Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vista Antivirus 2012

Started by Kristi2565 , Dec 15 2011 04:40 PM

  • Please log in to reply

#46
Kristi2565
Posted 22 December 2011 - 07:59 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
After running ComboFix was unable to connect to internet.


ComboFix 11-12-22.01 - rhizogen 12/22/2011 7:37:52.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.1791.918 [GMT -6:00]
Running from: C:\Users\rhizogen\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))


2011-12-22 13:44:43 . 2011-12-22 13:44:43 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-12-20 19:27:05 . 2011-12-22 13:44:48 -------- d-----w- C:\Users\rhizogen\AppData\Local\temp
2011-12-19 15:07:29 . 2011-12-19 15:07:29 -------- d-----w- C:\_OTL
2011-12-16 21:14:13 . 2011-12-16 21:14:13 -------- d-----w- C:\Users\rhizogen\AppData\Roaming\Malwarebytes
2011-12-16 21:14:03 . 2011-12-16 21:14:03 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-16 21:14:01 . 2011-12-16 21:14:05 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2011-12-16 21:14:01 . 2011-08-31 23:00:50 22216 ----a-w- C:\Windows\system32\drivers\mbam.sys
2011-12-16 15:06:44 . 2011-04-21 13:58:27 273408 ----a-w- C:\Windows\system32\drivers\afd.sys
2011-12-15 17:23:05 . 2011-12-15 17:46:56 -------- d-----w- C:\Windows\system32\sdtmp
2011-12-15 04:05:07 . 2011-10-27 08:01:53 3602816 ----a-w- C:\Windows\system32\ntkrnlpa.exe
2011-12-15 04:05:07 . 2011-10-27 08:01:53 3550080 ----a-w- C:\Windows\system32\ntoskrnl.exe
2011-12-15 04:04:44 . 2011-10-14 16:02:19 429056 ----a-w- C:\Windows\system32\EncDec.dll
2011-12-15 04:03:31 . 2011-11-23 13:37:27 2043904 ----a-w- C:\Windows\system32\win32k.sys
2011-12-15 04:03:28 . 2011-11-08 12:10:10 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-12-15 04:01:25 . 2011-10-25 15:56:04 49152 ----a-w- C:\Windows\system32\csrsrv.dll
2011-12-15 04:01:03 . 2011-11-08 14:42:19 2048 ----a-w- C:\Windows\system32\tzres.dll
2011-12-13 08:10:28 . 2011-11-21 10:47:38 6823496 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BB067C9-E1A7-46CA-BF50-F87E60497AB4}\mpengine.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-10-07 11:49:11 . 2011-03-09 19:59:31 83360 ----a-w- C:\Windows\system32\LMIRfsClientNP.dll
2011-10-07 11:49:10 . 2011-03-09 19:59:32 52096 ----a-w- C:\Windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-10-07 11:49:08 . 2011-03-09 19:59:32 30592 ----a-w- C:\Windows\system32\LMIport.dll
2011-10-07 11:49:08 . 2011-03-09 19:59:29 87424 ----a-w- C:\Windows\system32\LMIinit.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 23:00:48 449608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="C:\Windows\SMINST\launcher.exe" [2008-02-22 19:20:16 44168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Attendance Rx.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Attendance Rx.lnk
backup=C:\Windows\pss\Attendance Rx.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59:06 937920 ----a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02:26 37296 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2007-07-23 19:06:28 77824 ----a-w- C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 17:44:34 31072 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 18:08:54 49208 ----a-w- C:\Program Files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-10-12 01:01:26 46368 ----a-w- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-09-17 20:40:06 63048 ----a-w- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 23:00:48 449608 ----a-w- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2011-08-31 23:00:48 1047208 ----a-w- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-10-12 01:03:10 29984 ----a-w- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-02-18 16:47:12 79192 ----a-w- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetRefresh]
2003-11-20 18:01:08 525824 ----a-w- C:\Program Files\HP\SetRefresh\SetRefresh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28:03 1233920 ----a-w- C:\Program Files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
2011-12-01 18:43:04 313160 ----a-w- C:\Users\rhizogen\AppData\Roaming\Smilebox\SmileboxTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-07-10 04:40:30 1282048 ----a-w- C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44:46 248552 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
2005-07-11 19:52:48 73728 ----a-w- C:\Program Files\USB Disk Win98 Driver\Res.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25:56 202240 ----a-w- C:\Program Files\Windows Media Player\wmpnscfg.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 18:16:28 130384]
R3 HPFXFAX;HPFXFAX;C:\Windows\system32\drivers\hpfxfax.sys [2007-07-16 21:29:43 20504]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 18:16:28 753504]
R4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2011-10-07 11:49:08 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2010-09-17 20:40:06 12856]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 23:00:48 366152]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-09-17 13:12:32 180736]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2011-08-31 23:00:50 22216]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08


