18 16:07:49.0984 3260 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/18 16:07:49.0984 3260 Product type: Workstation
2011/07/18 16:07:49.0984 3260 ComputerName: NICOLA-86150
2011/07/18 16:07:49.0984 3260 UserName: Nicola Scullion
2011/07/18 16:07:49.0984 3260 Windows directory: C:\WINDOWS
2011/07/18 16:07:49.0984 3260 System windows directory: C:\WINDOWS
2011/07/18 16:07:49.0984 3260 Processor architecture: Intel x86
2011/07/18 16:07:49.0984 3260 Number of processors: 2
2011/07/18 16:07:49.0984 3260 Page size: 0x1000
2011/07/18 16:07:49.0984 3260 Boot type: Normal boot
2011/07/18 16:07:49.0984 3260 ================================================================================
2011/07/18 16:07:50.0828 3260 Initialize success
2011/07/18 16:10:23.0109 2072 ================================================================================
2011/07/18 16:10:23.0109 2072 Scan started
2011/07/18 16:10:23.0109 2072 Mode: Manual;
2011/07/18 16:10:23.0109 2072 ================================================================================
2011/07/18 16:10:24.0109 2072 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/18 16:10:24.0156 2072 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/18 16:10:24.0265 2072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/18 16:10:24.0328 2072 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/18 16:10:24.0625 2072 ApfiltrService (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/07/18 16:10:24.0687 2072 AR5211 (78e15866befe8b940046c36ba92f9eb6) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2011/07/18 16:10:24.0843 2072 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/18 16:10:25.0031 2072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/18 16:10:25.0078 2072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/18 16:10:25.0203 2072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/18 16:10:25.0296 2072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/18 16:10:25.0437 2072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/18 16:10:25.0593 2072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/18 16:10:25.0656 2072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/18 16:10:25.0718 2072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/18 16:10:25.0750 2072 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/18 16:10:25.0812 2072 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/07/18 16:10:25.0859 2072 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/07/18 16:10:26.0125 2072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/18 16:10:26.0203 2072 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/18 16:10:26.0375 2072 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/18 16:10:26.0421 2072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/18 16:10:26.0484 2072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/18 16:10:26.0546 2072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/18 16:10:26.0609 2072 e1express (da1d21bb7d9b06c64275564f8e86c94e) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/07/18 16:10:26.0812 2072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/18 16:10:26.0843 2072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/18 16:10:26.0937 2072 FdRedir (3314f3134ac59771a133a0cd3d343fff) C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys
2011/07/18 16:10:26.0968 2072 FileDisk2 (7b33f094a7a42a0225c344f5b25b1b05) C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys
2011/07/18 16:10:27.0000 2072 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/18 16:10:27.0109 2072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/18 16:10:27.0296 2072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/18 16:10:27.0359 2072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/18 16:10:27.0406 2072 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/18 16:10:27.0453 2072 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/18 16:10:27.0609 2072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/18 16:10:27.0671 2072 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/18 16:10:27.0718 2072 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/18 16:10:27.0765 2072 hitmanpro35 (6022645993a89434332569e1dd9f009b) C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011/07/18 16:10:27.0968 2072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/18 16:10:28.0156 2072 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/18 16:10:28.0421 2072 ialm (e8c7cc369c2fb657e0792af70df529e6) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/07/18 16:10:28.0812 2072 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\drivers\iaStor.sys
