Jump to content

Recommended Posts

Please help.

On boot - computer not connected to internet. Get mcafee alert "Your

computer is at risk" Real-time scanning is off...

When I connect earthlink dsl I can get to homepage but also got random

webpages loading - yellow pages and some tech newsletter...

Downloaded mbam, updated - scans for about 10 seconds then disappears.

Try to re-access I get message "Windows cannot access specific device, path

or file. You may not have the appropriate permissions to access the item."

Have tried in normal and safe mode.

Finally got it to perform quickscan in safe mode. Ran for 27 seconds and

detected nothing...

Can't access internet in safe mode even with networking.

So back to normal mode.

Ran rkill.

downloaded DeFogger, saw no errors - did not get prompt to reboot. Rebooted

manually. Found DeFogger-disable log on desktop:

_____________

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 11:39 on 26/09/2011 (Foolz-C)

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

___________________

Downloaded dds.scr - could not run. Opened in notepad with garbage

characters. Went to McAfee to see if I could figure out how to "disable

script blocker" - HOW DO YOU DO THAT? Downloaded the mcafee virtual

technician - recommended product upgrade (wow that was helpful)

No dds.scr log

re-booted

downloaded root kit scanner

hit run, hit scan - froze on SAVE...

ran r-kill again - killed root scanner too

ran root scan again - disappeared after a few seconds. Tried again and got

"Windows cannot access specific device..." AARGH.

So no root scan log.

In the meantime I have gotten mb errors and this stupid mcafee alert keeps

coming up. And I have retyped this 3 times because I couldn't send it in an

e-mail - froze the PC and had to hard reboot.

At wits end - help appreciated.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Link to post
Share on other sites

Thank you for your response.

tdss log:

20:52:08.0843 3120 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

20:52:10.0140 3120 ============================================================

20:52:10.0140 3120 Current date / time: 2011/09/27 20:52:10.0140

20:52:10.0140 3120 SystemInfo:

20:52:10.0140 3120

20:52:10.0140 3120 OS Version: 5.1.2600 ServicePack: 3.0

20:52:10.0140 3120 Product type: Workstation

20:52:10.0140 3120 ComputerName: FOOLZ3

20:52:10.0140 3120 UserName: Foolz-C

20:52:10.0140 3120 Windows directory: C:\WINDOWS

20:52:10.0140 3120 System windows directory: C:\WINDOWS

20:52:10.0140 3120 Processor architecture: Intel x86

20:52:10.0140 3120 Number of processors: 1

20:52:10.0140 3120 Page size: 0x1000

20:52:10.0140 3120 Boot type: Normal boot

20:52:10.0140 3120 ============================================================

20:52:11.0437 3120 Initialize success

20:52:20.0734 3284 ============================================================

20:52:20.0734 3284 Scan started

20:52:20.0734 3284 Mode: Manual;

20:52:20.0734 3284 ============================================================

20:52:21.0531 3284 Abiosdsk - ok

20:52:21.0609 3284 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

20:52:21.0609 3284 abp480n5 - ok

20:52:21.0687 3284 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:52:21.0703 3284 ACPI - ok

20:52:21.0734 3284 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

20:52:21.0734 3284 ACPIEC - ok

20:52:21.0781 3284 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

20:52:21.0781 3284 adpu160m - ok

20:52:21.0828 3284 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

20:52:21.0828 3284 aec - ok

20:52:21.0875 3284 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys

20:52:21.0875 3284 Afc - ok

20:52:21.0937 3284 AFD (df989408063faeb3f3bed2d5a265fcc7) C:\WINDOWS\System32\drivers\afd.sys

20:52:21.0937 3284 AFD - ok

20:52:21.0984 3284 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

20:52:21.0984 3284 agp440 - ok

20:52:22.0015 3284 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

20:52:22.0015 3284 agpCPQ - ok

20:52:22.0046 3284 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

20:52:22.0046 3284 Aha154x - ok

20:52:22.0078 3284 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

20:52:22.0078 3284 aic78u2 - ok

20:52:22.0109 3284 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

20:52:22.0109 3284 aic78xx - ok

20:52:22.0140 3284 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

20:52:22.0140 3284 AliIde - ok

20:52:22.0171 3284 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

20:52:22.0171 3284 alim1541 - ok

20:52:22.0203 3284 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

20:52:22.0203 3284 amdagp - ok

20:52:22.0218 3284 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

20:52:22.0218 3284 amsint - ok

20:52:22.0250 3284 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

20:52:22.0250 3284 asc - ok

20:52:22.0281 3284 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

20:52:22.0281 3284 asc3350p - ok

20:52:22.0296 3284 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

20:52:22.0296 3284 asc3550 - ok

20:52:22.0359 3284 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:52:22.0359 3284 AsyncMac - ok