------- Supplementary Scan -------

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=all&pf=cmdt
IE: Add to AVI Video Converter... - C:\Program Files\Media Player Utilities 4.29\AMVConverter\grab.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{25108261-8D72-49CC-80B9-4C97455452C0}: NameServer = 68.28.186.91,68.28.178.91
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
FF - ProfilePath - C:\Users\rhizogen\AppData\Roaming\Mozilla\Firefox\Profiles\6zgw1gw8.default\
FF - prefs.js: browser.search.selectedEngine - Inbox Search
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80179&language=en&qkw=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: yahoo.homepage.dontask - true


------- File Associations -------

.scr=DWGTrueViewScriptFile
  • 0

Advertisements

#47
Kristi2565
Posted 22 December 2011 - 08:13 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Rebooted machine. TDSSKiller had been downloaded before, so ran from desktop. Here is output.

08:08:09.0352 3884 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
08:08:09.0367 3884 ============================================================
08:08:09.0367 3884 Current date / time: 2011/12/22 08:08:09.0367
08:08:09.0367 3884 SystemInfo:
08:08:09.0367 3884
08:08:09.0367 3884 OS Version: 6.0.6002 ServicePack: 2.0
08:08:09.0367 3884 Product type: Workstation
08:08:09.0367 3884 ComputerName: TRP-FEB09
08:08:09.0367 3884 UserName: rhizogen
08:08:09.0367 3884 Windows directory: C:\Windows
08:08:09.0367 3884 System windows directory: C:\Windows
08:08:09.0367 3884 Processor architecture: Intel x86
08:08:09.0367 3884 Number of processors: 2
08:08:09.0367 3884 Page size: 0x1000
08:08:09.0367 3884 Boot type: Normal boot
08:08:09.0367 3884 ============================================================
08:08:10.0662 3884 Initialize success
08:08:13.0486 3908 ============================================================
08:08:13.0486 3908 Scan started
08:08:13.0486 3908 Mode: Manual;
08:08:13.0486 3908 ============================================================
08:08:14.0313 3908 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
08:08:14.0313 3908 ACPI - ok
08:08:14.0406 3908 ADIHdAudAddService (b0269f270d29f0b0d602959271ab623b) C:\Windows\system32\drivers\ADIHdAud.sys
08:08:14.0422 3908 ADIHdAudAddService - ok
08:08:14.0453 3908 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
08:08:14.0469 3908 adp94xx - ok
08:08:14.0547 3908 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
08:08:14.0562 3908 adpahci - ok
08:08:14.0593 3908 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
08:08:14.0593 3908 adpu160m - ok
08:08:14.0671 3908 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
08:08:14.0687 3908 adpu320 - ok
08:08:14.0859 3908 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\System32\drivers\afd.sys
08:08:14.0859 3908 AFD - ok
08:08:14.0952 3908 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
08:08:14.0952 3908 agp440 - ok
08:08:14.0983 3908 ahcix86s (a484c7cd9702e5b938295e9356dd2847) C:\Windows\system32\drivers\ahcix86s.sys
08:08:14.0999 3908 ahcix86s - ok
08:08:15.0077 3908 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
08:08:15.0077 3908 aic78xx - ok
08:08:15.0093 3908 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
08:08:15.0108 3908 aliide - ok
08:08:15.0217 3908 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
08:08:15.0233 3908 amdagp - ok
08:08:15.0311 3908 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
08:08:15.0311 3908 amdide - ok
08:08:15.0389 3908 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
08:08:15.0389 3908 AmdK7 - ok
08:08:15.0405 3908 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
08:08:15.0405 3908 AmdK8 - ok
08:08:15.0436 3908 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
08:08:15.0436 3908 AmdLLD - ok
08:08:15.0561 3908 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
08:08:15.0576 3908 arc - ok
08:08:15.0607 3908 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
08:08:15.0607 3908 arcsas - ok
08:08:15.0685 3908 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
08:08:15.0685 3908 AsyncMac - ok
08:08:15.0732 3908 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
08:08:15.0732 3908 atapi - ok
08:08:16.0029 3908 atikmdag (a8786ba8dc5338250f21833d98518aef) C:\Windows\system32\DRIVERS\atikmdag.sys
08:08:16.0091 3908 atikmdag - ok
08:08:16.0169 3908 AtiPcie (a356e45e8432432c06981ea63a1e0fe8) C:\Windows\system32\drivers\atipcie.sys
08:08:16.0169 3908 AtiPcie - ok
08:08:16.0216 3908 b57nd60x (79c5a0c7242bb6241ae14f9a3a6f2c19) C:\Windows\system32\DRIVERS\b57nd60x.sys
08:08:16.0216 3908 b57nd60x - ok
08:08:16.0294 3908 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
08:08:16.0294 3908 Beep - ok
08:08:16.0325 3908 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
08:08:16.0325 3908 blbdrive - ok
08:08:16.0341 3908 Blfp (ee0abf2145b5e3261311e346e2e3c1e0) C:\Windows\system32\DRIVERS\basp.sys
08:08:16.0341 3908 Blfp - ok
08:08:16.0450 3908 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
08:08:16.0450 3908 bowser - ok
08:08:16.0481 3908 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
08:08:16.0481 3908 BrFiltLo - ok
08:08:16.0528 3908 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
08:08:16.0528 3908 BrFiltUp - ok
08:08:16.0575 3908 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
08:08:16.0575 3908 Brserid - ok
08:08:16.0606 3908 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
08:08:16.0606 3908 BrSerWdm - ok
08:08:16.0637 3908 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