2011/07/18 16:10:28.0906 2072 IFXTPM (0b556e950404d90d097c687e65238730) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/07/18 16:10:28.0968 2072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/18 16:10:29.0265 2072 IntcAzAudAddService (e37589414437a60797e94c0f57c546db) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/18 16:10:29.0531 2072 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/18 16:10:29.0609 2072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/18 16:10:29.0687 2072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/18 16:10:29.0750 2072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/18 16:10:29.0812 2072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/18 16:10:29.0906 2072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/18 16:10:29.0984 2072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/18 16:10:30.0031 2072 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/18 16:10:30.0062 2072 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/18 16:10:30.0093 2072 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/18 16:10:30.0203 2072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/18 16:10:30.0328 2072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/18 16:10:30.0437 2072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/18 16:10:30.0468 2072 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/18 16:10:30.0531 2072 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/18 16:10:30.0609 2072 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/18 16:10:30.0671 2072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/18 16:10:30.0718 2072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/18 16:10:30.0796 2072 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/18 16:10:30.0953 2072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/18 16:10:31.0000 2072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/18 16:10:31.0031 2072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/18 16:10:31.0078 2072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/18 16:10:31.0125 2072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/18 16:10:31.0250 2072 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/18 16:10:31.0328 2072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/18 16:10:31.0359 2072 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/18 16:10:31.0375 2072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/18 16:10:31.0406 2072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/18 16:10:31.0453 2072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/18 16:10:31.0562 2072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/18 16:10:31.0625 2072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/18 16:10:31.0703 2072 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
2011/07/18 16:10:31.0859 2072 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
2011/07/18 16:10:32.0062 2072 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/18 16:10:32.0093 2072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/18 16:10:32.0156 2072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/18 16:10:32.0296 2072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/18 16:10:32.0328 2072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/18 16:10:32.0343 2072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/18 16:10:32.0406 2072 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/18 16:10:32.0453 2072 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/07/18 16:10:32.0484 2072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/18 16:10:32.0515 2072 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/18 16:10:32.0656 2072 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/18 16:10:32.0750 2072 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/18 16:10:32.0796 2072 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/07/18 16:10:33.0000 2072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/18 16:10:33.0046 2072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/18 16:10:33.0171 2072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/18 16:10:33.0218 2072 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/18 16:10:33.0406 2072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/18 16:10:33.0468 2072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/18 16:10:33.0593 2072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/18 16:10:33.0640 2072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/18 16:10:33.0703 2072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/18 16:10:33.0734 2072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/18 16:10:33.0796 2072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/18 16:10:33.0937 2072 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/18 16:10:33.0984 2072 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/18 16:10:34.0046 2072 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/07/18 16:10:34.0140 2072 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/07/18 16:10:34.0203 2072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/18 16:10:34.0312 2072 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/18 16:10:34.0359 2072 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/18 16:10:34.0421 2072 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/07/18 16:10:34.0437 2072 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/07/18 16:10:34.0484 2072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/18 16:10:34.0593 2072 smihlp (94eede27fd7d46707be49127922695a7) C:\Program Files\Protector Suite QL\smihlp.sys