20:52:22.0390 3284 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

20:52:22.0390 3284 atapi - ok

20:52:22.0406 3284 Atdisk - ok

20:52:22.0453 3284 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:52:22.0453 3284 Atmarpc - ok

20:52:22.0500 3284 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

20:52:22.0500 3284 audstub - ok

20:52:22.0609 3284 BCMNTIO (90a87d49205b3893281203a477f66fe5) C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys

20:52:22.0609 3284 BCMNTIO - ok

20:52:22.0640 3284 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

20:52:22.0640 3284 Beep - ok

20:52:22.0671 3284 bvrp_pci - ok

20:52:22.0734 3284 BW2NDIS5 (71cb7616cb36d43ea787c41ab55fe458) C:\WINDOWS\system32\Drivers\BW2NDIS5.sys

20:52:22.0734 3284 BW2NDIS5 - ok

20:52:22.0750 3284 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

20:52:22.0750 3284 cbidf - ok

20:52:22.0781 3284 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

20:52:22.0781 3284 cbidf2k - ok

20:52:22.0828 3284 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

20:52:22.0828 3284 CCDECODE - ok

20:52:22.0859 3284 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

20:52:22.0859 3284 cd20xrnt - ok

20:52:22.0875 3284 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

20:52:22.0875 3284 Cdaudio - ok

20:52:22.0906 3284 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

20:52:22.0906 3284 Cdfs - ok

20:52:22.0953 3284 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:52:22.0953 3284 Cdrom - ok

20:52:23.0015 3284 cfwids (142e4e00ad91600a2d20692ed52fafc8) C:\WINDOWS\system32\drivers\cfwids.sys

20:52:23.0015 3284 cfwids - ok

20:52:23.0031 3284 Changer - ok

20:52:23.0093 3284 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

20:52:23.0093 3284 CmdIde - ok

20:52:23.0140 3284 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

20:52:23.0156 3284 Cpqarray - ok

20:52:23.0203 3284 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

20:52:23.0203 3284 dac2w2k - ok

20:52:23.0234 3284 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

20:52:23.0234 3284 dac960nt - ok

20:52:23.0281 3284 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

20:52:23.0281 3284 Disk - ok

20:52:23.0343 3284 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

20:52:23.0359 3284 dmboot - ok

20:52:23.0390 3284 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

20:52:23.0390 3284 dmio - ok

20:52:23.0437 3284 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

20:52:23.0437 3284 dmload - ok

20:52:23.0468 3284 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

20:52:23.0484 3284 DMusic - ok

20:52:23.0515 3284 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

20:52:23.0515 3284 dpti2o - ok

20:52:23.0546 3284 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

20:52:23.0546 3284 drmkaud - ok

20:52:23.0593 3284 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

20:52:23.0593 3284 drvmcdb - ok

20:52:23.0625 3284 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

20:52:23.0625 3284 drvnddm - ok

20:52:23.0750 3284 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

20:52:23.0750 3284 DSproct - ok

20:52:23.0796 3284 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys

20:52:23.0796 3284 dsunidrv - ok

20:52:23.0843 3284 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys

20:52:23.0859 3284 E100B - ok

20:52:23.0968 3284 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

20:52:23.0984 3284 eeCtrl - ok

20:52:24.0062 3284 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

20:52:24.0062 3284 Fastfat - ok

20:52:24.0109 3284 fdb16b06 (0c7d7d0c609dc78f4fe9a4231d49e8f3) C:\WINDOWS\107721213:38704377.exe

20:52:25.0656 3284 Suspicious file (Hidden): C:\WINDOWS\107721213:38704377.exe. md5: 0c7d7d0c609dc78f4fe9a4231d49e8f3

20:52:25.0656 3284 fdb16b06 ( HiddenFile.Multi.Generic ) - warning

20:52:25.0656 3284 fdb16b06 - detected HiddenFile.Multi.Generic (1)