08:08:16.0637 3908 BrUsbMdm - ok
08:08:16.0699 3908 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
08:08:16.0699 3908 BrUsbSer - ok
08:08:16.0746 3908 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
08:08:16.0746 3908 BTHMODEM - ok
08:08:16.0824 3908 catchme - ok
08:08:17.0027 3908 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
08:08:17.0027 3908 cdfs - ok
08:08:17.0199 3908 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
08:08:17.0214 3908 cdrom - ok
08:08:17.0417 3908 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
08:08:17.0417 3908 circlass - ok
08:08:17.0511 3908 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
08:08:17.0526 3908 CLFS - ok
08:08:17.0682 3908 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
08:08:17.0713 3908 cmdide - ok
08:08:17.0760 3908 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
08:08:17.0760 3908 Compbatt - ok
08:08:17.0807 3908 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
08:08:17.0807 3908 crcdisk - ok
08:08:17.0869 3908 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
08:08:17.0869 3908 Crusoe - ok
08:08:17.0979 3908 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
08:08:17.0994 3908 CSC - ok
08:08:18.0119 3908 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
08:08:18.0119 3908 DfsC - ok
08:08:18.0244 3908 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
08:08:18.0244 3908 disk - ok
08:08:18.0353 3908 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
08:08:18.0353 3908 drmkaud - ok
08:08:18.0384 3908 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
08:08:18.0384 3908 DXGKrnl - ok
08:08:18.0509 3908 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
08:08:18.0509 3908 E1G60 - ok
08:08:18.0587 3908 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
08:08:18.0587 3908 Ecache - ok
08:08:18.0665 3908 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
08:08:18.0681 3908 elxstor - ok
08:08:18.0837 3908 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
08:08:18.0852 3908 ErrDev - ok
08:08:19.0039 3908 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
08:08:19.0055 3908 exfat - ok
08:08:19.0149 3908 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
08:08:19.0164 3908 fastfat - ok
08:08:19.0289 3908 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
08:08:19.0289 3908 fdc - ok
08:08:19.0320 3908 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
08:08:19.0320 3908 FileInfo - ok
08:08:19.0336 3908 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
08:08:19.0336 3908 Filetrace - ok
08:08:19.0414 3908 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
08:08:19.0414 3908 flpydisk - ok
08:08:19.0445 3908 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
08:08:19.0445 3908 FltMgr - ok
08:08:19.0617 3908 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
08:08:19.0617 3908 Fs_Rec - ok
08:08:19.0710 3908 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
08:08:19.0726 3908 gagp30kx - ok
08:08:19.0866 3908 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
08:08:19.0866 3908 HdAudAddService - ok
08:08:20.0069 3908 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
08:08:20.0085 3908 HDAudBus - ok
08:08:20.0194 3908 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
08:08:20.0194 3908 HidBth - ok
08:08:20.0272 3908 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
08:08:20.0287 3908 HidIr - ok
08:08:20.0381 3908 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
08:08:20.0381 3908 HidUsb - ok
08:08:20.0412 3908 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
08:08:20.0412 3908 HpCISSs - ok
08:08:20.0506 3908 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\Windows\system32\drivers\hpfxbulk.sys
08:08:20.0506 3908 HPFXBULK - ok
08:08:20.0599 3908 HPFXFAX (f728db73a87231e27b6ba34d71ce2edb) C:\Windows\system32\drivers\hpfxfax.sys
08:08:20.0599 3908 HPFXFAX - ok
08:08:20.0724 3908 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
08:08:20.0740 3908 HTTP - ok
08:08:20.0865 3908 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
08:08:20.0896 3908 i2omp - ok
08:08:20.0989 3908 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
08:08:20.0989 3908 i8042prt - ok
08:08:21.0021 3908 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
08:08:21.0021 3908 iaStorV - ok
08:08:21.0052 3908 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
08:08:21.0067 3908 iirsp - ok
08:08:21.0177 3908 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
08:08:21.0177 3908 intelide - ok
08:08:21.0208 3908 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
08:08:21.0208 3908 intelppm - ok
08:08:21.0286 3908 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:08:21.0286 3908 IpFilterDriver - ok
08:08:21.0286 3908 IpInIp - ok
08:08:21.0301 3908 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
08:08:21.0301 3908 IPMIDRV - ok
08:08:21.0348 3908 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
08:08:21.0348 3908 IPNAT - ok
08:08:21.0442 3908 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
08:08:21.0457 3908 IRENUM - ok
08:08:21.0520 3908 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
08:08:21.0535 3908 isapnp - ok
08:08:21.0567 3908 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
08:08:21.0567 3908 iScsiPrt - ok
08:08:21.0723 3908 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
08:08:21.0723 3908 iteatapi - ok
08:08:21.0801 3908 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
08:08:21.0801 3908 iteraid - ok
08:08:21.0832 3908 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
08:08:21.0832 3908 kbdclass - ok
08:08:21.0925 3908 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
08:08:21.0941 3908 kbdhid - ok
08:08:22.0019 3908 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
08:08:22.0035 3908 KSecDD - ok
08:08:22.0175 3908 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
08:08:22.0175 3908 lltdio - ok
08:08:22.0284 3908 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
08:08:22.0284 3908 LMIInfo - ok
08:08:22.0409 3908 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
08:08:22.0409 3908 lmimirr - ok
08:08:22.0471 3908 LMIRfsClientNP - ok
08:08:22.0627 3908 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
08:08:22.0627 3908 LMIRfsDriver - ok
08:08:22.0674 3908 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
08:08:22.0674 3908 LSI_FC - ok
08:08:22.0815 3908 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
08:08:22.0815 3908 LSI_SAS - ok
08:08:22.0861 3908 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
08:08:22.0861 3908 LSI_SCSI - ok
08:08:22.0877 3908 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
08:08:22.0877 3908 luafv - ok
08:08:22.0939 3908 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
08:08:22.0939 3908 MBAMProtector - ok
08:08:23.0002 3908 MBAMSwissArmy - ok
08:08:23.0017 3908 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
08:08:23.0033 3908 megasas - ok
08:08:23.0095 3908 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
08:08:23.0095 3908 MegaSR - ok
08:08:23.0142 3908 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
08:08:23.0142 3908 Modem - ok
08:08:23.0205 3908 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
08:08:23.0205 3908 monitor - ok
08:08:23.0298 3908 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
08:08:23.0298 3908 mouclass - ok
08:08:23.0454 3908 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
08:08:23.0470 3908 mouhid - ok
08:08:23.0563 3908 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
08:08:23.0563 3908 MountMgr - ok
08:08:23.0579 3908 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
08:08:23.0579 3908 mpio - ok
08:08:23.0797 3908 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
08:08:23.0829 3908 mpsdrv - ok
08:08:23.0891 3908 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
08:08:23.0891 3908 Mraid35x - ok
08:08:23.0922 3908 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
08:08:23.0922 3908 MRxDAV - ok
08:08:23.0985 3908 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:08:24.0000 3908 mrxsmb - ok
08:08:24.0156 3908 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:08:24.0172 3908 mrxsmb10 - ok
08:08:24.0265 3908 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:08:24.0265 3908 mrxsmb20 - ok
08:08:24.0281 3908 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
08:08:24.0281 3908 msahci - ok
08:08:24.0312 3908 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
08:08:24.0312 3908 msdsm - ok
08:08:24.0390 3908 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
08:08:24.0390 3908 Msfs - ok
08:08:24.0406 3908 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
08:08:24.0406 3908 msisadrv - ok
08:08:24.0499 3908 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
08:08:24.0515 3908 MSKSSRV - ok
08:08:24.0546 3908 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
08:08:24.0546 3908 MSPCLOCK - ok
08:08:24.0624 3908 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
08:08:24.0640 3908 MSPQM - ok
08:08:24.0671 3908 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
08:08:24.0687 3908 MsRPC - ok
08:08:24.0702 3908 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
08:08:24.0702 3908 mssmbios - ok
08:08:24.0796 3908 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
08:08:24.0827 3908 MSTEE - ok
08:08:24.0874 3908 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
08:08:24.0874 3908 Mup - ok
08:08:24.0952 3908 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
08:08:24.0952 3908 NativeWifiP - ok
08:08:25.0014 3908 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
08:08:25.0014 3908 NDIS - ok
08:08:25.0123 3908 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
08:08:25.0123 3908 NdisTapi - ok
08:08:25.0155 3908 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
08:08:25.0155 3908 Ndisuio - ok
08:08:25.0217 3908 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
08:08:25.0217 3908 NdisWan - ok
08:08:25.0248 3908 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
08:08:25.0248 3908 NDProxy - ok
08:08:25.0295 3908 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
08:08:25.0295 3908 NetBIOS - ok
08:08:25.0357 3908 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
08:08:25.0357 3908 netbt - ok
08:08:25.0420 3908 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
08:08:25.0420 3908 nfrd960 - ok
08:08:25.0467 3908 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
08:08:25.0467 3908 Npfs - ok
08:08:25.0482 3908 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
08:08:25.0482 3908 nsiproxy - ok
08:08:25.0591 3908 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
08:08:25.0591 3908 Ntfs - ok
08:08:25.0669 3908 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
08:08:25.0685 3908 ntrigdigi - ok
08:08:25.0779 3908 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
08:08:25.0794 3908 Null - ok
08:08:25.0825 3908 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
08:08:25.0825 3908 nvraid - ok
08:08:25.0888 3908 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
08:08:25.0888 3908 nvstor - ok
08:08:25.0935 3908 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
08:08:25.0935 3908 nv_agp - ok
08:08:25.0935 3908 NwlnkFlt - ok
08:08:25.0950 3908 NwlnkFwd - ok
08:08:25.0981 3908 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
08:08:25.0997 3908 ohci1394 - ok
08:08:26.0075 3908 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
08:08:26.0075 3908 Parport - ok
08:08:26.0137 3908 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
08:08:26.0137 3908 partmgr - ok
08:08:26.0153 3908 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
08:08:26.0153 3908 Parvdm - ok
08:08:26.0215 3908 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
08:08:26.0215 3908 pci - ok
08:08:26.0262 3908 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
08:08:26.0262 3908 pciide - ok
08:08:26.0387 3908 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
08:08:26.0403 3908 pcmcia - ok
08:08:26.0559 3908 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
08:08:26.0574 3908 PEAUTH - ok
08:08:26.0683 3908 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
08:08:26.0683 3908 PptpMiniport - ok
08:08:26.0699 3908 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
08:08:26.0699 3908 Processor - ok
08:08:26.0746 3908 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
08:08:26.0746 3908 PSched - ok
08:08:26.0855 3908 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
08:08:26.0871 3908 ql2300 - ok
08:08:26.0886 3908 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
08:08:26.0886 3908 ql40xx - ok
08:08:26.0949 3908 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
08:08:26.0964 3908 QWAVEdrv - ok
08:08:27.0011 3908 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
08:08:27.0011 3908 RasAcd - ok
08:08:27.0073 3908 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:08:27.0073 3908 Rasl2tp - ok
08:08:27.0105 3908 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
08:08:27.0105 3908 RasPppoe - ok
08:08:27.0136 3908 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
08:08:27.0136 3908 RasSstp - ok
08:08:27.0167 3908 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
08:08:27.0167 3908 rdbss - ok
08:08:27.0245 3908 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:08:27.0245 3908 RDPCDD - ok
08:08:27.0292 3908 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
08:08:27.0292 3908 rdpdr - ok
08:08:27.0307 3908 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
08:08:27.0307 3908 RDPENCDD - ok
08:08:27.0354 3908 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
08:08:27.0354 3908 RDPWD - ok
08:08:27.0463 3908 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys
08:08:27.0479 3908 RimUsb - ok
08:08:27.0573 3908 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
08:08:27.0573 3908 RimVSerPort - ok
08:08:27.0604 3908 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
08:08:27.0604 3908 ROOTMODEM - ok
08:08:27.0682 3908 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
08:08:27.0697 3908 rspndr - ok
08:08:27.0729 3908 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
08:08:27.0729 3908 sbp2port - ok
08:08:27.0838 3908 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
08:08:27.0838 3908 secdrv - ok
08:08:27.0869 3908 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
08:08:27.0869 3908 Serenum - ok
08:08:27.0947 3908 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
08:08:27.0963 3908 Serial - ok
08:08:28.0025 3908 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\DRIVERS\sermouse.sys
08:08:28.0025 3908 sermouse - ok
08:08:28.0087 3908 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
08:08:28.0087 3908 sffdisk - ok
08:08:28.0103 3908 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
08:08:28.0119 3908 sffp_mmc - ok
08:08:28.0119 3908 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
08:08:28.0134 3908 sffp_sd - ok
08:08:28.0150 3908 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
08:08:28.0150 3908 sfloppy - ok
08:08:28.0181 3908 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
08:08:28.0181 3908 sisagp - ok
08:08:28.0228 3908 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
08:08:28.0228 3908 SiSRaid2 - ok
08:08:28.0243 3908 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
08:08:28.0243 3908 SiSRaid4 - ok
08:08:28.0275 3908 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
08:08:28.0275 3908 Smb - ok
08:08:28.0321 3908 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
08:08:28.0321 3908 spldr - ok
08:08:28.0493 3908 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
08:08:28.0493 3908 srv - ok
08:08:28.0618 3908 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
08:08:28.0618 3908 srv2 - ok
08:08:28.0743 3908 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
08:08:28.0758 3908 srvnet - ok
08:08:28.0867 3908 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
08:08:28.0867 3908 sscdbus - ok
08:08:28.0945 3908 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
08:08:28.0945 3908 StillCam - ok
08:08:28.0977 3908 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
08:08:28.0977 3908 swenum - ok
08:08:29.0055 3908 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
08:08:29.0055 3908 Symc8xx - ok
08:08:29.0148 3908 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
08:08:29.0179 3908 Sym_hi - ok
08:08:29.0491 3908 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
08:08:29.0507 3908 Sym_u3 - ok
08:08:29.0725 3908 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
08:08:29.0741 3908 Tcpip - ok
08:08:30.0022 3908 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
08:08:30.0022 3908 Tcpip6 - ok
08:08:30.0178 3908 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
08:08:30.0178 3908 tcpipreg - ok
08:08:30.0287 3908 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
08:08:30.0287 3908 TDPIPE - ok
08:08:30.0303 3908 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
08:08:30.0303 3908 TDTCP - ok
08:08:30.0365 3908 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
08:08:30.0365 3908 tdx - ok
08:08:30.0412 3908 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
08:08:30.0412 3908 TermDD - ok
08:08:30.0505 3908 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
08:08:30.0505 3908 TPM - ok
08:08:30.0583 3908 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:08:30.0583 3908 tssecsrv - ok
08:08:30.0615 3908 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
08:08:30.0615 3908 tunmp - ok
08:08:30.0724 3908 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
08:08:30.0739 3908 tunnel - ok
08:08:30.0864 3908 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
08:08:30.0864 3908 uagp35 - ok
08:08:30.0895 3908 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
08:08:30.0895 3908 udfs - ok
08:08:30.0942 3908 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
08:08:30.0942 3908 uliagpkx - ok
08:08:30.0958 3908 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
08:08:30.0958 3908 uliahci - ok
08:08:30.0973 3908 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
08:08:30.0973 3908 UlSata - ok
08:08:31.0067 3908 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
08:08:31.0067 3908 ulsata2 - ok
08:08:31.0083 3908 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
08:08:31.0083 3908 umbus - ok
08:08:31.0317 3908 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
08:08:31.0317 3908 usbaudio - ok
08:08:31.0379 3908 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
08:08:31.0395 3908 usbccgp - ok
08:08:31.0426 3908 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys
08:08:31.0441 3908 USBCCID - ok
08:08:31.0504 3908 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
08:08:31.0504 3908 usbcir - ok
08:08:31.0566 3908 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
08:08:31.0582 3908 usbehci - ok
08:08:31.0675 3908 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
08:08:31.0675 3908 usbhub - ok
08:08:31.0707 3908 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
08:08:31.0707 3908 usbohci - ok
08:08:31.0800 3908 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
08:08:31.0800 3908 usbprint - ok
08:08:31.0831 3908 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
08:08:31.0831 3908 usbscan - ok
08:08:31.0878 3908 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:08:31.0894 3908 USBSTOR - ok
08:08:31.0956 3908 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
08:08:31.0956 3908 usbuhci - ok
08:08:32.0019 3908 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
08:08:32.0019 3908 vga - ok
08:08:32.0081 3908 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
08:08:32.0081 3908 VgaSave - ok
08:08:32.0128 3908 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
08:08:32.0143 3908 viaagp - ok
08:08:32.0159 3908 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
08:08:32.0159 3908 ViaC7 - ok
08:08:32.0237 3908 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
08:08:32.0237 3908 viaide - ok
08:08:32.0268 3908 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
08:08:32.0268 3908 volmgr - ok
08:08:32.0315 3908 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
08:08:32.0315 3908 volmgrx - ok
08:08:32.0409 3908 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
08:08:32.0409 3908 volsnap - ok
08:08:32.0502 3908 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
08:08:32.0518 3908 vsmraid - ok
08:08:32.0596 3908 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
08:08:32.0596 3908 WacomPen - ok
08:08:32.0627 3908 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
08:08:32.0627 3908 Wanarp - ok
08:08:32.0643 3908 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
08:08:32.0643 3908 Wanarpv6 - ok
08:08:32.0674 3908 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
08:08:32.0674 3908 Wd - ok
08:08:32.0799 3908 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
08:08:32.0814 3908 Wdf01000 - ok
08:08:32.0877 3908 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
08:08:32.0877 3908 WimFltr - ok
08:08:32.0939 3908 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
08:08:32.0939 3908 WmiAcpi - ok
08:08:33.0033 3908 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
08:08:33.0048 3908 WpdUsb - ok
08:08:33.0095 3908 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
08:08:33.0095 3908 ws2ifsl - ok
08:08:33.0157 3908 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:08:33.0173 3908 WUDFRd - ok
08:08:33.0204 3908 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
08:08:33.0220 3908 \Device\Harddisk0\DR0 - ok
08:08:33.0220 3908 Boot (0x1200) (62d5f4b1c3f36db5c609042b97200095) \Device\Harddisk0\DR0\Partition0
08:08:33.0220 3908 \Device\Harddisk0\DR0\Partition0 - ok
08:08:33.0251 3908 Boot (0x1200) (ab711ea1d62df31a355fd44588ba4883) \Device\Harddisk0\DR0\Partition1
08:08:33.0251 3908 \Device\Harddisk0\DR0\Partition1 - ok
08:08:33.0298 3908 Boot (0x1200) (db6b2cf5e222e58e7163cf32358c1e74) \Device\Harddisk0\DR0\Partition2
08:08:33.0329 3908 \Device\Harddisk0\DR0\Partition2 - ok
08:08:33.0329 3908 ============================================================
08:08:33.0329 3908 Scan finished
08:08:33.0329 3908 ============================================================
08:08:33.0345 3900 Detected object count: 0
08:08:33.0345 3900 Actual detected object count: 0
  • 0

#48
Kristi2565
Posted 22 December 2011 - 09:18 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Ran aswMBR. did not have an option to change a-v scan to none. Fix button NOT enabled after scan. saved output to flash drive.

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-22 09:06:12
-----------------------------
09:06:12.075 OS Version: Windows 6.0.6002 Service Pack 2
09:06:12.075 Number of processors: 2 586 0x6B02
09:06:12.075 ComputerName: TRP-FEB09 UserName: rhizogen
09:06:12.403 Initialze error 0
09:06:57.619 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:06:57.619 Disk 0 Vendor: Hitachi_HDP725016GLA380 GMBOA5KA Size: 152627MB BusType: 3
09:06:59.647 Disk 0 MBR read successfully
09:06:59.647 Disk 0 MBR scan
09:06:59.647 Disk 0 Windows VISTA default MBR code
09:06:59.678 Disk 0 scanning sectors +312578048
09:06:59.740 Disk 0 scanning C:\Windows\system32\drivers
09:06:59.740 Service scanning
09:07:00.770 Modules scanning
09:07:01.160 Scan finished successfully
09:07:59.625 Disk 0 MBR has been saved successfully to "G:\MBR.dat"
09:07:59.656 The log file has been saved successfully to "G:\aswMBR.txt"
  • 0

#49
Kristi2565
Posted 22 December 2011 - 09:33 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I noticed last night that Malwarebytes had updated successfully so I ran from desktop. No malicious items were detected.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122104

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421

12/22/2011 9:28:05 AM
mbam-log-2011-12-22 (09-28-05).txt

Scan type: Quick scan
Objects scanned: 164323
Time elapsed: 2 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#50
RKinner
Posted 22 December 2011 - 10:14 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
In IE, Files, uncheck Work Offline. Restart IE and test. If still no good:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, (Tools or the Firefox button), Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK. Restart Chrome and test.

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:

sc  query  afd
sc  query  dhcp
Does it say afd is running?
Does it say dhcp is running?

ipconfig

(Does it work? What IP address and gateway do you get?)

nslookup  att.com

Do you get something like this:


Non-authoritative answer:
Name: att.com
Addresses: 144.160.155.43
144.160.36.42

ipconfig /flushdns

netsh  winsock  reset catalog

netsh  int ip  reset  reset.log

Reboot and try it now. Any luck?
  • 0

#51
Kristi2565
Posted 22 December 2011 - 10:43 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Does it say afd is running? YES
Does it say dhcp is running? YES

ipconfig screenshot

Attached Thumbnails

  • ipconfig screenshot .jpg

  • 0

#52
RKinner
Posted 22 December 2011 - 10:58 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
That's odd. No default gateway and such a high IP address. If you manually put in the 192.168.168.62 then you need to put in the gateway which is usually going to be 192.168.168.1. Otherwise:

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:


ipconfig  /release

ipconfig  /renew

ipconfig

Does it show a default gateway now or did you get an error from the ipconfig /release or /renew commands?
  • 0

#53
Kristi2565
Posted 22 December 2011 - 11:17 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ipconfig / release screenshot

Attached Thumbnails

  • ipconfig release.jpg

  • 0

#54
Kristi2565
Posted 22 December 2011 - 11:19 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ipconfig/renew screenshot

Attached Thumbnails

  • ipconfig renew.jpg

  • 0

#55
Kristi2565
Posted 22 December 2011 - 11:20 AM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ipconfig screenshot

Attached Thumbnails

  • ipconfig.jpg

  • 0

Advertisements

#56
RKinner
Posted 22 December 2011 - 11:45 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Try it again but do not leave a space after the / (there should only be a space before the slash)
  • 0

#57
Kristi2565
Posted 22 December 2011 - 02:35 PM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
trying it now
  • 0

#58
Kristi2565
Posted 22 December 2011 - 02:40 PM

Kristi2565

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Release renew inconfig screenshot

Attached Thumbnails

  • release renew ipconfig.jpg

  • 0

#59
RKinner
Posted 22 December 2011 - 05:52 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Appears that you do not have it set up to get an IP address automatically.

Start, Control Panel, Network and Sharing Center, Change Adapter Settings,
right click on the connection you are trying to use to connect. Select Properties.
Click on Internet Protocol version 4 (TCP/IPv4) and then on Properties.

Click on Obtain an IP Address Automatically. Also Click on Obtain DNS Server Address Automatically.

OK.

Now try the ipconfig /release and ipconfig /renew commands again.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP