Jump to content

Malware still popping up after several scans


GrandFX

Recommended Posts

Hey their, recently I got the Win7 AV 2012 infection and I was able or atleast I thought I removed it using Malwarebytes. After the incident I've been paranoid to even using the computer because every few hours, MSE and MBam block an attack locally on my computer, and I do numerous scans a day religiously since two days ago. I want to end it once and for all and not be paranoid.

Here is my DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by GrandFX at 20:01:55 on 2011-12-11

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6077.4231 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe

C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\P4G\BatteryLife.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe,

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

uRun: [AdobeBridge]

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5A449792-9434-4B68-B062-99433796F341} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5A449792-9434-4B68-B062-99433796F341}\14355535 : DhcpNameServer = 192.168.1.1 68.87.76.182 68.87.78.134

TCP: Interfaces\{5A449792-9434-4B68-B062-99433796F341}\2375942554935323 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5A449792-9434-4B68-B062-99433796F341}\34F637D6564565 : DhcpNameServer = 192.168.2.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\GrandFX\AppData\Roaming\Mozilla\Firefox\Profiles\2t0j29ev.default\

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2011-7-31 14904]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-7 366152]

R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-4-1 67400]

R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]

R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-31 2314240]

R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-6 136176]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-7-31 79360]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-29 1431888]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-6 136176]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

S3 Spyder3;Datacolor Spyder3;C:\Windows\system32\DRIVERS\Spyder3.sys --> C:\Windows\system32\DRIVERS\Spyder3.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2011-12-12 03:48:18 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-12-12 03:47:45 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CA5A4FA-6328-4E5A-A4F1-2B1F89161AAB}\offreg.dll

2011-12-11 18:07:34 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CA5A4FA-6328-4E5A-A4F1-2B1F89161AAB}\mpengine.dll

2011-12-08 07:22:20 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\Malwarebytes

2011-12-08 07:22:11 -------- d-----w- C:\ProgramData\Malwarebytes

2011-12-08 07:22:07 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-12-08 07:22:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-12-07 22:09:59 -------- d-----w- C:\Program Files (x86)\PC Tools

2011-12-07 22:04:26 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys

2011-12-07 22:04:19 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2011-12-07 22:02:59 -------- d-----w- C:\ProgramData\PC Tools

2011-12-07 22:02:55 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\TestApp

2011-12-07 01:03:05 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\Sublime Text 2

2011-12-07 01:02:55 -------- d-----w- C:\Program Files\Sublime Text 2

2011-12-04 05:42:45 1491592 -c----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MsMpEng.exe_476e4371b3af1d47eb5bf87ed96a7b8af63db7d_cab_1eef9351\amtservices.dll

2011-12-01 10:36:42 -------- d-----w- C:\MAGICDVDCOPY_TEMP

2011-12-01 09:02:20 -------- d-----w- C:\Program Files (x86)\MagicDVDCopier

2011-11-30 20:11:18 -------- d-----w- C:\Users\GrandFX\AppData\Local\Ubisoft Game Launcher

2011-11-30 19:20:22 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-11-30 19:20:21 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2011-11-30 19:20:17 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\PunkBuster

2011-11-30 01:03:32 -------- d-----w- C:\ProgramData\boost_interprocess

2011-11-30 00:41:48 -------- d-----w- C:\Program Files (x86)\Autodesk

2011-11-30 00:37:50 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2011-11-30 00:36:58 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared

2011-11-30 00:31:18 -------- d-----w- C:\Program Files\Autodesk

2011-11-30 00:26:59 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll

2011-11-30 00:25:59 4496232 ----a-w- C:\Windows\System32\d3dx9_34.dll

2011-11-30 00:04:17 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\Autodesk

2011-11-29 18:37:03 -------- d-----w- C:\Users\GrandFX\AppData\Local\APN

2011-11-29 17:39:31 296448 ----a-w- C:\Windows\SysWow64\mfds.dll.bak

2011-11-29 17:39:00 381440 ----a-w- C:\Windows\System32\mfds.dll.bak

2011-11-29 17:36:14 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\Shark007

2011-11-29 17:36:14 -------- d-----w- C:\ProgramData\Shark007

2011-11-29 17:34:31 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\Win7codecs

2011-11-29 17:34:21 -------- d-----w- C:\Program Files (x86)\Win7codecs

2011-11-29 17:32:53 -------- d-----w- C:\ProgramData\Win7codecs

2011-11-27 20:21:28 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2011-11-27 20:20:44 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2011-11-27 20:20:44 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2011-11-18 20:26:10 735744 ----a-w- C:\Windows\SysWow64\lameACM.acm

2011-11-17 19:49:19 -------- d-----w- C:\Users\GrandFX\Sonoma

2011-11-15 18:44:03 -------- d-----w- C:\Users\GrandFX\AppData\Roaming\HDRsoft

2011-11-15 18:44:03 -------- d-----w- C:\Program Files\PhotomatixPro4

.

==================== Find3M ====================

.

2011-12-10 23:39:46 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-23 14:56:20 4574208 ----a-w- C:\Windows\System32\x264vfw.dll

2011-10-23 14:56:16 4738560 ----a-w- C:\Windows\SysWow64\x264vfw.dll

2011-10-21 06:31:57 73728 ----a-w- C:\Windows\SysWow64\RBRegEx350.dll

2011-10-21 06:31:57 67072 ----a-w- C:\Windows\SysWow64\LP0310.dll

2011-10-21 06:31:57 61952 ----a-w- C:\Windows\SysWow64\rbap350.dll

2011-10-21 06:31:57 41472 ----a-w- C:\Windows\SysWow64\MBSPlugin.DLL

2011-10-21 06:31:57 40960 ----a-w- C:\Windows\SysWow64\RBShell400.dll

2011-10-21 06:31:57 37888 ----a-w- C:\Windows\SysWow64\MBSRegistryPlugin.DLL

2011-10-21 06:31:57 35328 ----a-w- C:\Windows\SysWow64\MBSFolderPlugin.DLL

2011-10-21 06:31:57 31744 ----a-w- C:\Windows\SysWow64\MBSMacTTPlugin.DLL

2011-10-21 06:31:57 29184 ----a-w- C:\Windows\SysWow64\LP0301Gestalt.dll

2011-10-21 06:31:57 28160 ----a-w- C:\Windows\SysWow64\MBSRegPlugin.DLL

2011-10-21 06:31:57 28160 ----a-w- C:\Windows\SysWow64\LP0301ResFork.dll

2011-10-21 06:31:57 27648 ----a-w- C:\Windows\SysWow64\LP0301LinkFile.dll

2011-10-12 16:25:44 86016 ----a-w- C:\Windows\System32\ff_vfw.dll

2011-10-12 16:23:22 53760 ----a-w- C:\Windows\System32\ff_acm.acm

2011-10-11 05:30:44 1574400 ----a-w- C:\Windows\System32\VSFilter.dll

2011-10-05 15:46:42 1287168 ----a-w- C:\Windows\SysWow64\VSFilter.dll

2011-10-03 17:10:06 344064 ----a-w- C:\Windows\SysWow64\AACACM.acm

2011-10-03 17:10:04 360960 ----a-w- C:\Windows\System32\aacacm.acm

2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-09-26 00:56:26 216064 ----a-w- C:\Windows\SysWow64\lagarith.dll

2011-09-26 00:55:46 147968 ----a-w- C:\Windows\System32\lagarith.dll

.

============= FINISH: 20:03:10.67 ===============

Here is the "Attach" log: .

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/31/2011 12:15:19 PM

System Uptime: 12/11/2011 7:47:27 PM (1 hours ago)

.

Motherboard: PEGATRON CORPORATION | | G60JX

Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz | Socket 989 | 928/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 95.148 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP108: 12/8/2011 11:03:01 AM - Windows Update

.

==== Installed Programs ======================

.

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Community Help

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Media Player

Adobe Story

Adobe Widget Browser

Apple Application Support

Apple Software Update

Atheros Client Installation Program

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

ATK Generic Function Service

ATK Hotkey

ATK Media

ATKOSD2

Autodesk Backburner 2012.1.0

Canon Utilities EOS Utility

Canon Utilities WFT Utility

D3DX10

DiRT 2

DiRT 3

Google Chrome

Google Update Helper

Grand Theft Auto: Episodes from Liberty City

HD Tune 2.55

IIS 7.5 Express

Intel® Management Engine Components

Java Auto Updater

Java 6 Update 26

Magic DVD Copier Version 5.0.2

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft ASP.NET Web Pages

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server Compact 4.0 Web Tools ENU

Microsoft SQL Server System CLR Types

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WebMatrix

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MySQL Connector Net 6.3.7

NVIDIA 3D Vision Controller Driver

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OpenAL

PunkBuster Services

PxMergeModule

QuickTime

Rapture3D 2.4.8 Game

RealNetworks - Microsoft Visual C++ 2008 Runtime

Realtek High Definition Audio Driver

RealUpgrade 1.1

RICOH R5U230 Media Driver ver.2.05.02.02

SDFormatter

SDK

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Spotify

Spybot - Search & Destroy

Steam

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

VLC media player 1.1.11

Win7codecs

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

.

==== Event Viewer Messages From Past Week ========

.

12/9/2011 8:02:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/9/2011 12:58:38 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/9/2011 11:38:23 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/9/2011 11:37:25 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.692.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee2 Error description: The operation timed out

12/8/2011 8:39:51 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/8/2011 2:10:06 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.545.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/8/2011 11:04:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/7/2011 9:47:41 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/7/2011 9:46:09 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/7/2011 9:28:14 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:51 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/7/2011 9:26:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/7/2011 9:26:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/7/2011 9:26:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/7/2011 9:26:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/7/2011 9:26:32 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/7/2011 9:26:14 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

12/7/2011 9:26:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/7/2011 9:26:13 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 8:57:13 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/7/2011 8:56:32 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6

12/7/2011 2:24:33 PM, Error: PCTCore [280] -

12/7/2011 11:19:50 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/6/2011 9:23:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR1.

12/5/2011 2:25:01 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.316.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/4/2011 9:56:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/4/2011 8:18:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/11/2011 7:48:07 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

12/11/2011 7:48:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/11/2011 7:47:54 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

12/11/2011 7:47:54 PM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

12/11/2011 7:47:51 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

12/11/2011 7:47:48 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

12/11/2011 5:20:24 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/11/2011 3:20:08 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12/11/2011 10:07:52 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/11/2011 1:53:15 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.810.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/10/2011 8:44:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.731.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/10/2011 7:02:35 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/10/2011 10:41:16 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/10/2011 10:01:24 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

12/10/2011 1:53:15 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.731.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

.

==== End Of File ===========================

Thanks in advance.

Link to post
Share on other sites

Thanks, here is the log.

Farbar Service Scanner

Ran by GrandFX (administrator) on 12-12-2011 at 12:49:35

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

********************************************************

Service Check:

==============

File Check:

===========

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

Connection Status:

==================

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

**** End of log ****

Link to post
Share on other sites

13:40:47.0471 0948 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

13:40:47.0916 0948 ============================================================

13:40:47.0916 0948 Current date / time: 2011/12/12 13:40:47.0916

13:40:47.0916 0948 SystemInfo:

13:40:47.0916 0948

13:40:47.0916 0948 OS Version: 6.1.7601 ServicePack: 1.0

13:40:47.0916 0948 Product type: Workstation

13:40:47.0917 0948 ComputerName: GRANDFX-PC

13:40:47.0917 0948 UserName: GrandFX

13:40:47.0917 0948 Windows directory: C:\Windows

13:40:47.0917 0948 System windows directory: C:\Windows

13:40:47.0917 0948 Running under WOW64

13:40:47.0917 0948 Processor architecture: Intel x64

13:40:47.0917 0948 Number of processors: 8

13:40:47.0917 0948 Page size: 0x1000

13:40:47.0917 0948 Boot type: Normal boot

13:40:47.0917 0948 ============================================================

13:40:48.0662 0948 Initialize success

13:41:25.0596 1168 ============================================================

13:41:25.0596 1168 Scan started

13:41:25.0596 1168 Mode: Manual; SigCheck; TDLFS;

13:41:25.0596 1168 ============================================================

13:41:26.0137 1168 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:41:26.0426 1168 1394ohci - ok

13:41:26.0494 1168 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:41:26.0549 1168 ACPI - ok

13:41:26.0600 1168 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:41:26.0714 1168 AcpiPmi - ok

13:41:26.0773 1168 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:41:26.0845 1168 adp94xx - ok

13:41:26.0884 1168 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:41:26.0945 1168 adpahci - ok

13:41:27.0005 1168 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:41:27.0060 1168 adpu320 - ok

13:41:27.0131 1168 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

13:41:27.0232 1168 AFD - ok

13:41:27.0302 1168 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:41:27.0346 1168 agp440 - ok

13:41:27.0372 1168 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:41:27.0412 1168 aliide - ok

13:41:27.0428 1168 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:41:27.0469 1168 amdide - ok

13:41:27.0490 1168 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:41:27.0592 1168 AmdK8 - ok

13:41:27.0608 1168 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:41:27.0697 1168 AmdPPM - ok

13:41:27.0748 1168 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:41:27.0793 1168 amdsata - ok

13:41:27.0827 1168 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:41:27.0877 1168 amdsbs - ok

13:41:27.0904 1168 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:41:27.0946 1168 amdxata - ok

13:41:27.0985 1168 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:41:28.0103 1168 AppID - ok

13:41:28.0150 1168 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:41:28.0197 1168 arc - ok

13:41:28.0284 1168 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:41:28.0331 1168 arcsas - ok

13:41:28.0402 1168 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys

13:41:28.0494 1168 ASMMAP64 - ok

13:41:28.0537 1168 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:41:28.0749 1168 AsyncMac - ok

13:41:28.0846 1168 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:41:28.0890 1168 atapi - ok

13:41:28.0982 1168 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

13:41:29.0171 1168 athr - ok

13:41:29.0248 1168 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:41:29.0349 1168 b06bdrv - ok

13:41:29.0388 1168 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:41:29.0471 1168 b57nd60a - ok

13:41:29.0506 1168 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:41:29.0622 1168 Beep - ok

13:41:29.0670 1168 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:41:29.0738 1168 blbdrive - ok

13:41:29.0784 1168 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:41:29.0882 1168 bowser - ok

13:41:29.0904 1168 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:41:29.0990 1168 BrFiltLo - ok

13:41:30.0018 1168 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:41:30.0068 1168 BrFiltUp - ok

13:41:30.0096 1168 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:41:30.0205 1168 Brserid - ok

13:41:30.0252 1168 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:41:30.0324 1168 BrSerWdm - ok

13:41:30.0348 1168 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:41:30.0406 1168 BrUsbMdm - ok

13:41:30.0447 1168 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:41:30.0511 1168 BrUsbSer - ok

13:41:30.0571 1168 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

13:41:30.0664 1168 BthEnum - ok

13:41:30.0694 1168 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:41:30.0776 1168 BTHMODEM - ok

13:41:30.0820 1168 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

13:41:30.0924 1168 BthPan - ok

13:41:30.0976 1168 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

13:41:31.0063 1168 BTHPORT - ok

13:41:31.0086 1168 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

13:41:31.0154 1168 BTHUSB - ok

13:41:31.0202 1168 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys

13:41:31.0242 1168 btusbflt - ok

13:41:31.0302 1168 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys

13:41:31.0340 1168 btwaudio - ok

13:41:31.0360 1168 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys

13:41:31.0401 1168 btwavdt - ok

13:41:31.0430 1168 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

13:41:31.0465 1168 btwl2cap - ok

13:41:31.0479 1168 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys

13:41:31.0515 1168 btwrchid - ok

13:41:31.0557 1168 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:41:31.0661 1168 cdfs - ok

13:41:31.0722 1168 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

13:41:31.0785 1168 cdrom - ok

13:41:31.0820 1168 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:41:31.0876 1168 circlass - ok

13:41:31.0921 1168 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:41:31.0985 1168 CLFS - ok

13:41:32.0054 1168 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:41:32.0121 1168 CmBatt - ok

13:41:32.0168 1168 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:41:32.0210 1168 cmdide - ok

13:41:32.0270 1168 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

13:41:32.0349 1168 CNG - ok

13:41:32.0377 1168 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:41:32.0422 1168 Compbatt - ok

13:41:32.0490 1168 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:41:32.0545 1168 CompositeBus - ok

13:41:32.0584 1168 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:41:32.0629 1168 crcdisk - ok

13:41:32.0698 1168 CSCrySec (ab1201f8de199e764da9a32abf71049c) C:\Windows\system32\DRIVERS\CSCrySec.sys

13:41:32.0739 1168 CSCrySec - ok

13:41:32.0797 1168 CSVirtualDiskDrv (a6eed705bb510fa6b0f9f097165a3395) C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys

13:41:32.0833 1168 CSVirtualDiskDrv - ok

13:41:32.0900 1168 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:41:33.0026 1168 DfsC - ok

13:41:33.0063 1168 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:41:33.0195 1168 discache - ok

13:41:33.0227 1168 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:41:33.0273 1168 Disk - ok

13:41:33.0338 1168 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:41:33.0405 1168 drmkaud - ok

13:41:33.0482 1168 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:41:33.0551 1168 DXGKrnl - ok

13:41:33.0645 1168 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:41:33.0842 1168 ebdrv - ok

13:41:33.0905 1168 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:41:33.0975 1168 elxstor - ok

13:41:34.0034 1168 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:41:34.0091 1168 ErrDev - ok

13:41:34.0147 1168 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:41:34.0257 1168 exfat - ok

13:41:34.0284 1168 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:41:34.0410 1168 fastfat - ok

13:41:34.0449 1168 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:41:34.0509 1168 fdc - ok

13:41:34.0540 1168 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:41:34.0586 1168 FileInfo - ok

13:41:34.0607 1168 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:41:34.0719 1168 Filetrace - ok

13:41:34.0766 1168 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:41:34.0817 1168 flpydisk - ok

13:41:34.0893 1168 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:41:34.0942 1168 FltMgr - ok

13:41:34.0996 1168 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:41:35.0042 1168 FsDepends - ok

13:41:35.0085 1168 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:41:35.0141 1168 Fs_Rec - ok

13:41:35.0216 1168 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:41:35.0271 1168 fvevol - ok

13:41:35.0312 1168 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:41:35.0356 1168 gagp30kx - ok

13:41:35.0439 1168 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:41:35.0532 1168 hcw85cir - ok

13:41:35.0602 1168 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:41:35.0685 1168 HdAudAddService - ok

13:41:35.0765 1168 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:41:35.0842 1168 HDAudBus - ok

13:41:35.0893 1168 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

13:41:35.0931 1168 HECIx64 - ok

13:41:35.0956 1168 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:41:36.0030 1168 HidBatt - ok

13:41:36.0070 1168 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:41:36.0149 1168 HidBth - ok

13:41:36.0181 1168 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:41:36.0254 1168 HidIr - ok

13:41:36.0297 1168 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:41:36.0361 1168 HidUsb - ok

13:41:36.0396 1168 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:41:36.0441 1168 HpSAMD - ok

13:41:36.0514 1168 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:41:36.0648 1168 HTTP - ok

13:41:36.0703 1168 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:41:36.0743 1168 hwpolicy - ok

13:41:36.0797 1168 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:41:36.0848 1168 i8042prt - ok

13:41:36.0934 1168 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys

13:41:36.0985 1168 iaStor - ok

13:41:37.0047 1168 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:41:37.0109 1168 iaStorV - ok

13:41:37.0145 1168 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:41:37.0190 1168 iirsp - ok

13:41:37.0317 1168 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys

13:41:37.0444 1168 IntcAzAudAddService - ok

13:41:37.0478 1168 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:41:37.0519 1168 intelide - ok

13:41:37.0546 1168 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:41:37.0609 1168 intelppm - ok

13:41:37.0673 1168 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:41:37.0771 1168 IpFilterDriver - ok

13:41:37.0797 1168 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:41:37.0845 1168 IPMIDRV - ok

13:41:37.0872 1168 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:41:37.0995 1168 IPNAT - ok

13:41:38.0013 1168 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:41:38.0077 1168 IRENUM - ok

13:41:38.0090 1168 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:41:38.0132 1168 isapnp - ok

13:41:38.0165 1168 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:41:38.0215 1168 iScsiPrt - ok

13:41:38.0248 1168 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:41:38.0290 1168 kbdclass - ok

13:41:38.0351 1168 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:41:38.0423 1168 kbdhid - ok

13:41:38.0476 1168 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

13:41:38.0516 1168 kbfiltr - ok

13:41:38.0588 1168 kl1 (db449f50e5141458eb58e64ffac4863f) C:\Windows\system32\DRIVERS\kl1.sys

13:41:38.0629 1168 kl1 - ok

13:41:38.0661 1168 KLBG (87200a8afe40532baa4d2b24a7ba0eea) C:\Windows\system32\DRIVERS\klbg.sys

13:41:38.0701 1168 KLBG - ok

13:41:38.0824 1168 KLIF (34d49307217b20e5a845b7db50cdd4fa) C:\Windows\system32\DRIVERS\klif.sys

13:41:38.0869 1168 KLIF - ok

13:41:38.0925 1168 KLIM6 (630f22545379437737cf4172f09fe449) C:\Windows\system32\DRIVERS\klim6.sys

13:41:38.0962 1168 KLIM6 - ok

13:41:39.0045 1168 klmouflt (786791291939abb11f6d0f040da23912) C:\Windows\system32\DRIVERS\klmouflt.sys

13:41:39.0080 1168 klmouflt - ok

13:41:39.0154 1168 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

13:41:39.0196 1168 KSecDD - ok

13:41:39.0257 1168 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

13:41:39.0300 1168 KSecPkg - ok

13:41:39.0348 1168 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:41:39.0460 1168 ksthunk - ok

13:41:39.0550 1168 L1C (01c711667abedf8148998f3ac91991db) C:\Windows\system32\DRIVERS\L1C62x64.sys

13:41:39.0613 1168 L1C - ok

13:41:39.0663 1168 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:41:39.0786 1168 lltdio - ok

13:41:39.0867 1168 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:41:39.0916 1168 LSI_FC - ok

13:41:39.0958 1168 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:41:40.0006 1168 LSI_SAS - ok

13:41:40.0054 1168 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:41:40.0097 1168 LSI_SAS2 - ok

13:41:40.0146 1168 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:41:40.0193 1168 LSI_SCSI - ok

13:41:40.0238 1168 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:41:40.0353 1168 luafv - ok

13:41:40.0430 1168 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

13:41:40.0471 1168 MBAMProtector - ok

13:41:40.0511 1168 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:41:40.0555 1168 megasas - ok

13:41:40.0601 1168 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:41:40.0655 1168 MegaSR - ok

13:41:40.0720 1168 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:41:40.0835 1168 Modem - ok

13:41:40.0867 1168 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:41:40.0935 1168 monitor - ok

13:41:41.0010 1168 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:41:41.0050 1168 mouclass - ok

13:41:41.0086 1168 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:41:41.0157 1168 mouhid - ok

13:41:41.0237 1168 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:41:41.0282 1168 mountmgr - ok

13:41:41.0335 1168 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

13:41:41.0383 1168 MpFilter - ok

13:41:41.0439 1168 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:41:41.0486 1168 mpio - ok

13:41:41.0531 1168 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

13:41:41.0573 1168 MpNWMon - ok

13:41:41.0597 1168 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:41:41.0701 1168 mpsdrv - ok

13:41:41.0774 1168 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:41:41.0905 1168 MRxDAV - ok

13:41:41.0984 1168 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:41:42.0056 1168 mrxsmb - ok

13:41:42.0129 1168 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:41:42.0206 1168 mrxsmb10 - ok

13:41:42.0251 1168 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:41:42.0304 1168 mrxsmb20 - ok

13:41:42.0375 1168 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:41:42.0418 1168 msahci - ok

13:41:42.0519 1168 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:41:42.0567 1168 msdsm - ok

13:41:42.0625 1168 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:41:42.0724 1168 Msfs - ok

13:41:42.0755 1168 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:41:42.0873 1168 mshidkmdf - ok

13:41:42.0955 1168 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:41:42.0998 1168 msisadrv - ok

13:41:43.0037 1168 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:41:43.0146 1168 MSKSSRV - ok

13:41:43.0207 1168 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:41:43.0327 1168 MSPCLOCK - ok

13:41:43.0376 1168 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:41:43.0487 1168 MSPQM - ok

13:41:43.0564 1168 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:41:43.0617 1168 MsRPC - ok

13:41:43.0657 1168 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:41:43.0697 1168 mssmbios - ok

13:41:43.0725 1168 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:41:43.0855 1168 MSTEE - ok

13:41:43.0898 1168 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:41:43.0953 1168 MTConfig - ok

13:41:44.0018 1168 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys

13:41:44.0052 1168 MTsensor - ok

13:41:44.0082 1168 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:41:44.0125 1168 Mup - ok

13:41:44.0178 1168 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:41:44.0260 1168 NativeWifiP - ok

13:41:44.0344 1168 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:41:44.0427 1168 NDIS - ok

13:41:44.0473 1168 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:41:44.0577 1168 NdisCap - ok

13:41:44.0612 1168 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:41:44.0734 1168 NdisTapi - ok

13:41:44.0814 1168 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:41:44.0921 1168 Ndisuio - ok

13:41:45.0003 1168 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:41:45.0106 1168 NdisWan - ok

13:41:45.0182 1168 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:41:45.0304 1168 NDProxy - ok

13:41:45.0354 1168 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:41:45.0496 1168 NetBIOS - ok

13:41:45.0591 1168 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:41:45.0720 1168 NetBT - ok

13:41:45.0832 1168 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:41:45.0877 1168 nfrd960 - ok

13:41:45.0940 1168 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

13:41:45.0982 1168 NisDrv - ok

13:41:46.0023 1168 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:41:46.0131 1168 Npfs - ok

13:41:46.0164 1168 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:41:46.0285 1168 nsiproxy - ok

13:41:46.0409 1168 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:41:46.0525 1168 Ntfs - ok

13:41:46.0566 1168 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:41:46.0690 1168 Null - ok

13:41:46.0744 1168 NVHDA (ed9380f201c8126425c09bed96dbe1e5) C:\Windows\system32\drivers\nvhda64v.sys

13:41:46.0786 1168 NVHDA - ok

13:41:47.0071 1168 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

13:41:47.0470 1168 nvlddmkm - ok

13:41:47.0554 1168 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:41:47.0600 1168 nvraid - ok

13:41:47.0655 1168 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:41:47.0703 1168 nvstor - ok

13:41:47.0782 1168 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:41:47.0828 1168 nv_agp - ok

13:41:47.0885 1168 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

13:41:47.0945 1168 ohci1394 - ok

13:41:47.0982 1168 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:41:48.0033 1168 Parport - ok

13:41:48.0084 1168 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:41:48.0127 1168 partmgr - ok

13:41:48.0164 1168 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:41:48.0213 1168 pci - ok

13:41:48.0240 1168 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:41:48.0282 1168 pciide - ok

13:41:48.0328 1168 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:41:48.0377 1168 pcmcia - ok

13:41:48.0464 1168 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys

13:41:48.0531 1168 pcouffin - ok

13:41:48.0570 1168 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:41:48.0615 1168 pcw - ok

13:41:48.0689 1168 PdiPorts (117eb9a45636991a3d88eabc12111f3f) C:\Windows\system32\DRIVERS\PdiPorts.sys

13:41:48.0725 1168 PdiPorts - ok

13:41:48.0788 1168 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:41:48.0926 1168 PEAUTH - ok

13:41:49.0092 1168 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:41:49.0190 1168 PptpMiniport - ok

13:41:49.0217 1168 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:41:49.0281 1168 Processor - ok

13:41:49.0344 1168 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:41:49.0460 1168 Psched - ok

13:41:49.0525 1168 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

13:41:49.0563 1168 PxHlpa64 - ok

13:41:49.0620 1168 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:41:49.0729 1168 ql2300 - ok

13:41:49.0770 1168 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:41:49.0818 1168 ql40xx - ok

13:41:49.0855 1168 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:41:49.0937 1168 QWAVEdrv - ok

13:41:49.0975 1168 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:41:50.0075 1168 RasAcd - ok

13:41:50.0115 1168 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:41:50.0215 1168 RasAgileVpn - ok

13:41:50.0300 1168 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:41:50.0405 1168 Rasl2tp - ok

13:41:50.0452 1168 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:41:50.0572 1168 RasPppoe - ok

13:41:50.0611 1168 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:41:50.0718 1168 RasSstp - ok

13:41:50.0790 1168 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:41:50.0900 1168 rdbss - ok

13:41:50.0974 1168 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:41:51.0030 1168 rdpbus - ok

13:41:51.0062 1168 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:41:51.0171 1168 RDPCDD - ok

13:41:51.0221 1168 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:41:51.0338 1168 RDPENCDD - ok

13:41:51.0386 1168 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:41:51.0485 1168 RDPREFMP - ok

13:41:51.0556 1168 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

13:41:51.0656 1168 RDPWD - ok

13:41:51.0743 1168 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:41:51.0792 1168 rdyboost - ok

13:41:51.0844 1168 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

13:41:51.0911 1168 RFCOMM - ok

13:41:51.0983 1168 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys

13:41:52.0065 1168 rimspci - ok

13:41:52.0101 1168 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys

13:41:52.0159 1168 rixdpcie - ok

13:41:52.0208 1168 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:41:52.0315 1168 rspndr - ok

13:41:52.0388 1168 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:41:52.0433 1168 sbp2port - ok

13:41:52.0509 1168 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:41:52.0622 1168 scfilter - ok

13:41:52.0667 1168 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

13:41:52.0741 1168 sdbus - ok

13:41:52.0786 1168 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:41:52.0905 1168 secdrv - ok

13:41:52.0979 1168 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:41:53.0028 1168 Serenum - ok

13:41:53.0110 1168 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:41:53.0161 1168 Serial - ok

13:41:53.0240 1168 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:41:53.0309 1168 sermouse - ok

13:41:53.0414 1168 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

13:41:53.0490 1168 sffdisk - ok

13:41:53.0518 1168 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:41:53.0575 1168 sffp_mmc - ok

13:41:53.0602 1168 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys

13:41:53.0663 1168 sffp_sd - ok

13:41:53.0687 1168 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:41:53.0754 1168 sfloppy - ok

13:41:53.0798 1168 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:41:53.0842 1168 SiSRaid2 - ok

13:41:53.0883 1168 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:41:53.0930 1168 SiSRaid4 - ok

13:41:53.0975 1168 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:41:54.0098 1168 Smb - ok

13:41:54.0226 1168 SNP2UVC (7aec460dbdd193680f0e77724e40e7b6) C:\Windows\system32\DRIVERS\snp2uvc.sys

13:41:54.0316 1168 SNP2UVC - ok

13:41:54.0342 1168 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:41:54.0387 1168 spldr - ok

13:41:54.0462 1168 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys

13:41:54.0538 1168 Spyder3 - ok

13:41:54.0605 1168 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:41:54.0698 1168 srv - ok

13:41:54.0769 1168 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:41:54.0857 1168 srv2 - ok

13:41:54.0906 1168 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:41:54.0964 1168 srvnet - ok

13:41:55.0037 1168 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:41:55.0081 1168 stexstor - ok

13:41:55.0138 1168 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:41:55.0176 1168 swenum - ok

13:41:55.0280 1168 SynTP (0faa1933fbcf916c301ff94acc623031) C:\Windows\system32\DRIVERS\SynTP.sys

13:41:55.0326 1168 SynTP - ok

13:41:55.0437 1168 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:41:55.0566 1168 Tcpip - ok

13:41:55.0627 1168 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:41:55.0722 1168 TCPIP6 - ok

13:41:55.0788 1168 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:41:55.0903 1168 tcpipreg - ok

13:41:55.0940 1168 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:41:56.0054 1168 TDPIPE - ok

13:41:56.0082 1168 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

13:41:56.0187 1168 TDTCP - ok

13:41:56.0246 1168 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:41:56.0343 1168 tdx - ok

13:41:56.0399 1168 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:41:56.0439 1168 TermDD - ok

13:41:56.0529 1168 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:41:56.0631 1168 tssecsrv - ok

13:41:56.0693 1168 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:41:56.0751 1168 TsUsbFlt - ok

13:41:56.0807 1168 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:41:56.0917 1168 tunnel - ok

13:41:56.0969 1168 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:41:57.0015 1168 uagp35 - ok

13:41:57.0083 1168 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:41:57.0199 1168 udfs - ok

13:41:57.0274 1168 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:41:57.0318 1168 uliagpkx - ok

13:41:57.0343 1168 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:41:57.0391 1168 umbus - ok

13:41:57.0425 1168 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:41:57.0481 1168 UmPass - ok

13:41:57.0512 1168 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:41:57.0574 1168 usbccgp - ok

13:41:57.0633 1168 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:41:57.0727 1168 usbcir - ok

13:41:57.0753 1168 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:41:57.0822 1168 usbehci - ok

13:41:57.0863 1168 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:41:57.0937 1168 usbhub - ok

13:41:57.0975 1168 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:41:58.0041 1168 usbohci - ok

13:41:58.0093 1168 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:41:58.0151 1168 usbprint - ok

13:41:58.0174 1168 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:41:58.0259 1168 USBSTOR - ok

13:41:58.0285 1168 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:41:58.0348 1168 usbuhci - ok

13:41:58.0411 1168 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:41:58.0468 1168 usbvideo - ok

13:41:58.0504 1168 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:41:58.0548 1168 vdrvroot - ok

13:41:58.0573 1168 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:41:58.0629 1168 vga - ok

13:41:58.0663 1168 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:41:58.0773 1168 VgaSave - ok

13:41:58.0805 1168 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:41:58.0854 1168 vhdmp - ok

13:41:58.0913 1168 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:41:58.0955 1168 viaide - ok

13:41:58.0987 1168 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:41:59.0033 1168 volmgr - ok

13:41:59.0100 1168 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:41:59.0153 1168 volmgrx - ok

13:41:59.0215 1168 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:41:59.0272 1168 volsnap - ok

13:41:59.0314 1168 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:41:59.0359 1168 vsmraid - ok

13:41:59.0399 1168 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:41:59.0465 1168 vwifibus - ok

13:41:59.0489 1168 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:41:59.0569 1168 vwififlt - ok

13:41:59.0619 1168 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:41:59.0671 1168 WacomPen - ok

13:41:59.0696 1168 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:41:59.0833 1168 WANARP - ok

13:41:59.0840 1168 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:41:59.0933 1168 Wanarpv6 - ok

13:42:00.0023 1168 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:42:00.0067 1168 Wd - ok

13:42:00.0116 1168 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:42:00.0193 1168 Wdf01000 - ok

13:42:00.0246 1168 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:42:00.0349 1168 WfpLwf - ok

13:42:00.0370 1168 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:42:00.0415 1168 WIMMount - ok

13:42:00.0513 1168 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:42:00.0565 1168 WinUsb - ok

13:42:00.0649 1168 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:42:00.0715 1168 WmiAcpi - ok

13:42:00.0790 1168 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:42:00.0913 1168 ws2ifsl - ok

13:42:00.0973 1168 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:42:01.0094 1168 WudfPf - ok

13:42:01.0136 1168 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:42:01.0236 1168 WUDFRd - ok

13:42:01.0305 1168 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys

13:42:01.0414 1168 xnacc - ok

13:42:01.0451 1168 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:42:01.0599 1168 \Device\Harddisk0\DR0 - ok

13:42:01.0605 1168 Boot (0x1200) (6b6af39dee9fe60768d4708f1c0edf37) \Device\Harddisk0\DR0\Partition0

13:42:01.0607 1168 \Device\Harddisk0\DR0\Partition0 - ok

13:42:01.0608 1168 ============================================================

13:42:01.0608 1168 Scan finished

13:42:01.0608 1168 ============================================================

13:42:01.0635 4780 Detected object count: 0

13:42:01.0635 4780 Actual detected object count: 0

Link to post
Share on other sites

Looks OK....now we can run ComboFix:

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

That's Good News :)

So far as the tools we used, the only insight I can give you is for TDSSKiller and OTL, both are public tools.

OTL:

http://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/

TDSSKiller:

http://support.kaspersky.com/faq/?qid=208280684

The rest are all confidential and really shouldn't be used except when instructed to by an Expert.

Doing so without guidance can result in an unbootable computer, loss of internet connection, etc.

If you would like to become a malware fighter..there's several schools available...let me know.

------------------

Please uninstall ComboFix:

Click on the Start button and then in the Search field enter combofix /uninstall

Please note that there is a space between combofix and /uninstall.

Once you have typed this in, press Enter on your keyboard.

A Open File security warning will appear asking if you are sure you want to run ComboFix.

Please click on the Run button to start the program.

ComboFix will now uninstall itself from your computer and remove any backups and quarantined files.

When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.

You can now delete the ComboFix.exe program from your computer.

ComboFix has now been uninstalled from your Windows Vista or Windows 7 computer.

---------------

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

--------------

Java™ 6 Update 26 <---should be 29 Please update your Java > it's located in your control panel > open it up > Update

------------

Any questions...please post back.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Have a Good Holiday and New Year!

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.