20:52:25.0781 3284 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

20:52:25.0781 3284 Fdc - ok

20:52:25.0843 3284 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

20:52:25.0859 3284 Fips - ok

20:52:25.0906 3284 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

20:52:25.0906 3284 Flpydisk - ok

20:52:25.0968 3284 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

20:52:25.0984 3284 FltMgr - ok

20:52:26.0000 3284 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:52:26.0000 3284 Fs_Rec - ok

20:52:26.0046 3284 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:52:26.0046 3284 Ftdisk - ok

20:52:26.0109 3284 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

20:52:26.0109 3284 GEARAspiWDM - ok

20:52:26.0171 3284 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:52:26.0171 3284 Gpc - ok

20:52:26.0265 3284 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

20:52:26.0265 3284 HidUsb - ok

20:52:26.0328 3284 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

20:52:26.0328 3284 hpn - ok

20:52:26.0375 3284 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

20:52:26.0375 3284 HPZid412 - ok

20:52:26.0406 3284 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

20:52:26.0406 3284 HPZipr12 - ok

20:52:26.0453 3284 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

20:52:26.0453 3284 HPZius12 - ok

20:52:26.0484 3284 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

20:52:26.0500 3284 HSFHWBS2 - ok

20:52:26.0578 3284 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

20:52:26.0640 3284 HSF_DP - ok

20:52:26.0703 3284 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

20:52:26.0703 3284 HTTP - ok

20:52:26.0765 3284 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

20:52:26.0765 3284 i2omgmt - ok

20:52:26.0828 3284 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

20:52:26.0828 3284 i2omp - ok

20:52:26.0875 3284 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:52:26.0875 3284 i8042prt - ok

20:52:26.0953 3284 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

20:52:26.0984 3284 ialm - ok

20:52:27.0031 3284 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

20:52:27.0046 3284 Imapi - ok

20:52:27.0078 3284 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

20:52:27.0078 3284 ini910u - ok

20:52:27.0125 3284 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

20:52:27.0125 3284 IntelIde - ok

20:52:27.0187 3284 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

20:52:27.0187 3284 intelppm - ok

20:52:27.0234 3284 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

20:52:27.0234 3284 Ip6Fw - ok

20:52:27.0265 3284 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:52:27.0265 3284 IpFilterDriver - ok

20:52:27.0328 3284 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:52:27.0328 3284 IpInIp - ok

20:52:27.0375 3284 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:52:27.0375 3284 IpNat - ok

20:52:27.0562 3284 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:52:27.0609 3284 IPSec - ok

20:52:27.0656 3284 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

20:52:27.0734 3284 IRENUM - ok

20:52:27.0796 3284 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:52:27.0796 3284 isapnp - ok

20:52:27.0828 3284 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:52:27.0828 3284 Kbdclass - ok

20:52:27.0890 3284 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

20:52:27.0890 3284 kbdhid - ok

20:52:27.0921 3284 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

20:52:27.0937 3284 kmixer - ok

20:52:27.0984 3284 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

20:52:27.0984 3284 KSecDD - ok

20:52:28.0015 3284 lbrtfdc - ok

20:52:28.0171 3284 MAPMEM (61330a29bd4230505a7618bc41693cbb) C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys

20:52:28.0171 3284 MAPMEM - ok

20:52:28.0234 3284 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

20:52:28.0234 3284 MBAMProtector - ok

20:52:28.0375 3284 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

20:52:28.0375 3284 mdmxsdk - ok

20:52:28.0437 3284 mfeapfk (c373a719d704d12f5a4503f6f10239ff) C:\WINDOWS\system32\drivers\mfeapfk.sys

20:52:28.0437 3284 mfeapfk - ok

20:52:28.0468 3284 mfeavfk (851ad52871b62457152a8acaff0c632d) C:\WINDOWS\system32\drivers\mfeavfk.sys

20:52:28.0484 3284 mfeavfk - ok

20:52:28.0515 3284 mfebopk (5b9ffb027669a8ac30aac0b4996bc603) C:\WINDOWS\system32\drivers\mfebopk.sys

20:52:28.0515 3284 mfebopk - ok

20:52:28.0578 3284 mfefirek (2cabe72e53365834cb9969dde47bd690) C:\WINDOWS\system32\drivers\mfefirek.sys

20:52:28.0578 3284 mfefirek - ok

20:52:28.0640 3284 mfehidk (46db8f041e928bdc17b8daba249a2148) C:\WINDOWS\system32\drivers\mfehidk.sys

20:52:28.0656 3284 mfehidk - ok

20:52:28.0687 3284 mfendisk (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

20:52:28.0687 3284 mfendisk - ok

20:52:28.0703 3284 mfendiskmp (348e3db31cf458adaa3798fb8af659c3) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

20:52:28.0703 3284 mfendiskmp - ok

20:52:28.0734 3284 mferkdet (316fd7c31cd57ca793fb10912aeeb2d2) C:\WINDOWS\system32\drivers\mferkdet.sys

20:52:28.0734 3284 mferkdet - ok

20:52:28.0781 3284 mfetdi2k (2026fe7c9e6b26ffeb08cd89c6326b91) C:\WINDOWS\system32\drivers\mfetdi2k.sys

20:52:28.0781 3284 mfetdi2k - ok

20:52:28.0828 3284 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

20:52:28.0828 3284 mnmdd - ok

20:52:28.0890 3284 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

20:52:28.0890 3284 Modem - ok

20:52:28.0921 3284 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

20:52:28.0921 3284 MODEMCSA - ok

20:52:28.0968 3284 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:52:28.0968 3284 Mouclass - ok

20:52:29.0046 3284 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

20:52:29.0046 3284 mouhid - ok

20:52:29.0093 3284 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

20:52:29.0093 3284 MountMgr - ok

20:52:29.0109 3284 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

20:52:29.0125 3284 mraid35x - ok

20:52:29.0140 3284 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:52:29.0156 3284 MRxDAV - ok

20:52:29.0203 3284 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:52:29.0218 3284 MRxSmb - ok

20:52:29.0265 3284 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

20:52:29.0265 3284 Msfs - ok

20:52:29.0312 3284 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:52:29.0312 3284 MSKSSRV - ok

20:52:29.0328 3284 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:52:29.0343 3284 MSPCLOCK - ok

20:52:29.0359 3284 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

20:52:29.0359 3284 MSPQM - ok

20:52:29.0406 3284 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:52:29.0421 3284 mssmbios - ok

20:52:29.0453 3284 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

20:52:29.0453 3284 MSTEE - ok

20:52:29.0484 3284 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

20:52:29.0484 3284 Mup - ok

20:52:29.0531 3284 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

20:52:29.0531 3284 NABTSFEC - ok

20:52:29.0578 3284 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

20:52:29.0593 3284 NDIS - ok

20:52:29.0625 3284 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

20:52:29.0625 3284 NdisIP - ok

20:52:29.0671 3284 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:52:29.0671 3284 NdisTapi - ok

20:52:29.0734 3284 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:52:29.0734 3284 Ndisuio - ok

20:52:29.0781 3284 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:52:29.0781 3284 NdisWan - ok

20:52:29.0828 3284 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

20:52:29.0828 3284 NDProxy - ok

20:52:29.0890 3284 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

20:52:29.0890 3284 NetBIOS - ok

20:52:29.0953 3284 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

20:52:29.0953 3284 NetBT - ok

20:52:30.0046 3284 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

20:52:30.0046 3284 Npfs - ok

20:52:30.0109 3284 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

20:52:30.0125 3284 Ntfs - ok

20:52:30.0187 3284 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

20:52:30.0187 3284 Null - ok

20:52:30.0531 3284 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

20:52:30.0812 3284 nv - ok

20:52:30.0859 3284 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:52:30.0859 3284 NwlnkFlt - ok

20:52:30.0890 3284 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

20:52:30.0890 3284 NwlnkFwd - ok

20:52:30.0937 3284 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

20:52:30.0937 3284 Parport - ok

20:52:31.0000 3284 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

20:52:31.0000 3284 PartMgr - ok

20:52:31.0046 3284 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

20:52:31.0046 3284 ParVdm - ok

20:52:31.0078 3284 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

20:52:31.0078 3284 PCI - ok

20:52:31.0109 3284 PCIDump - ok

20:52:31.0140 3284 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

20:52:31.0140 3284 PCIIde - ok

20:52:31.0250 3284 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

20:52:31.0296 3284 Pcmcia - ok

20:52:31.0328 3284 PDCOMP - ok

20:52:31.0343 3284 PDFRAME - ok

20:52:31.0375 3284 PDRELI - ok

20:52:31.0390 3284 PDRFRAME - ok

20:52:31.0453 3284 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

20:52:31.0453 3284 perc2 - ok

20:52:31.0578 3284 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

20:52:31.0593 3284 perc2hib - ok

20:52:32.0031 3284 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:52:32.0062 3284 PptpMiniport - ok

20:52:32.0156 3284 prcmondrv (0c0d173c2a6f790baee8d4cc48a1ef59) C:\WINDOWS\system32\drivers\prcmondrv1041.sys

20:52:32.0171 3284 prcmondrv - ok

20:52:32.0265 3284 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

20:52:32.0296 3284 PSched - ok

20:52:32.0375 3284 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

20:52:32.0390 3284 Ptilink - ok

20:52:32.0484 3284 PxHelp20 (db3b30c3a4cdcf07e164c14584d9d0f2) C:\WINDOWS\system32\Drivers\PxHelp20.sys

20:52:32.0500 3284 PxHelp20 - ok

20:52:32.0812 3284 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

20:52:32.0828 3284 ql1080 - ok

20:52:33.0156 3284 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

20:52:33.0156 3284 Ql10wnt - ok

20:52:33.0593 3284 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

20:52:33.0609 3284 ql12160 - ok

20:52:33.0984 3284 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

20:52:34.0000 3284 ql1240 - ok

20:52:34.0468 3284 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

20:52:34.0468 3284 ql1280 - ok

20:52:34.0531 3284 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:52:34.0531 3284 RasAcd - ok

20:52:34.0593 3284 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:52:34.0593 3284 Rasl2tp - ok

20:52:34.0640 3284 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:52:34.0640 3284 RasPppoe - ok

20:52:34.0687 3284 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

20:52:34.0687 3284 Raspti - ok

20:52:34.0734 3284 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:52:34.0750 3284 Rdbss - ok

20:52:34.0765 3284 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

20:52:34.0765 3284 RDPCDD - ok

20:52:34.0828 3284 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

20:52:34.0828 3284 rdpdr - ok

20:52:34.0890 3284 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

20:52:34.0890 3284 RDPWD - ok

20:52:34.0953 3284 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

20:52:34.0953 3284 redbook - ok

20:52:35.0078 3284 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

20:52:35.0078 3284 Secdrv - ok

20:52:35.0156 3284 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys

20:52:35.0171 3284 senfilt - ok

20:52:35.0281 3284 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

20:52:35.0281 3284 serenum - ok

20:52:35.0312 3284 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

20:52:35.0328 3284 Serial - ok

20:52:35.0437 3284 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

20:52:35.0437 3284 Sfloppy - ok

20:52:35.0531 3284 Simbad - ok

20:52:35.0640 3284 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

20:52:35.0656 3284 sisagp - ok

20:52:35.0796 3284 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

20:52:35.0812 3284 SLIP - ok

20:52:35.0937 3284 smwdm (479533bacc58b1edf916855bcd139556) C:\WINDOWS\system32\drivers\smwdm.sys

20:52:35.0984 3284 smwdm - ok

20:52:36.0109 3284 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

20:52:36.0109 3284 Sparrow - ok

20:52:36.0187 3284 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

20:52:36.0203 3284 splitter - ok

20:52:36.0546 3284 SQTECH913D (c48495c76a551c1acc0e5ffab0958476) C:\WINDOWS\system32\Drivers\Capt913D.sys

20:52:36.0609 3284 SQTECH913D - ok

20:52:37.0109 3284 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

20:52:37.0156 3284 sr - ok

20:52:37.0359 3284 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

20:52:37.0484 3284 Srv - ok

20:52:37.0625 3284 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys

20:52:37.0625 3284 sscdbhk5 - ok

20:52:37.0671 3284 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys

20:52:37.0671 3284 ssrtln - ok

20:52:37.0718 3284 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

20:52:37.0734 3284 streamip - ok

20:52:37.0812 3284 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

20:52:37.0812 3284 swenum - ok

20:52:37.0890 3284 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

20:52:37.0921 3284 swmidi - ok

20:52:38.0000 3284 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

20:52:38.0000 3284 symc810 - ok

20:52:38.0031 3284 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

20:52:38.0031 3284 symc8xx - ok

20:52:38.0093 3284 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys

20:52:38.0093 3284 symlcbrd - ok

20:52:38.0140 3284 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

20:52:38.0140 3284 sym_hi - ok

20:52:38.0187 3284 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

20:52:38.0187 3284 sym_u3 - ok

20:52:38.0296 3284 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

20:52:38.0296 3284 sysaudio - ok

20:52:38.0390 3284 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:52:38.0406 3284 Tcpip - ok

20:52:38.0468 3284 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

20:52:38.0468 3284 TDPIPE - ok

20:52:38.0500 3284 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

20:52:38.0500 3284 TDTCP - ok

20:52:38.0593 3284 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

20:52:38.0593 3284 TermDD - ok

20:52:38.0687 3284 tfsnboio (75b30b9ea32fe7d8bbc332d3b944ad46) C:\WINDOWS\system32\dla\tfsnboio.sys

20:52:38.0687 3284 tfsnboio - ok

20:52:38.0718 3284 tfsncofs (b811a431b14694d88eb5befaa55b4501) C:\WINDOWS\system32\dla\tfsncofs.sys

20:52:38.0734 3284 tfsncofs - ok

20:52:38.0765 3284 tfsndrct (f5e2cf2144f1fe51dadd6e9063d311eb) C:\WINDOWS\system32\dla\tfsndrct.sys

20:52:38.0765 3284 tfsndrct - ok

20:52:38.0828 3284 tfsndres (e32b32045b6b914fd4caae8be6ca7e8a) C:\WINDOWS\system32\dla\tfsndres.sys

20:52:38.0859 3284 tfsndres - ok

20:52:38.0890 3284 tfsnifs (43034b10a94d1c6f13a1a0e848f51226) C:\WINDOWS\system32\dla\tfsnifs.sys

20:52:38.0890 3284 tfsnifs - ok

20:52:38.0937 3284 tfsnopio (f5ee0faafde37326ea35acbfa5defd3d) C:\WINDOWS\system32\dla\tfsnopio.sys

20:52:38.0937 3284 tfsnopio - ok

20:52:38.0968 3284 tfsnpool (597348eb65b3e19709e9a45ca2b30b61) C:\WINDOWS\system32\dla\tfsnpool.sys

20:52:38.0968 3284 tfsnpool - ok

20:52:39.0015 3284 tfsnudf (767affd52432a0f7e7d39f6ff64401f4) C:\WINDOWS\system32\dla\tfsnudf.sys

20:52:39.0015 3284 tfsnudf - ok

20:52:39.0046 3284 tfsnudfa (2806b2fd00263ccd90cc0638c6139eb0) C:\WINDOWS\system32\dla\tfsnudfa.sys

20:52:39.0062 3284 tfsnudfa - ok

20:52:39.0140 3284 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

20:52:39.0140 3284 TosIde - ok

20:52:39.0203 3284 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

20:52:39.0203 3284 Udfs - ok

20:52:39.0281 3284 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

20:52:39.0281 3284 ultra - ok

20:52:39.0343 3284 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

20:52:39.0343 3284 Update - ok

20:52:39.0437 3284 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys

20:52:39.0437 3284 USBAAPL - ok

20:52:39.0515 3284 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:52:39.0515 3284 usbccgp - ok

20:52:39.0578 3284 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

20:52:39.0593 3284 usbehci - ok

20:52:39.0656 3284 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:52:39.0656 3284 usbhub - ok

20:52:39.0703 3284 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:52:39.0703 3284 usbprint - ok

20:52:39.0765 3284 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:52:39.0765 3284 usbscan - ok

20:52:39.0828 3284 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:52:39.0828 3284 USBSTOR - ok

20:52:39.0890 3284 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:52:39.0890 3284 usbuhci - ok

20:52:39.0953 3284 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

20:52:39.0968 3284 VgaSave - ok

20:52:40.0031 3284 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

20:52:40.0031 3284 viaagp - ok

20:52:40.0078 3284 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

20:52:40.0078 3284 ViaIde - ok

20:52:40.0156 3284 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

20:52:40.0156 3284 VolSnap - ok

20:52:40.0234 3284 vpnva (2fa9fb828d29fed55efc800e267be09d) C:\WINDOWS\system32\DRIVERS\vpnva.sys

20:52:40.0234 3284 vpnva - ok

20:52:40.0312 3284 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:52:40.0312 3284 Wanarp - ok

20:52:40.0343 3284 wanatw - ok

20:52:40.0375 3284 WDICA - ok

20:52:40.0421 3284 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

20:52:40.0453 3284 wdmaud - ok

20:52:40.0531 3284 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

20:52:40.0562 3284 winachsf - ok

20:52:40.0671 3284 WmBEnum (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys

20:52:40.0687 3284 WmBEnum - ok

20:52:40.0734 3284 WmFilter (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys

20:52:40.0734 3284 WmFilter - ok

20:52:40.0781 3284 WmVirHid (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys

20:52:40.0796 3284 WmVirHid - ok

20:52:40.0812 3284 WmXlCore (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys

20:52:40.0812 3284 WmXlCore - ok

20:52:40.0859 3284 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

20:52:40.0859 3284 WS2IFSL - ok

20:52:40.0953 3284 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

20:52:40.0953 3284 WSTCODEC - ok

20:52:41.0031 3284 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

20:52:41.0031 3284 WudfPf - ok

20:52:41.0062 3284 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

20:52:41.0062 3284 WudfRd - ok

20:52:41.0109 3284 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0

20:52:41.0125 3284 \Device\Harddisk0\DR0 - ok

20:52:41.0140 3284 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk1\DR1

20:52:41.0140 3284 \Device\Harddisk1\DR1 - ok

20:52:41.0187 3284 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR8

20:52:41.0218 3284 \Device\Harddisk2\DR8 - ok

20:52:41.0234 3284 Boot (0x1200) (043b12ade416ed4f47d53cb88d8070ad) \Device\Harddisk0\DR0\Partition0

20:52:41.0234 3284 \Device\Harddisk0\DR0\Partition0 - ok

20:52:41.0250 3284 Boot (0x1200) (043b12ade416ed4f47d53cb88d8070ad) \Device\Harddisk1\DR1\Partition0

20:52:41.0250 3284 \Device\Harddisk1\DR1\Partition0 - ok

20:52:41.0265 3284 Boot (0x1200) (ed86f6070cf1486a8346500b2ae6e1a4) \Device\Harddisk2\DR8\Partition0

20:52:41.0265 3284 \Device\Harddisk2\DR8\Partition0 - ok

20:52:41.0281 3284 ============================================================

20:52:41.0281 3284 Scan finished

20:52:41.0281 3284 ============================================================

20:52:41.0281 3316 Detected object count: 1

20:52:41.0281 3316 Actual detected object count: 1

20:53:11.0046 3316 C:\WINDOWS\107721213:38704377.exe - copied to quarantine

20:53:11.0046 3316 fdb16b06 ( HiddenFile.Multi.Generic ) - User select action: Quarantine

20:53:42.0578 3132 Deinitialize success

________

Downloaded dds again and had the same result (see above re: McAfee):

Notepad opened dds.scr - the first part of it looks like this (nothing "scanned" or created a log file):

MZ ÿÿ ¸ @ Ø º ´ Í!¸LÍ!This program cannot be run in DOS mode.

$ 1¸„:uÙêiuÙêiuÙêi¶ÖµiwÙêiuÙëiîÙêi¶Ö·idÙêi!úÚiÙêi²ßìitÙêiRichuÙêi PE L ÆãK à P   0ó ° @ í € ` ` UPX0   € àUPX1 P ° F @ à.rsrc J @ À 3.07 UPX!

•» $И…‚Û 'C „ & "ÿ÷ÿU‹ìƒì\ƒ}t+F‹Eu

ƒH‹

¨>Bÿ¿lÿ ‰HPÿuÿHr@ é uSÝŒ}÷V‹5°E¤WPLƒeôíæl»1EäP‹}ð¿ý±·ðDp; ï¶FRVV¯Uuÿ¿ýè‹Ï+MèÁ‰M™÷ÿ3ÒŠðQùÛÍNUMèÁ‹Ê1T»vé>ŠÈPE3Áá×m··ÀÈsôPBø¢p‡™åìrEðPˆTßÞ¾½ÿÓè9}qŒwÿ ƒ~Xÿºûteÿv4½5…À3tnÛ¶/jWÇ:« èî"Ý͹*Ê )XWKpÛg›ÛÿXÖðh

Should I disable mcafee?

Is there a "script blocker" somewhere I need to turn off?

Thanks for your help.

Link to post
Share on other sites

  • Staff

Hi,

Skip DDS for now.

Download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

Link to post
Share on other sites

I did get dds to run after finding the answer to that issue on bleepingcomputer. it opened in notepad because of a file assoc issue related to AutoCad. But I wasn't able to upload anymore.

Have a diagnosis of zeroaccess from a malwarebytes service tech. . So my computer is away visiting my techie brother for verification and to determine whether my ghosted backup is also infected.

Sending this from my phone.

Thanks for the response finally .... 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.