2011/07/18 16:10:34.0765 2072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/18 16:10:34.0828 2072 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/18 16:10:34.0890 2072 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/18 16:10:34.0968 2072 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/18 16:10:35.0078 2072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/18 16:10:35.0156 2072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/18 16:10:35.0343 2072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/18 16:10:35.0406 2072 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/18 16:10:35.0593 2072 TcUsb (fc6fe02f400308606a911640e72326b5) C:\WINDOWS\system32\Drivers\tcusb.sys
2011/07/18 16:10:35.0656 2072 tdcmdpst (2f8bfbdb5824c71f672779b4b8cf8b01) C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
2011/07/18 16:10:35.0703 2072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/18 16:10:35.0765 2072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/18 16:10:35.0812 2072 tdudf (f56a9327c58ff985616c5e197472932c) C:\WINDOWS\system32\DRIVERS\tdudf.sys
2011/07/18 16:10:35.0906 2072 TEchoCan (65855534483d0c1330703100b31cac00) C:\WINDOWS\system32\DRIVERS\TEchoCan.sys
2011/07/18 16:10:36.0000 2072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/18 16:10:36.0062 2072 Thpdrv (557cfdb7869499d357da1877ed93043f) C:\WINDOWS\system32\DRIVERS\thpdrv.sys
2011/07/18 16:10:36.0109 2072 Thpevm (681b0132a9e0ec12e674c2b2ae75e201) C:\WINDOWS\system32\DRIVERS\Thpevm.SYS
2011/07/18 16:10:36.0203 2072 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys
2011/07/18 16:10:36.0281 2072 TMEI3E (684bfb1e9abb05d3f48c53f3cd16a3e6) C:\WINDOWS\system32\Drivers\TMEI3E.SYS
2011/07/18 16:10:36.0359 2072 tosporte (90afa1a4451bbbee87c9f18a665d8121) C:\WINDOWS\system32\DRIVERS\tosporte.sys
2011/07/18 16:10:36.0390 2072 tosrfbd (51d7f024a66814f8bee33e4be394a03e) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
2011/07/18 16:10:36.0437 2072 tosrfbnp (74392bab3f0d4810da8436ec79d6955d) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
2011/07/18 16:10:36.0515 2072 Tosrfcom (1ad9eb1b5abd0aeee4084c8153476f1e) C:\WINDOWS\system32\Drivers\tosrfcom.sys
2011/07/18 16:10:36.0593 2072 tosrfec (9ee240f7029771b21cc6200be6516d60) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
2011/07/18 16:10:36.0656 2072 Tosrfhid (a72a3473180f378cc07d342803ffd580) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2011/07/18 16:10:36.0687 2072 tosrfnds (b2a1a6538245fd69578224bbf2fd4677) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
2011/07/18 16:10:36.0750 2072 tosrfusb (18dfbb06907c169bb54f6960b9f95367) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
2011/07/18 16:10:36.0843 2072 trudf (3f9ba8878aa26d0831116733f9bc53ff) C:\WINDOWS\system32\DRIVERS\trudf.sys
2011/07/18 16:10:36.0921 2072 TVALZ (73d3312955f805054e32fabdca5230b1) C:\WINDOWS\system32\DRIVERS\TVALZ.SYS
2011/07/18 16:10:36.0968 2072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/18 16:10:37.0062 2072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/18 16:10:37.0218 2072 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/07/18 16:10:37.0265 2072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/18 16:10:37.0328 2072 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/18 16:10:37.0359 2072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/18 16:10:37.0406 2072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/18 16:10:37.0531 2072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/18 16:10:37.0625 2072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/18 16:10:37.0656 2072 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/18 16:10:37.0687 2072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/18 16:10:37.0812 2072 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/18 16:10:37.0859 2072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/18 16:10:37.0906 2072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/18 16:10:38.0078 2072 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/07/18 16:10:38.0156 2072 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/18 16:10:38.0234 2072 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/18 16:10:38.0328 2072 MBR (0x1B8) (92923fc5e125114def8c7f7514afeb44) \Device\Harddisk0\DR0
2011/07/18 16:10:38.0625 2072 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR4
2011/07/18 16:10:38.0671 2072 Boot (0x1200) (18bb9d138fa81d98383cd3df88a47b62) \Device\Harddisk0\DR0\Partition0
2011/07/18 16:10:38.0703 2072 Boot (0x1200) (dc87b6018faf43e3d023c6cb96288125) \Device\Harddisk0\DR0\Partition1
2011/07/18 16:10:38.0718 2072 Boot (0x1200) (41321b333076fbcebc886e156e5c175d) \Device\Harddisk1\DR4\Partition0
2011/07/18 16:10:38.0734 2072 ================================================================================
2011/07/18 16:10:38.0734 2072 Scan finished
2011/07/18 16:10:38.0734 2072 ================================================================================
2011/07/18 16:10:38.0750 2064 Detected object count: 0
2011/07/18 16:10:38.0750 2064 Actual detected object count: 0
2011/07/18 16:10:51.0593 3428 Deinitialize success

Edited by Wig86, 18 July 2011 - 09:19 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP