Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot connect to internet after Microsoft Essential Cleanup

Started by RUSTslash , Dec 22 2011 03:48 PM

  • Please log in to reply

#1
RUSTslash
Posted 22 December 2011 - 03:48 PM

RUSTslash

    Member

  • Member
  • PipPip
  • 19 posts
Hello,

I was doing a scan for malware, etc, using Microsoft Security and it detected and picked up about 6 different issues. After the cleanup I noticed that my PC would not connect to the internet. I'm using a wireless router and a Belkin N Wireless Adapter. Currently, I'm using my wife's laptop (which obviously works fine) and my Xbox all my connect to the internet.

I tried following the instructions on a different post with the similar issue (would not connect, the link here) to try and flush the DNS with no go. I've checked my internet settings and nothing has changed. The wireless adapter picks up my router and has full strength but simply does not connect. I did notice that when I attempt to run /ipconfig the screen pops up for less than a second and exits. Before running MS, I ran ESET and Malwarebytes which found no issues, it was only after I ran MS and cleaned what it found that I began to have problems.

I was wondering if someone could walk me through my PC to see if there's any issues. Since I don't have internet connection on my PC I won't be able to download any specific anti-malware.

Thanks!
  • 0

Advertisements

#2
RKinner
Posted 23 December 2011 - 12:32 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, (Tools or the Firefox button), Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK. Restart and test.

If still no good:

Start, (All) Programs, Accessories, Command Prompt (Vista/Win7 must right click on Command Prompt and Run As Admin.) Type with an Enter after each line

ipconfig

Does it have an IP address, mask , Default Gateway? IF so what are they. If it gives you an error what does it say?

net  start  dhcp

Does it say the service is already running or do you get another error? What error? If you get an error then do the next step:

sc  query  afd

IF you had a default gateway in ipconfig (Say the default gateway was 192.168.0.1) then try to ping it:

ping  192.168.0.1

Do you get replies? IF so:
nslookup  att.com


Do you get:

Non-authoritative answer:
Name: att.com
Addresses: 144.160.36.42
144.160.155.43


Ron
  • 0

#3
RUSTslash
Posted 23 December 2011 - 10:26 AM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Ron,

First, thank you for your time and assistance.

Here are the results to your questions:

1) Followed all instructions on IE, Firefox, and Chrome with no go.

2) After checking "ipconfig" I did not receive an IP address or any of the information a normal working connection would show (it was just blank) and under "Media State" the result was "Media Disconnected"

3) After checking "net start dhcp" I received this result:

system error 1075 has occurred. The dependency service does not exist or has been marked for deletion.


4) After running "sc query afd" I received:
Attached File  sc_queary_afd.bmp   248.55KB   186 downloads

5) I tried pinging the system and received this:
Attached File  ping_192.bmp   209.53KB   143 downloads

6) Entered "nslookup att.com" for kicks and giggles and received:
Attached File  nslookup_att.bmp   120.99KB   132 downloads

I should add that the Belkin N Wireless Adapter that I was using was not showing its solid or blinking blue light to confirm connectivity. I corrected that issue and PC recognizes my security password and even states that it's connected but still no go access to the internet.
  • 0

#4
RKinner
Posted 23 December 2011 - 01:37 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
OK. I got one right and one wrong. We need dhcp to be running in order to get an IP address and it is not running. It won't run unless three other programs are running. AFD is the most common one but this time it appears to be one of the other two:


Start, (All) Programs, Accessories, Command Prompt (Vista/Win7 must right click on Command Prompt and Run As Admin.) Type with an Enter after each line

sc  query  netbt

sc  query  tcpip

See if one of them is not running or does not exist.

We can check if dhcp need anything else:
Start, Run, services.msc, OK then find DHCP and right click and select Properties then click ont he Dependencies tab and it should tell you if it depends on anything else besides afd, NetBT, and TCPIP (which it shouldn't but you never know).
  • 0

#5
RUSTslash
Posted 23 December 2011 - 04:15 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Ran 'sc query netbt' with the following results:

[SC] EnumQueryServicesStatus:OpenService FAILED 1060:
The specified service does not exist as an installed service.



Ran 'sc query tcpip' with the following results:

SERVICE_NAME: tcpip
TYPE :1 KERNEL_DRIVER
STATE :4 RUNNING
(STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE :0 (0X0)
SERVICE_EXIT_CODE :0 (0X0)
CHECKPOINT :0X0
WAIT_HINT :0X0


Checked the dependencies and it's showing AFD and TCP/IP Protocol Driver. No NetBT if that makes any difference.
  • 0

#6
RKinner
Posted 23 December 2011 - 10:20 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I'm assuming you have XP since that what you mention in your profile. If that's not what you have then let me know.

Let's reinstall netbt.

Download the attached netbt.zip and save it to your desktop. Right click on it and Extract All. Right click on netbt.reg and MERGE it into the registry.

Reboot and see if

sc query netbt

now works. Does

sc query dhcp

work?
  • 0

#7
RUSTslash
Posted 24 December 2011 - 09:50 AM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I receive the following message:

Cannot import C:\Documents and Settings\Administrator\Desktop\netbt.reg: Error accessing the registry


  • 0

#8
RKinner
Posted 24 December 2011 - 12:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I expect you still have an active infection.

You can try going into regedit and navigate to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT

Click on NetBT then right click and DELETE.

Repeat for

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETBT

(Click on LEGACY_NetBT then right click and DELETE.)

Then try the Merge again.

If it won't let you delete one or both keys then you will need to take ownership of the key(s).

http://www.microsoft...n.mspx?mfr=true

Once you own the key you should be able to delete it (you may have to first change the permissions on it to give yourself Full Control)

If it still won't let you Merge then you will need to run some scans. You will need to download them on a clean computer and copy them via CD or USB drive to the desktop of the sick PC:

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
  • 0

#9
RUSTslash
Posted 26 December 2011 - 03:01 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I had to run the cleaning programs because it did not let me merge the netbt file. Below are the results to each instruction:

Combofix


ComboFix 11-12-26.02 - Administrator 12/26/2011 14:19:32.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3068.2764 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\netbt.sys was missing
Restored copy from - c:\windows\system32\dllcache\netbt.sys
.
.
((((((((((((((((((((((((( Files Created from 2011-11-26 to 2011-12-26 )))))))))))))))))))))))))))))))
.
.
2011-12-26 20:26 . 2008-04-14 07:00 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2011-12-26 20:26 . 2008-04-14 07:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-12-23 15:25 . 2011-12-23 15:25 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-12-23 15:24 . 2011-12-23 15:24 -------- d-----w- c:\program files\Belkin
2011-12-19 20:49 . 2011-12-19 20:49 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Sun
2011-12-19 19:32 . 2011-12-19 19:32 -------- d-----w- c:\program files\Trixie
2011-12-19 19:30 . 2011-08-31 23:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-19 19:21 . 2011-12-19 19:21 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-27 06:14 . 2011-11-27 06:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\SWTOR
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 22:50 . 2011-05-18 03:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-29 00:25 . 2011-09-29 00:26 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-29 00:25 . 2011-01-27 19:42 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-16 14:15 . 2011-09-26 00:27 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 04:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2011-10-01 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-26 458865]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]
"Malwarebytes' Anti-Malware"="c:\program files\Trixie\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Belkin F5D8053 N Wireless USB Adapter Utility.lnk - c:\program files\Belkin\F5D8053\Belkinwcui.exe [2007-9-17 1732608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 19:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
.
R2 MBAMService;MBAMService;c:\program files\Trixie\mbamservice.exe [12/19/2011 1:32 PM 366152]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [4/7/2010 4:06 PM 241880]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/19/2011 1:30 PM 22216]
S0 cerc6;cerc6; [x]
S1 MpKsl06b810b7;MpKsl06b810b7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AD96908B-848C-4037-9E4A-F7D85E8A715D}\MpKsl06b810b7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AD96908B-848C-4037-9E4A-F7D85E8A715D}\MpKsl06b810b7.sys [?]
S1 MpKsl1ac66141;MpKsl1ac66141;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15E08F71-9E2C-4CBB-BA4B-3D13581724C5}\MpKsl1ac66141.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15E08F71-9E2C-4CBB-BA4B-3D13581724C5}\MpKsl1ac66141.sys [?]
S1 MpKsl2bffa4f3;MpKsl2bffa4f3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D76687A8-2DD4-410D-80B3-C8A235CF9676}\MpKsl2bffa4f3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D76687A8-2DD4-410D-80B3-C8A235CF9676}\MpKsl2bffa4f3.sys [?]
S1 MpKsl3dd639ab;MpKsl3dd639ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3F9DE416-C5C0-4F39-98FE-7F33C212DF26}\MpKsl3dd639ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3F9DE416-C5C0-4F39-98FE-7F33C212DF26}\MpKsl3dd639ab.sys [?]
S1 MpKsl3ee6b27e;MpKsl3ee6b27e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7E14D46-6847-4AB2-A92F-807E6098A183}\MpKsl3ee6b27e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7E14D46-6847-4AB2-A92F-807E6098A183}\MpKsl3ee6b27e.sys [?]
S1 MpKsl42c55817;MpKsl42c55817;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{81B9A58F-B028-40F9-A332-950FC3CFE404}\MpKsl42c55817.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{81B9A58F-B028-40F9-A332-950FC3CFE404}\MpKsl42c55817.sys [?]
S1 MpKsl4f969476;MpKsl4f969476;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50A89A6B-0244-42DD-8124-C3897BBD0D31}\MpKsl4f969476.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50A89A6B-0244-42DD-8124-C3897BBD0D31}\MpKsl4f969476.sys [?]
S1 MpKsl53b0eed7;MpKsl53b0eed7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15E08F71-9E2C-4CBB-BA4B-3D13581724C5}\MpKsl53b0eed7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15E08F71-9E2C-4CBB-BA4B-3D13581724C5}\MpKsl53b0eed7.sys [?]
S1 MpKsl5ba1b3be;MpKsl5ba1b3be;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4ED82AD8-71A1-491F-9D4A-CDC659B4F0DF}\MpKsl5ba1b3be.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4ED82AD8-71A1-491F-9D4A-CDC659B4F0DF}\MpKsl5ba1b3be.sys [?]
S1 MpKsl63898193;MpKsl63898193;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CD418109-5F0E-4413-B106-51E225B31150}\MpKsl63898193.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CD418109-5F0E-4413-B106-51E225B31150}\MpKsl63898193.sys [?]
S1 MpKsl76c2176a;MpKsl76c2176a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{51C380B9-1139-4B35-995E-08D2C7B2549D}\MpKsl76c2176a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{51C380B9-1139-4B35-995E-08D2C7B2549D}\MpKsl76c2176a.sys [?]
S1 MpKsl8773eb8e;MpKsl8773eb8e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CD418109-5F0E-4413-B106-51E225B31150}\MpKsl8773eb8e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CD418109-5F0E-4413-B106-51E225B31150}\MpKsl8773eb8e.sys [?]
S1 MpKsl935305f2;MpKsl935305f2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{59AF50C3-3217-4AA4-BC69-25665B0320E4}\MpKsl935305f2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{59AF50C3-3217-4AA4-BC69-25665B0320E4}\MpKsl935305f2.sys [?]
S1 MpKsl9597717e;MpKsl9597717e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50A89A6B-0244-42DD-8124-C3897BBD0D31}\MpKsl9597717e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50A89A6B-0244-42DD-8124-C3897BBD0D31}\MpKsl9597717e.sys [?]
S1 MpKslb4ee7440;MpKslb4ee7440;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8588E8D6-820C-405E-A982-5E6F66E4E9B1}\MpKslb4ee7440.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8588E8D6-820C-405E-A982-5E6F66E4E9B1}\MpKslb4ee7440.sys [?]
S1 MpKslbf532416;MpKslbf532416;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D95AC20E-A1AD-49CE-93FA-59D855FC4C3D}\MpKslbf532416.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D95AC20E-A1AD-49CE-93FA-59D855FC4C3D}\MpKslbf532416.sys [?]
S1 MpKsldb37e6d8;MpKsldb37e6d8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8588E8D6-820C-405E-A982-5E6F66E4E9B1}\MpKsldb37e6d8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8588E8D6-820C-405E-A982-5E6F66E4E9B1}\MpKsldb37e6d8.sys [?]
S1 MpKsle513fdeb;MpKsle513fdeb;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8128BD5-3111-4206-9ADB-407C1D48FC9E}\MpKsle513fdeb.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F8128BD5-3111-4206-9ADB-407C1D48FC9E}\MpKsle513fdeb.sys [?]
S1 MpKsle6f6e2b0;MpKsle6f6e2b0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AD96908B-848C-4037-9E4A-F7D85E8A715D}\MpKsle6f6e2b0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AD96908B-848C-4037-9E4A-F7D85E8A715D}\MpKsle6f6e2b0.sys [?]
S1 MpKsleb177773;MpKsleb177773;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A1437ABD-F1B5-4D21-9307-598510AD523B}\MpKsleb177773.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A1437ABD-F1B5-4D21-9307-598510AD523B}\MpKsleb177773.sys [?]
S1 MpKslf433ae2d;MpKslf433ae2d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D95AC20E-A1AD-49CE-93FA-59D855FC4C3D}\MpKslf433ae2d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D95AC20E-A1AD-49CE-93FA-59D855FC4C3D}\MpKslf433ae2d.sys [?]
S1 MpKslfde536e0;MpKslfde536e0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D76687A8-2DD4-410D-80B3-C8A235CF9676}\MpKslfde536e0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D76687A8-2DD4-410D-80B3-C8A235CF9676}\MpKslfde536e0.sys [?]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1957994488-1606980848-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-13 20:54]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1957994488-1606980848-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-13 20:54]
.
2011-12-26 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-29 04:44]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wm26d1rp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke Bar Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - prefs.js: network.proxy.type - 0
FF - user.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=corsairzwbho&keywords=
FF - user.js: keyword.enabled - 1
.
.
------- File Associations -------
.
exefile="c:\documents and settings\NetworkService\Local Settings\Application Data\mjb.exe" -a "%1" %*
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-26 14:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1177238915-1957994488-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6f,bf,48,94,86,3c,0d,4d,9e,35,0c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3c,96,36,0b,ba,90,a5,4c,88,a7,f6,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6f,bf,48,94,86,3c,0d,4d,9e,35,0c,\
.
[HKEY_USERS\S-1-5-21-1177238915-1957994488-1606980848-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:56,9f,58,1f,ae,42,c6,cf,9d,d5,3b,23,e3,c7,29,03,52,ea,4e,2a,22,f9,3a,
45,a4,73,fd,9e,5e,7d,49,fe,2c,2d,76,ca,47,5a,79,96,f8,73,1c,94,33,bf,f3,7d,\
"??"=hex:2a,6f,c1,59,11,da,5e,27,00,47,ac,c1,e7,b6,39,d0
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6f,bf,48,94,86,3c,0d,4d,9e,35,0c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6f,bf,48,94,86,3c,0d,4d,9e,35,0c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2460)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-12-26 14:31:59 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-26 20:31
ComboFix2.txt 2011-12-19 21:25
.
Pre-Run: 6,311,620,608 bytes free
Post-Run: 6,315,376,640 bytes free
.
- - End Of File - - BA85DB96E084CC4783F6B477989A9AC5

TDSSKiller w/o change parameters

14:39:01.0078 2600 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:39:01.0125 2600 ============================================================
14:39:01.0125 2600 Current date / time: 2011/12/26 14:39:01.0125
14:39:01.0125 2600 SystemInfo:
14:39:01.0125 2600
14:39:01.0125 2600 OS Version: 5.1.2600 ServicePack: 3.0
14:39:01.0125 2600 Product type: Workstation
14:39:01.0125 2600 ComputerName: GABE-PC
14:39:01.0125 2600 UserName: Administrator
14:39:01.0125 2600 Windows directory: C:\WINDOWS
14:39:01.0125 2600 System windows directory: C:\WINDOWS
14:39:01.0125 2600 Processor architecture: Intel x86
14:39:01.0125 2600 Number of processors: 2
14:39:01.0125 2600 Page size: 0x1000
14:39:01.0125 2600 Boot type: Normal boot
14:39:01.0125 2600 ============================================================
14:39:02.0984 2600 Initialize success
14:39:29.0484 3136 ============================================================
14:39:29.0484 3136 Scan started
14:39:29.0484 3136 Mode: Manual;
14:39:29.0484 3136 ============================================================
14:39:29.0781 3136 Abiosdsk - ok
14:39:29.0796 3136 abp480n5 - ok
14:39:29.0875 3136 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:39:29.0875 3136 ACPI - ok
14:39:29.0953 3136 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:39:29.0953 3136 ACPIEC - ok
14:39:29.0968 3136 adpu160m - ok
14:39:30.0031 3136 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:39:30.0046 3136 aec - ok
14:39:30.0109 3136 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
14:39:30.0109 3136 AegisP - ok
14:39:30.0187 3136 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
14:39:30.0203 3136 AFD - ok
14:39:30.0234 3136 Aha154x - ok
14:39:30.0265 3136 aic78u2 - ok
14:39:30.0281 3136 aic78xx - ok
14:39:30.0296 3136 AliIde - ok
14:39:30.0312 3136 amsint - ok
14:39:30.0375 3136 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:39:30.0375 3136 Arp1394 - ok
14:39:30.0390 3136 asc - ok
14:39:30.0406 3136 asc3350p - ok
14:39:30.0421 3136 asc3550 - ok
14:39:30.0453 3136 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:39:30.0453 3136 AsyncMac - ok
14:39:30.0562 3136 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:39:30.0562 3136 atapi - ok
14:39:30.0562 3136 Atdisk - ok
14:39:30.0593 3136 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:39:30.0593 3136 Atmarpc - ok
14:39:30.0640 3136 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:39:30.0640 3136 audstub - ok
14:39:30.0687 3136 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:39:30.0687 3136 Beep - ok
14:39:30.0687 3136 catchme - ok
14:39:30.0718 3136 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:39:30.0718 3136 cbidf2k - ok
14:39:30.0734 3136 cd20xrnt - ok
14:39:30.0750 3136 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:39:30.0750 3136 Cdaudio - ok
14:39:30.0796 3136 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:39:30.0796 3136 Cdfs - ok
14:39:30.0875 3136 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:39:30.0875 3136 Cdrom - ok
14:39:30.0906 3136 cerc6 - ok
14:39:30.0921 3136 Changer - ok
14:39:30.0953 3136 CmdIde - ok
14:39:30.0984 3136 Cpqarray - ok
14:39:31.0000 3136 dac2w2k - ok
14:39:31.0015 3136 dac960nt - ok
14:39:31.0046 3136 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:39:31.0046 3136 Disk - ok
14:39:31.0093 3136 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:39:31.0125 3136 dmboot - ok
14:39:31.0156 3136 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:39:31.0171 3136 dmio - ok
14:39:31.0187 3136 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:39:31.0187 3136 dmload - ok
14:39:31.0250 3136 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:39:31.0265 3136 DMusic - ok
14:39:31.0281 3136 dpti2o - ok
14:39:31.0343 3136 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:39:31.0343 3136 drmkaud - ok
14:39:31.0390 3136 e1yexpress (5854c5f63de7a432333b556aaf25ac30) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
14:39:31.0390 3136 e1yexpress - ok
14:39:31.0484 3136 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:39:31.0546 3136 Fastfat - ok
14:39:31.0562 3136 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:39:31.0562 3136 Fdc - ok
14:39:31.0578 3136 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:39:31.0578 3136 Fips - ok
14:39:31.0593 3136 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:39:31.0593 3136 Flpydisk - ok
14:39:31.0671 3136 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:39:31.0671 3136 FltMgr - ok
14:39:31.0687 3136 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:39:31.0687 3136 Fs_Rec - ok
14:39:31.0703 3136 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:39:31.0703 3136 Ftdisk - ok
14:39:31.0718 3136 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:39:31.0718 3136 Gpc - ok
14:39:31.0765 3136 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:39:31.0765 3136 HDAudBus - ok
14:39:31.0843 3136 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:39:31.0843 3136 hidusb - ok
14:39:31.0875 3136 hpn - ok
14:39:31.0953 3136 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:39:31.0953 3136 HTTP - ok
14:39:31.0968 3136 i2omgmt - ok
14:39:31.0984 3136 i2omp - ok
14:39:32.0015 3136 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
14:39:32.0015 3136 i8042prt - ok
14:39:32.0062 3136 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:39:32.0062 3136 Imapi - ok
14:39:32.0125 3136 ini910u - ok
14:39:32.0156 3136 IntelIde - ok
14:39:32.0187 3136 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:39:32.0187 3136 intelppm - ok
14:39:32.0218 3136 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:39:32.0218 3136 Ip6Fw - ok
14:39:32.0281 3136 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:39:32.0281 3136 IpFilterDriver - ok
14:39:32.0312 3136 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:39:32.0312 3136 IpInIp - ok
14:39:32.0328 3136 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:39:32.0343 3136 IpNat - ok
14:39:32.0359 3136 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:39:32.0359 3136 IPSec - ok
14:39:32.0421 3136 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:39:32.0421 3136 IRENUM - ok
14:39:32.0500 3136 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:39:32.0500 3136 isapnp - ok
14:39:32.0609 3136 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:39:32.0609 3136 Kbdclass - ok
14:39:32.0656 3136 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:39:32.0671 3136 kbdhid - ok
14:39:32.0750 3136 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:39:32.0765 3136 kmixer - ok
14:39:32.0828 3136 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:39:32.0828 3136 KSecDD - ok
14:39:32.0843 3136 lbrtfdc - ok
14:39:32.0890 3136 LMIInfo - ok
14:39:32.0921 3136 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
14:39:32.0921 3136 lmimirr - ok
14:39:32.0937 3136 LMIRfsClientNP - ok
14:39:33.0015 3136 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
14:39:33.0015 3136 LMIRfsDriver - ok
14:39:33.0078 3136 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:39:33.0078 3136 mnmdd - ok
14:39:33.0156 3136 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:39:33.0156 3136 Modem - ok
14:39:33.0218 3136 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:39:33.0218 3136 Mouclass - ok
14:39:33.0281 3136 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:39:33.0281 3136 mouhid - ok
14:39:33.0296 3136 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:39:33.0296 3136 MountMgr - ok
14:39:33.0406 3136 MpKsl06b810b7 - ok
14:39:33.0406 3136 MpKsl1ac66141 - ok
14:39:33.0406 3136 MpKsl2bffa4f3 - ok
14:39:33.0421 3136 MpKsl3dd639ab - ok
14:39:33.0421 3136 MpKsl3ee6b27e - ok
14:39:33.0421 3136 MpKsl42c55817 - ok
14:39:33.0421 3136 MpKsl4f969476 - ok
14:39:33.0437 3136 MpKsl53b0eed7 - ok
14:39:33.0437 3136 MpKsl5ba1b3be - ok
14:39:33.0437 3136 MpKsl63898193 - ok
14:39:33.0437 3136 MpKsl76c2176a - ok
14:39:33.0437 3136 MpKsl8773eb8e - ok
14:39:33.0453 3136 MpKsl935305f2 - ok
14:39:33.0453 3136 MpKsl9597717e - ok
14:39:33.0453 3136 MpKslb4ee7440 - ok
14:39:33.0453 3136 MpKslbf532416 - ok
14:39:33.0468 3136 MpKsldb37e6d8 - ok
14:39:33.0468 3136 MpKsle513fdeb - ok
14:39:33.0468 3136 MpKsle6f6e2b0 - ok
14:39:33.0468 3136 MpKsleb177773 - ok
14:39:33.0484 3136 MpKslf433ae2d - ok
14:39:33.0484 3136 MpKslfde536e0 - ok
14:39:33.0546 3136 mraid35x - ok
14:39:33.0609 3136 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:39:33.0625 3136 MRxDAV - ok
14:39:33.0687 3136 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:39:33.0703 3136 MRxSmb - ok
14:39:33.0718 3136 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:39:33.0718 3136 Msfs - ok
14:39:33.0796 3136 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:39:33.0796 3136 MSKSSRV - ok
14:39:33.0812 3136 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:39:33.0812 3136 MSPCLOCK - ok
14:39:33.0828 3136 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:39:33.0828 3136 MSPQM - ok
14:39:33.0890 3136 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:39:33.0890 3136 mssmbios - ok
14:39:33.0921 3136 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
14:39:33.0921 3136 Mup - ok
14:39:33.0937 3136 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:39:33.0953 3136 NDIS - ok
14:39:33.0984 3136 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:39:33.0984 3136 NdisTapi - ok
14:39:34.0078 3136 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:39:34.0078 3136 Ndisuio - ok
14:39:34.0156 3136 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:39:34.0156 3136 NdisWan - ok
14:39:34.0187 3136 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:39:34.0203 3136 NDProxy - ok
14:39:34.0234 3136 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:39:34.0234 3136 NetBIOS - ok
14:39:34.0296 3136 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:39:34.0312 3136 NetBT - ok
14:39:34.0437 3136 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:39:34.0437 3136 NIC1394 - ok
14:39:34.0484 3136 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:39:34.0484 3136 Npfs - ok
14:39:34.0546 3136 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:39:34.0562 3136 Ntfs - ok
14:39:34.0593 3136 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:39:34.0593 3136 Null - ok
14:39:34.0953 3136 nv (f1de35c89d98a883d1b4030dc9896855) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:39:35.0250 3136 nv - ok
14:39:35.0375 3136 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:39:35.0375 3136 NwlnkFlt - ok
14:39:35.0406 3136 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:39:35.0406 3136 NwlnkFwd - ok
14:39:35.0484 3136 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:39:35.0484 3136 ohci1394 - ok
14:39:35.0593 3136 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:39:35.0593 3136 Parport - ok
14:39:35.0625 3136 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:39:35.0625 3136 PartMgr - ok
14:39:35.0640 3136 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:39:35.0640 3136 ParVdm - ok
14:39:35.0718 3136 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:39:35.0718 3136 PCI - ok
14:39:35.0765 3136 PCIDump - ok
14:39:35.0796 3136 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:39:35.0796 3136 PCIIde - ok
14:39:35.0875 3136 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:39:35.0875 3136 Pcmcia - ok
14:39:35.0890 3136 PDCOMP - ok
14:39:35.0906 3136 PDFRAME - ok
14:39:35.0921 3136 PDRELI - ok
14:39:35.0937 3136 PDRFRAME - ok
14:39:35.0953 3136 perc2 - ok
14:39:35.0968 3136 perc2hib - ok
14:39:36.0062 3136 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:39:36.0062 3136 PptpMiniport - ok
14:39:36.0078 3136 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:39:36.0078 3136 PSched - ok
14:39:36.0093 3136 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:39:36.0093 3136 Ptilink - ok
14:39:36.0140 3136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:39:36.0140 3136 PxHelp20 - ok
14:39:36.0171 3136 ql1080 - ok
14:39:36.0187 3136 Ql10wnt - ok
14:39:36.0203 3136 ql12160 - ok
14:39:36.0218 3136 ql1240 - ok
14:39:36.0234 3136 ql1280 - ok
14:39:36.0250 3136 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:39:36.0250 3136 RasAcd - ok
14:39:36.0328 3136 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:39:36.0328 3136 Rasl2tp - ok
14:39:36.0343 3136 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:39:36.0343 3136 RasPppoe - ok
14:39:36.0359 3136 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:39:36.0359 3136 Raspti - ok
14:39:36.0390 3136 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:39:36.0406 3136 Rdbss - ok
14:39:36.0421 3136 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:39:36.0421 3136 RDPCDD - ok
14:39:36.0453 3136 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:39:36.0468 3136 rdpdr - ok
14:39:36.0531 3136 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
14:39:36.0531 3136 RDPWD - ok
14:39:36.0562 3136 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:39:36.0562 3136 redbook - ok
14:39:36.0640 3136 rt2870 (c2a6f7f35e617744a65dbfb0c0a64adc) C:\WINDOWS\system32\DRIVERS\rt2870.sys
14:39:36.0656 3136 rt2870 - ok
14:39:36.0734 3136 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:39:36.0734 3136 Secdrv - ok
14:39:36.0765 3136 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:39:36.0781 3136 serenum - ok
14:39:36.0828 3136 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:39:36.0828 3136 Serial - ok
14:39:36.0843 3136 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:39:36.0843 3136 Sfloppy - ok
14:39:36.0859 3136 Simbad - ok
14:39:36.0875 3136 Sparrow - ok
14:39:36.0937 3136 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:39:36.0937 3136 splitter - ok
14:39:37.0000 3136 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:39:37.0000 3136 sr - ok
14:39:37.0046 3136 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:39:37.0078 3136 Srv - ok
14:39:37.0187 3136 STHDA (0ffda1cb46a4be1fcdd8de6e3ced5b50) C:\WINDOWS\system32\drivers\sthda.sys
14:39:37.0203 3136 STHDA - ok
14:39:37.0234 3136 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:39:37.0234 3136 swenum - ok
14:39:37.0296 3136 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:39:37.0296 3136 swmidi - ok
14:39:37.0312 3136 symc810 - ok
14:39:37.0328 3136 symc8xx - ok
14:39:37.0343 3136 sym_hi - ok
14:39:37.0359 3136 sym_u3 - ok
14:39:37.0390 3136 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:39:37.0390 3136 sysaudio - ok
14:39:37.0453 3136 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:39:37.0500 3136 Tcpip - ok
14:39:37.0562 3136 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:39:37.0562 3136 TDPIPE - ok
14:39:37.0593 3136 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:39:37.0593 3136 TDTCP - ok
14:39:37.0656 3136 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:39:37.0671 3136 TermDD - ok
14:39:37.0703 3136 TosIde - ok
14:39:37.0796 3136 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:39:37.0812 3136 Udfs - ok
14:39:37.0828 3136 ultra - ok
14:39:37.0859 3136 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:39:37.0875 3136 Update - ok
14:39:37.0953 3136 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:39:37.0953 3136 usbaudio - ok
14:39:38.0031 3136 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:39:38.0031 3136 usbccgp - ok
14:39:38.0062 3136 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:39:38.0062 3136 usbehci - ok
14:39:38.0109 3136 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:39:38.0109 3136 usbhub - ok
14:39:38.0156 3136 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:39:38.0156 3136 usbprint - ok
14:39:38.0171 3136 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:39:38.0171 3136 usbscan - ok
14:39:38.0234 3136 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:39:38.0234 3136 USBSTOR - ok
14:39:38.0250 3136 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:39:38.0265 3136 usbuhci - ok
14:39:38.0296 3136 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:39:38.0296 3136 VgaSave - ok
14:39:38.0328 3136 ViaIde - ok
14:39:38.0359 3136 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:39:38.0359 3136 VolSnap - ok
14:39:38.0375 3136 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:39:38.0375 3136 Wanarp - ok
14:39:38.0421 3136 WDICA - ok
14:39:38.0515 3136 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:39:38.0515 3136 wdmaud - ok
14:39:38.0546 3136 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:39:38.0687 3136 \Device\Harddisk0\DR0 - ok
14:39:38.0734 3136 MBR (0x1B8) (4c174fe99672b3a91fda305d2eb1efed) \Device\Harddisk1\DR2
14:39:38.0921 3136 \Device\Harddisk1\DR2 - ok
14:39:38.0937 3136 Boot (0x1200) (0b302d5c86158cd12a52024f8d5b7df2) \Device\Harddisk0\DR0\Partition0
14:39:38.0937 3136 \Device\Harddisk0\DR0\Partition0 - ok
14:39:38.0937 3136 Boot (0x1200) (e40b1ee070e0531d51740b88a6feb5ab) \Device\Harddisk1\DR2\Partition0
14:39:38.0953 3136 \Device\Harddisk1\DR2\Partition0 - ok
14:39:38.0953 3136 ============================================================
14:39:38.0953 3136 Scan finished
14:39:38.0953 3136 ============================================================
14:39:38.0953 3128 Detected object count: 0
14:39:38.0953 3128 Actual detected object count: 0

TDSSKiller w/ change parameters


14:39:01.0078 2600 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:39:01.0125 2600 ============================================================
14:39:01.0125 2600 Current date / time: 2011/12/26 14:39:01.0125
14:39:01.0125 2600 SystemInfo:
14:39:01.0125 2600
14:39:01.0125 2600 OS Version: 5.1.2600 ServicePack: 3.0
14:39:01.0125 2600 Product type: Workstation
14:39:01.0125 2600 ComputerName: GABE-PC
14:39:01.0125 2600 UserName: Administrator
14:39:01.0125 2600 Windows directory: C:\WINDOWS
14:39:01.0125 2600 System windows directory: C:\WINDOWS
14:39:01.0125 2600 Processor architecture: Intel x86
14:39:01.0125 2600 Number of processors: 2
14:39:01.0125 2600 Page size: 0x1000
14:39:01.0125 2600 Boot type: Normal boot
14:39:01.0125 2600 ============================================================
14:39:02.0984 2600 Initialize success
14:39:29.0484 3136 ============================================================
14:39:29.0484 3136 Scan started
14:39:29.0484 3136 Mode: Manual;
14:39:29.0484 3136 ============================================================
14:39:29.0781 3136 Abiosdsk - ok
14:39:29.0796 3136 abp480n5 - ok
14:39:29.0875 3136 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:39:29.0875 3136 ACPI - ok
14:39:29.0953 3136 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:39:29.0953 3136 ACPIEC - ok
14:39:29.0968 3136 adpu160m - ok
14:39:30.0031 3136 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:39:30.0046 3136 aec - ok
14:39:30.0109 3136 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
14:39:30.0109 3136 AegisP - ok
14:39:30.0187 3136 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
14:39:30.0203 3136 AFD - ok
14:39:30.0234 3136 Aha154x - ok
14:39:30.0265 3136 aic78u2 - ok
14:39:30.0281 3136 aic78xx - ok
14:39:30.0296 3136 AliIde - ok
14:39:30.0312 3136 amsint - ok
14:39:30.0375 3136 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:39:30.0375 3136 Arp1394 - ok
14:39:30.0390 3136 asc - ok
14:39:30.0406 3136 asc3350p - ok
14:39:30.0421 3136 asc3550 - ok
14:39:30.0453 3136 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:39:30.0453 3136 AsyncMac - ok
14:39:30.0562 3136 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:39:30.0562 3136 atapi - ok
14:39:30.0562 3136 Atdisk - ok
14:39:30.0593 3136 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:39:30.0593 3136 Atmarpc - ok
14:39:30.0640 3136 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:39:30.0640 3136 audstub - ok
14:39:30.0687 3136 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:39:30.0687 3136 Beep - ok
14:39:30.0687 3136 catchme - ok
14:39:30.0718 3136 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:39:30.0718 3136 cbidf2k - ok
14:39:30.0734 3136 cd20xrnt - ok
14:39:30.0750 3136 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:39:30.0750 3136 Cdaudio - ok
14:39:30.0796 3136 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:39:30.0796 3136 Cdfs - ok
14:39:30.0875 3136 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:39:30.0875 3136 Cdrom - ok
14:39:30.0906 3136 cerc6 - ok
14:39:30.0921 3136 Changer - ok
14:39:30.0953 3136 CmdIde - ok
14:39:30.0984 3136 Cpqarray - ok
14:39:31.0000 3136 dac2w2k - ok
14:39:31.0015 3136 dac960nt - ok
14:39:31.0046 3136 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:39:31.0046 3136 Disk - ok
14:39:31.0093 3136 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:39:31.0125 3136 dmboot - ok
14:39:31.0156 3136 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:39:31.0171 3136 dmio - ok
14:39:31.0187 3136 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:39:31.0187 3136 dmload - ok
14:39:31.0250 3136 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:39:31.0265 3136 DMusic - ok
14:39:31.0281 3136 dpti2o - ok
14:39:31.0343 3136 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:39:31.0343 3136 drmkaud - ok
14:39:31.0390 3136 e1yexpress (5854c5f63de7a432333b556aaf25ac30) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
14:39:31.0390 3136 e1yexpress - ok
14:39:31.0484 3136 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:39:31.0546 3136 Fastfat - ok
14:39:31.0562 3136 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:39:31.0562 3136 Fdc - ok
14:39:31.0578 3136 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:39:31.0578 3136 Fips - ok
14:39:31.0593 3136 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:39:31.0593 3136 Flpydisk - ok
14:39:31.0671 3136 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:39:31.0671 3136 FltMgr - ok
14:39:31.0687 3136 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:39:31.0687 3136 Fs_Rec - ok
14:39:31.0703 3136 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:39:31.0703 3136 Ftdisk - ok
14:39:31.0718 3136 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:39:31.0718 3136 Gpc - ok
14:39:31.0765 3136 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:39:31.0765 3136 HDAudBus - ok
14:39:31.0843 3136 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:39:31.0843 3136 hidusb - ok
14:39:31.0875 3136 hpn - ok
14:39:31.0953 3136 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:39:31.0953 3136 HTTP - ok
14:39:31.0968 3136 i2omgmt - ok
14:39:31.0984 3136 i2omp - ok
14:39:32.0015 3136 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
14:39:32.0015 3136 i8042prt - ok
14:39:32.0062 3136 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:39:32.0062 3136 Imapi - ok
14:39:32.0125 3136 ini910u - ok
14:39:32.0156 3136 IntelIde - ok
14:39:32.0187 3136 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:39:32.0187 3136 intelppm - ok
14:39:32.0218 3136 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:39:32.0218 3136 Ip6Fw - ok
14:39:32.0281 3136 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:39:32.0281 3136 IpFilterDriver - ok
14:39:32.0312 3136 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:39:32.0312 3136 IpInIp - ok
14:39:32.0328 3136 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:39:32.0343 3136 IpNat - ok
14:39:32.0359 3136 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:39:32.0359 3136 IPSec - ok
14:39:32.0421 3136 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:39:32.0421 3136 IRENUM - ok
14:39:32.0500 3136 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:39:32.0500 3136 isapnp - ok
14:39:32.0609 3136 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:39:32.0609 3136 Kbdclass - ok
14:39:32.0656 3136 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:39:32.0671 3136 kbdhid - ok
14:39:32.0750 3136 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:39:32.0765 3136 kmixer - ok
14:39:32.0828 3136 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:39:32.0828 3136 KSecDD - ok
14:39:32.0843 3136 lbrtfdc - ok
14:39:32.0890 3136 LMIInfo - ok
14:39:32.0921 3136 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
14:39:32.0921 3136 lmimirr - ok
14:39:32.0937 3136 LMIRfsClientNP - ok
14:39:33.0015 3136 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
14:39:33.0015 3136 LMIRfsDriver - ok
14:39:33.0078 3136 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:39:33.0078 3136 mnmdd - ok
14:39:33.0156 3136 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:39:33.0156 3136 Modem - ok
14:39:33.0218 3136 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:39:33.0218 3136 Mouclass - ok
14:39:33.0281 3136 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:39:33.0281 3136 mouhid - ok
14:39:33.0296 3136 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:39:33.0296 3136 MountMgr - ok
14:39:33.0406 3136 MpKsl06b810b7 - ok
14:39:33.0406 3136 MpKsl1ac66141 - ok
14:39:33.0406 3136 MpKsl2bffa4f3 - ok
14:39:33.0421 3136 MpKsl3dd639ab - ok
14:39:33.0421 3136 MpKsl3ee6b27e - ok
14:39:33.0421 3136 MpKsl42c55817 - ok
14:39:33.0421 3136 MpKsl4f969476 - ok
14:39:33.0437 3136 MpKsl53b0eed7 - ok
14:39:33.0437 3136 MpKsl5ba1b3be - ok
14:39:33.0437 3136 MpKsl63898193 - ok
14:39:33.0437 3136 MpKsl76c2176a - ok
14:39:33.0437 3136 MpKsl8773eb8e - ok
14:39:33.0453 3136 MpKsl935305f2 - ok
14:39:33.0453 3136 MpKsl9597717e - ok
14:39:33.0453 3136 MpKslb4ee7440 - ok
14:39:33.0453 3136 MpKslbf532416 - ok
14:39:33.0468 3136 MpKsldb37e6d8 - ok
14:39:33.0468 3136 MpKsle513fdeb - ok
14:39:33.0468 3136 MpKsle6f6e2b0 - ok
14:39:33.0468 3136 MpKsleb177773 - ok
14:39:33.0484 3136 MpKslf433ae2d - ok
14:39:33.0484 3136 MpKslfde536e0 - ok
14:39:33.0546 3136 mraid35x - ok
14:39:33.0609 3136 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:39:33.0625 3136 MRxDAV - ok
14:39:33.0687 3136 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:39:33.0703 3136 MRxSmb - ok
14:39:33.0718 3136 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:39:33.0718 3136 Msfs - ok
14:39:33.0796 3136 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:39:33.0796 3136 MSKSSRV - ok
14:39:33.0812 3136 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:39:33.0812 3136 MSPCLOCK - ok
14:39:33.0828 3136 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:39:33.0828 3136 MSPQM - ok
14:39:33.0890 3136 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:39:33.0890 3136 mssmbios - ok
14:39:33.0921 3136 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
14:39:33.0921 3136 Mup - ok
14:39:33.0937 3136 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:39:33.0953 3136 NDIS - ok
14:39:33.0984 3136 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:39:33.0984 3136 NdisTapi - ok
14:39:34.0078 3136 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:39:34.0078 3136 Ndisuio - ok
14:39:34.0156 3136 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:39:34.0156 3136 NdisWan - ok
14:39:34.0187 3136 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:39:34.0203 3136 NDProxy - ok
14:39:34.0234 3136 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:39:34.0234 3136 NetBIOS - ok
14:39:34.0296 3136 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:39:34.0312 3136 NetBT - ok
14:39:34.0437 3136 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:39:34.0437 3136 NIC1394 - ok
14:39:34.0484 3136 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:39:34.0484 3136 Npfs - ok
14:39:34.0546 3136 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:39:34.0562 3136 Ntfs - ok
14:39:34.0593 3136 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:39:34.0593 3136 Null - ok
14:39:34.0953 3136 nv (f1de35c89d98a883d1b4030dc9896855) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:39:35.0250 3136 nv - ok
14:39:35.0375 3136 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:39:35.0375 3136 NwlnkFlt - ok
14:39:35.0406 3136 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:39:35.0406 3136 NwlnkFwd - ok
14:39:35.0484 3136 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:39:35.0484 3136 ohci1394 - ok
14:39:35.0593 3136 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:39:35.0593 3136 Parport - ok
14:39:35.0625 3136 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:39:35.0625 3136 PartMgr - ok
14:39:35.0640 3136 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:39:35.0640 3136 ParVdm - ok
14:39:35.0718 3136 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:39:35.0718 3136 PCI - ok
14:39:35.0765 3136 PCIDump - ok
14:39:35.0796 3136 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:39:35.0796 3136 PCIIde - ok
14:39:35.0875 3136 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:39:35.0875 3136 Pcmcia - ok
14:39:35.0890 3136 PDCOMP - ok
14:39:35.0906 3136 PDFRAME - ok
14:39:35.0921 3136 PDRELI - ok
14:39:35.0937 3136 PDRFRAME - ok
14:39:35.0953 3136 perc2 - ok
14:39:35.0968 3136 perc2hib - ok
14:39:36.0062 3136 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:39:36.0062 3136 PptpMiniport - ok
14:39:36.0078 3136 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:39:36.0078 3136 PSched - ok
14:39:36.0093 3136 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:39:36.0093 3136 Ptilink - ok
14:39:36.0140 3136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:39:36.0140 3136 PxHelp20 - ok
14:39:36.0171 3136 ql1080 - ok
14:39:36.0187 3136 Ql10wnt - ok
14:39:36.0203 3136 ql12160 - ok
14:39:36.0218 3136 ql1240 - ok
14:39:36.0234 3136 ql1280 - ok
14:39:36.0250 3136 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:39:36.0250 3136 RasAcd - ok
14:39:36.0328 3136 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:39:36.0328 3136 Rasl2tp - ok
14:39:36.0343 3136 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:39:36.0343 3136 RasPppoe - ok
14:39:36.0359 3136 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:39:36.0359 3136 Raspti - ok
14:39:36.0390 3136 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:39:36.0406 3136 Rdbss - ok
14:39:36.0421 3136 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:39:36.0421 3136 RDPCDD - ok
14:39:36.0453 3136 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:39:36.0468 3136 rdpdr - ok
14:39:36.0531 3136 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
14:39:36.0531 3136 RDPWD - ok
14:39:36.0562 3136 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:39:36.0562 3136 redbook - ok
14:39:36.0640 3136 rt2870 (c2a6f7f35e617744a65dbfb0c0a64adc) C:\WINDOWS\system32\DRIVERS\rt2870.sys
14:39:36.0656 3136 rt2870 - ok
14:39:36.0734 3136 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:39:36.0734 3136 Secdrv - ok
14:39:36.0765 3136 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:39:36.0781 3136 serenum - ok
14:39:36.0828 3136 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:39:36.0828 3136 Serial - ok
14:39:36.0843 3136 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:39:36.0843 3136 Sfloppy - ok
14:39:36.0859 3136 Simbad - ok
14:39:36.0875 3136 Sparrow - ok
14:39:36.0937 3136 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:39:36.0937 3136 splitter - ok
14:39:37.0000 3136 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:39:37.0000 3136 sr - ok
14:39:37.0046 3136 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:39:37.0078 3136 Srv - ok
14:39:37.0187 3136 STHDA (0ffda1cb46a4be1fcdd8de6e3ced5b50) C:\WINDOWS\system32\drivers\sthda.sys
14:39:37.0203 3136 STHDA - ok
14:39:37.0234 3136 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:39:37.0234 3136 swenum - ok
14:39:37.0296 3136 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:39:37.0296 3136 swmidi - ok
14:39:37.0312 3136 symc810 - ok
14:39:37.0328 3136 symc8xx - ok
14:39:37.0343 3136 sym_hi - ok
14:39:37.0359 3136 sym_u3 - ok
14:39:37.0390 3136 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:39:37.0390 3136 sysaudio - ok
14:39:37.0453 3136 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:39:37.0500 3136 Tcpip - ok
14:39:37.0562 3136 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:39:37.0562 3136 TDPIPE - ok
14:39:37.0593 3136 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:39:37.0593 3136 TDTCP - ok
14:39:37.0656 3136 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:39:37.0671 3136 TermDD - ok
14:39:37.0703 3136 TosIde - ok
14:39:37.0796 3136 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:39:37.0812 3136 Udfs - ok
14:39:37.0828 3136 ultra - ok
14:39:37.0859 3136 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:39:37.0875 3136 Update - ok
14:39:37.0953 3136 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:39:37.0953 3136 usbaudio - ok
14:39:38.0031 3136 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:39:38.0031 3136 usbccgp - ok
14:39:38.0062 3136 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:39:38.0062 3136 usbehci - ok
14:39:38.0109 3136 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:39:38.0109 3136 usbhub - ok
14:39:38.0156 3136 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:39:38.0156 3136 usbprint - ok
14:39:38.0171 3136 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:39:38.0171 3136 usbscan - ok
14:39:38.0234 3136 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:39:38.0234 3136 USBSTOR - ok
14:39:38.0250 3136 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:39:38.0265 3136 usbuhci - ok
14:39:38.0296 3136 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:39:38.0296 3136 VgaSave - ok
14:39:38.0328 3136 ViaIde - ok
14:39:38.0359 3136 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:39:38.0359 3136 VolSnap - ok
14:39:38.0375 3136 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:39:38.0375 3136 Wanarp - ok
14:39:38.0421 3136 WDICA - ok
14:39:38.0515 3136 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:39:38.0515 3136 wdmaud - ok
14:39:38.0546 3136 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:39:38.0687 3136 \Device\Harddisk0\DR0 - ok
14:39:38.0734 3136 MBR (0x1B8) (4c174fe99672b3a91fda305d2eb1efed) \Device\Harddisk1\DR2
14:39:38.0921 3136 \Device\Harddisk1\DR2 - ok
14:39:38.0937 3136 Boot (0x1200) (0b302d5c86158cd12a52024f8d5b7df2) \Device\Harddisk0\DR0\Partition0
14:39:38.0937 3136 \Device\Harddisk0\DR0\Partition0 - ok
14:39:38.0937 3136 Boot (0x1200) (e40b1ee070e0531d51740b88a6feb5ab) \Device\Harddisk1\DR2\Partition0
14:39:38.0953 3136 \Device\Harddisk1\DR2\Partition0 - ok
14:39:38.0953 3136 ============================================================
14:39:38.0953 3136 Scan finished
14:39:38.0953 3136 ============================================================
14:39:38.0953 3128 Detected object count: 0
14:39:38.0953 3128 Actual detected object count: 0
14:45:16.0906 2128 ============================================================
14:45:16.0906 2128 Scan started
14:45:16.0906 2128 Mode: Manual; SigCheck; TDLFS;
14:45:16.0906 2128 ============================================================
14:45:17.0281 2128 Abiosdsk - ok
14:45:17.0312 2128 abp480n5 - ok
14:45:17.0375 2128 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:45:18.0140 2128 ACPI - ok
14:45:18.0265 2128 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:45:18.0390 2128 ACPIEC - ok
14:45:18.0453 2128 adpu160m - ok
14:45:18.0515 2128 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:45:18.0640 2128 aec - ok
14:45:18.0703 2128 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
14:45:18.0718 2128 AegisP ( UnsignedFile.Multi.Generic ) - warning
14:45:18.0718 2128 AegisP - detected UnsignedFile.Multi.Generic (1)
14:45:18.0812 2128 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
14:45:18.0921 2128 AFD - ok
14:45:18.0953 2128 Aha154x - ok
14:45:18.0968 2128 aic78u2 - ok
14:45:18.0984 2128 aic78xx - ok
14:45:19.0000 2128 AliIde - ok
14:45:19.0031 2128 amsint - ok
14:45:19.0093 2128 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:45:19.0203 2128 Arp1394 - ok
14:45:19.0250 2128 asc - ok
14:45:19.0265 2128 asc3350p - ok
14:45:19.0281 2128 asc3550 - ok
14:45:19.0296 2128 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:45:19.0421 2128 AsyncMac - ok
14:45:19.0500 2128 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:45:19.0609 2128 atapi - ok
14:45:19.0671 2128 Atdisk - ok
14:45:19.0734 2128 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:45:19.0828 2128 Atmarpc - ok
14:45:19.0875 2128 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:45:19.0968 2128 audstub - ok
14:45:20.0015 2128 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:45:20.0125 2128 Beep - ok
14:45:20.0140 2128 catchme - ok
14:45:20.0218 2128 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:45:20.0328 2128 cbidf2k - ok
14:45:20.0359 2128 cd20xrnt - ok
14:45:20.0375 2128 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:45:20.0468 2128 Cdaudio - ok
14:45:20.0546 2128 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:45:20.0671 2128 Cdfs - ok
14:45:20.0765 2128 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:45:20.0875 2128 Cdrom - ok
14:45:20.0906 2128 cerc6 - ok
14:45:20.0921 2128 Changer - ok
14:45:20.0953 2128 CmdIde - ok
14:45:20.0968 2128 Cpqarray - ok
14:45:20.0984 2128 dac2w2k - ok
14:45:21.0000 2128 dac960nt - ok
14:45:21.0031 2128 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:45:21.0140 2128 Disk - ok
14:45:21.0265 2128 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:45:21.0406 2128 dmboot - ok
14:45:21.0531 2128 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:45:21.0640 2128 dmio - ok
14:45:21.0687 2128 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:45:21.0796 2128 dmload - ok
14:45:21.0890 2128 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:45:22.0000 2128 DMusic - ok
14:45:22.0031 2128 dpti2o - ok
14:45:22.0109 2128 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:45:22.0203 2128 drmkaud - ok
14:45:22.0234 2128 e1yexpress (5854c5f63de7a432333b556aaf25ac30) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
14:45:22.0281 2128 e1yexpress - ok
14:45:22.0406 2128 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:45:22.0531 2128 Fastfat - ok
14:45:22.0562 2128 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:45:22.0671 2128 Fdc - ok
14:45:22.0781 2128 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:45:22.0890 2128 Fips - ok
14:45:22.0937 2128 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:45:23.0015 2128 Flpydisk - ok
14:45:23.0125 2128 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:45:23.0234 2128 FltMgr - ok
14:45:23.0281 2128 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:45:23.0421 2128 Fs_Rec - ok
14:45:23.0468 2128 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:45:23.0578 2128 Ftdisk - ok
14:45:23.0703 2128 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:45:23.0828 2128 Gpc - ok
14:45:23.0921 2128 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:45:24.0015 2128 HDAudBus - ok
14:45:24.0062 2128 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:45:24.0140 2128 hidusb - ok
14:45:24.0203 2128 hpn - ok
14:45:24.0265 2128 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:45:24.0359 2128 HTTP - ok
14:45:24.0390 2128 i2omgmt - ok
14:45:24.0453 2128 i2omp - ok
14:45:24.0468 2128 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
14:45:24.0578 2128 i8042prt - ok
14:45:24.0671 2128 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:45:24.0750 2128 Imapi - ok
14:45:24.0796 2128 ini910u - ok
14:45:24.0812 2128 IntelIde - ok
14:45:24.0828 2128 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:45:24.0937 2128 intelppm - ok
14:45:25.0031 2128 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:45:25.0156 2128 Ip6Fw - ok
14:45:25.0250 2128 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:45:25.0359 2128 IpFilterDriver - ok
14:45:25.0453 2128 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:45:25.0546 2128 IpInIp - ok
14:45:25.0625 2128 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:45:25.0734 2128 IpNat - ok
14:45:25.0812 2128 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:45:25.0906 2128 IPSec - ok
14:45:26.0015 2128 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:45:26.0078 2128 IRENUM - ok
14:45:26.0156 2128 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:45:26.0265 2128 isapnp - ok
14:45:26.0375 2128 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:45:26.0484 2128 Kbdclass - ok
14:45:26.0562 2128 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:45:26.0656 2128 kbdhid - ok
14:45:26.0765 2128 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:45:26.0875 2128 kmixer - ok
14:45:26.0953 2128 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:45:27.0046 2128 KSecDD - ok
14:45:27.0109 2128 lbrtfdc - ok
14:45:27.0203 2128 LMIInfo - ok
14:45:27.0265 2128 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
14:45:27.0265 2128 lmimirr - ok
14:45:27.0312 2128 LMIRfsClientNP - ok
14:45:27.0328 2128 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
14:45:27.0343 2128 LMIRfsDriver - ok
14:45:27.0406 2128 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:45:27.0515 2128 mnmdd - ok
14:45:27.0609 2128 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:45:27.0718 2128 Modem - ok
14:45:27.0796 2128 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:45:27.0906 2128 Mouclass - ok
14:45:28.0000 2128 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:45:28.0109 2128 mouhid - ok
14:45:28.0203 2128 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:45:28.0312 2128 MountMgr - ok
14:45:28.0406 2128 MpKsl06b810b7 - ok
14:45:28.0421 2128 MpKsl1ac66141 - ok
14:45:28.0421 2128 MpKsl2bffa4f3 - ok
14:45:28.0421 2128 MpKsl3dd639ab - ok
14:45:28.0421 2128 MpKsl3ee6b27e - ok
14:45:28.0437 2128 MpKsl42c55817 - ok
14:45:28.0437 2128 MpKsl4f969476 - ok
14:45:28.0437 2128 MpKsl53b0eed7 - ok
14:45:28.0437 2128 MpKsl5ba1b3be - ok
14:45:28.0437 2128 MpKsl63898193 - ok
14:45:28.0453 2128 MpKsl76c2176a - ok
14:45:28.0453 2128 MpKsl8773eb8e - ok
14:45:28.0453 2128 MpKsl935305f2 - ok
14:45:28.0453 2128 MpKsl9597717e - ok
14:45:28.0468 2128 MpKslb4ee7440 - ok
14:45:28.0468 2128 MpKslbf532416 - ok
14:45:28.0468 2128 MpKsldb37e6d8 - ok
14:45:28.0468 2128 MpKsle513fdeb - ok
14:45:28.0468 2128 MpKsle6f6e2b0 - ok
14:45:28.0484 2128 MpKsleb177773 - ok
14:45:28.0484 2128 MpKslf433ae2d - ok
14:45:28.0484 2128 MpKslfde536e0 - ok
14:45:28.0578 2128 mraid35x - ok
14:45:28.0625 2128 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:45:28.0718 2128 MRxDAV - ok
14:45:28.0812 2128 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:45:28.0875 2128 MRxSmb - ok
14:45:28.0984 2128 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:45:29.0093 2128 Msfs - ok
14:45:29.0171 2128 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:45:29.0296 2128 MSKSSRV - ok
14:45:29.0328 2128 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:45:29.0421 2128 MSPCLOCK - ok
14:45:29.0546 2128 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:45:29.0640 2128 MSPQM - ok
14:45:29.0734 2128 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:45:29.0843 2128 mssmbios - ok
14:45:29.0937 2128 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
14:45:30.0031 2128 Mup - ok
14:45:30.0046 2128 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:45:30.0156 2128 NDIS - ok
14:45:30.0234 2128 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:45:30.0312 2128 NdisTapi - ok
14:45:30.0359 2128 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:45:30.0468 2128 Ndisuio - ok
14:45:30.0500 2128 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:45:30.0609 2128 NdisWan - ok
14:45:30.0703 2128 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:45:30.0750 2128 NDProxy - ok
14:45:30.0843 2128 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:45:30.0953 2128 NetBIOS - ok
14:45:31.0046 2128 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:45:31.0140 2128 NetBT - ok
14:45:31.0218 2128 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:45:31.0328 2128 NIC1394 - ok
14:45:31.0437 2128 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:45:31.0546 2128 Npfs - ok
14:45:31.0640 2128 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:45:31.0734 2128 Ntfs - ok
14:45:31.0781 2128 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:45:31.0890 2128 Null - ok
14:45:32.0281 2128 nv (f1de35c89d98a883d1b4030dc9896855) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:45:32.0640 2128 nv ( UnsignedFile.Multi.Generic ) - warning
14:45:32.0640 2128 nv - detected UnsignedFile.Multi.Generic (1)
14:45:32.0750 2128 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:45:32.0828 2128 NwlnkFlt - ok
14:45:32.0843 2128 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:45:32.0953 2128 NwlnkFwd - ok
14:45:33.0062 2128 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:45:33.0140 2128 ohci1394 - ok
14:45:33.0218 2128 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
14:45:33.0328 2128 Parport - ok
14:45:33.0375 2128 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:45:33.0468 2128 PartMgr - ok
14:45:33.0515 2128 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:45:33.0625 2128 ParVdm - ok
14:45:33.0703 2128 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:45:33.0812 2128 PCI - ok
14:45:33.0875 2128 PCIDump - ok
14:45:33.0890 2128 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:45:33.0984 2128 PCIIde - ok
14:45:34.0046 2128 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:45:34.0171 2128 Pcmcia - ok
14:45:34.0203 2128 PDCOMP - ok
14:45:34.0218 2128 PDFRAME - ok
14:45:34.0250 2128 PDRELI - ok
14:45:34.0265 2128 PDRFRAME - ok
14:45:34.0281 2128 perc2 - ok
14:45:34.0296 2128 perc2hib - ok
14:45:34.0375 2128 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:45:34.0453 2128 PptpMiniport - ok
14:45:34.0500 2128 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:45:34.0578 2128 PSched - ok
14:45:34.0593 2128 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:45:34.0703 2128 Ptilink - ok
14:45:34.0812 2128 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:45:34.0812 2128 PxHelp20 - ok
14:45:34.0828 2128 ql1080 - ok
14:45:34.0843 2128 Ql10wnt - ok
14:45:34.0859 2128 ql12160 - ok
14:45:34.0875 2128 ql1240 - ok
14:45:34.0906 2128 ql1280 - ok
14:45:34.0921 2128 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:45:35.0031 2128 RasAcd - ok
14:45:35.0125 2128 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:45:35.0218 2128 Rasl2tp - ok
14:45:35.0281 2128 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:45:35.0375 2128 RasPppoe - ok
14:45:35.0468 2128 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:45:35.0578 2128 Raspti - ok
14:45:35.0687 2128 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:45:35.0796 2128 Rdbss - ok
14:45:35.0859 2128 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:45:35.0968 2128 RDPCDD - ok
14:45:36.0062 2128 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:45:36.0171 2128 rdpdr - ok
14:45:36.0281 2128 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
14:45:36.0390 2128 RDPWD - ok
14:45:36.0515 2128 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:45:36.0625 2128 redbook - ok
14:45:36.0718 2128 rt2870 (c2a6f7f35e617744a65dbfb0c0a64adc) C:\WINDOWS\system32\DRIVERS\rt2870.sys
14:45:36.0828 2128 rt2870 - ok
14:45:36.0921 2128 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:45:36.0984 2128 Secdrv - ok
14:45:37.0046 2128 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:45:37.0140 2128 serenum - ok
14:45:37.0187 2128 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:45:37.0296 2128 Serial - ok
14:45:37.0375 2128 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:45:37.0468 2128 Sfloppy - ok
14:45:37.0500 2128 Simbad - ok
14:45:37.0515 2128 Sparrow - ok
14:45:37.0578 2128 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:45:37.0703 2128 splitter - ok
14:45:37.0796 2128 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:45:37.0859 2128 sr - ok
14:45:37.0953 2128 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:45:38.0015 2128 Srv - ok
14:45:38.0156 2128 STHDA (0ffda1cb46a4be1fcdd8de6e3ced5b50) C:\WINDOWS\system32\drivers\sthda.sys
14:45:38.0265 2128 STHDA - ok
14:45:38.0328 2128 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:45:38.0421 2128 swenum - ok
14:45:38.0500 2128 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:45:38.0609 2128 swmidi - ok
14:45:38.0656 2128 symc810 - ok
14:45:38.0671 2128 symc8xx - ok
14:45:38.0687 2128 sym_hi - ok
14:45:38.0703 2128 sym_u3 - ok
14:45:38.0781 2128 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:45:38.0890 2128 sysaudio - ok
14:45:38.0984 2128 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:45:39.0046 2128 Tcpip - ok
14:45:39.0140 2128 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:45:39.0218 2128 TDPIPE - ok
14:45:39.0234 2128 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:45:39.0328 2128 TDTCP - ok
14:45:39.0437 2128 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:45:39.0609 2128 TermDD - ok
14:45:39.0640 2128 TosIde - ok
14:45:39.0703 2128 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:45:39.0828 2128 Udfs - ok
14:45:39.0875 2128 ultra - ok
14:45:39.0906 2128 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:45:40.0000 2128 Update - ok
14:45:40.0093 2128 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:45:40.0171 2128 usbaudio - ok
14:45:40.0250 2128 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:45:40.0359 2128 usbccgp - ok
14:45:40.0453 2128 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:45:40.0546 2128 usbehci - ok
14:45:40.0593 2128 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:45:40.0671 2128 usbhub - ok
14:45:40.0750 2128 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:45:40.0859 2128 usbprint - ok
14:45:40.0921 2128 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:45:41.0031 2128 usbscan - ok
14:45:41.0109 2128 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:45:41.0218 2128 USBSTOR - ok
14:45:41.0296 2128 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:45:41.0375 2128 usbuhci - ok
14:45:41.0468 2128 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:45:41.0578 2128 VgaSave - ok
14:45:41.0625 2128 ViaIde - ok
14:45:41.0656 2128 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:45:41.0750 2128 VolSnap - ok
14:45:41.0843 2128 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:45:41.0953 2128 Wanarp - ok
14:45:42.0000 2128 WDICA - ok
14:45:42.0062 2128 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:45:42.0171 2128 wdmaud - ok
14:45:42.0218 2128 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:45:42.0406 2128 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:45:42.0406 2128 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:45:42.0453 2128 MBR (0x1B8) (4c174fe99672b3a91fda305d2eb1efed) \Device\Harddisk1\DR2
14:45:43.0734 2128 \Device\Harddisk1\DR2 - ok
14:45:43.0750 2128 Boot (0x1200) (0b302d5c86158cd12a52024f8d5b7df2) \Device\Harddisk0\DR0\Partition0
14:45:43.0750 2128 \Device\Harddisk0\DR0\Partition0 - ok
14:45:43.0765 2128 Boot (0x1200) (e40b1ee070e0531d51740b88a6feb5ab) \Device\Harddisk1\DR2\Partition0
14:45:43.0765 2128 \Device\Harddisk1\DR2\Partition0 - ok
14:45:43.0765 2128 ============================================================
14:45:43.0765 2128 Scan finished
14:45:43.0765 2128 ============================================================
14:45:43.0875 2124 Detected object count: 3
14:45:43.0875 2124 Actual detected object count: 3
14:47:23.0750 2124 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:23.0750 2124 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:23.0750 2124 nv ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:23.0750 2124 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:23.0750 2124 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:47:23.0750 2124 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

aswMBR -- "Fix" was not an available option to select. Was grayed out.

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-26 14:48:25
-----------------------------
14:48:25.421 OS Version: Windows 5.1.2600 Service Pack 3
14:48:25.421 Number of processors: 2 586 0xF02
14:48:25.421 ComputerName: GABE-PC UserName:
14:48:25.812 Initialize success
14:49:13.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:49:13.765 Disk 0 Vendor: Maxtor_6V080E0 VA131610 Size: 76292MB BusType: 3
14:49:15.796 Disk 0 MBR read successfully
14:49:15.796 Disk 0 MBR scan
14:49:15.796 Disk 0 Windows XP default MBR code
14:49:15.796 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76277 MB offset 63
14:49:15.796 Disk 0 scanning sectors +156216060
14:49:15.859 Disk 0 scanning C:\WINDOWS\system32\drivers
14:49:21.109 Service scanning
14:49:22.109 Modules scanning
14:49:25.656 Scan finished successfully
14:50:05.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Logs\Logs2\MBR.dat"
14:50:05.578 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Logs\Logs2\aswMBR_nofix_log122611.txt"


Malwarebytes

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7622

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/26/2011 2:53:10 PM
mbam-log-2011-12-26 (14-53-10).txt

Scan type: Quick scan
Objects scanned: 162902
Time elapsed: 1 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

-----end reports-------

Whew! lots of reports.

Thanks!
  • 0

#10
RUSTslash
Posted 26 December 2011 - 03:03 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
P.S. You were right about your suspicion. Combofix did find a rootkit malware in the PC.
  • 0

Advertisements

#11
RKinner
Posted 26 December 2011 - 03:22 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
So can you now get on line?
  • 0

#12
RUSTslash
Posted 26 December 2011 - 05:14 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Still can't :blink:

Let me know if you need me to run the first instructions you gave me or if you need me to attempt to merge netbt. I didn't see that in your instructions and I didn't just to be safe.
  • 0

#13
RUSTslash
Posted 26 December 2011 - 05:25 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Let me add also that I tried to manually set up the IP address, Subnet mask, and DNS (could not figure out the gateway info). Doing so allows me to connect and I'm seeing that I'm sending but I'm not receiving.

I did that just to test, but I've defaulted everything back and after running ipconfig, I'm actually seeing more info, just 0.0.0.0 in IP Address and Subnet mask. Everything else is blank.

Edited by RUSTslash, 26 December 2011 - 05:30 PM.

  • 0

#14
RKinner
Posted 26 December 2011 - 05:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Try the
net  start  dhcp

command again Does it say it it is already started?

The gateway is the address of your router. Normally it would be something like 192.168.0.1 or 192.168.1.1 tho sometimes I see .254 as the last number on older routers.
  • 0

#15
RUSTslash
Posted 26 December 2011 - 07:15 PM

RUSTslash

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Unfortunately, I'm getting this message:

System error 1068 has occurred.

The dependency service or group failed to start.


At least it's a different message from the beginning of my issue. I'm crossing my fingers that this is a good thing.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP