Jump to content

Please help! I'm infected - What do I do now?

jbarter

By jbarter
in Resolved Malware Removal Logs

 Share

Recommended Posts

jbarter

jbarter

Posted
Posted

Hi

I Appear to have a backdoor agent infecting my machine... any help you can offer would be greatly appreciated.

I have run DDS, following text generated

DDS.txt...............

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_24

Run by Jeremy Barter at 17:06:04 on 2011-11-07

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.3070.1873 [GMT 0:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\explorer.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local

uWinlogon: Shell=c:\users\jeremy barter\appdata\local\de5890cc\X

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

uRun: [{E56E37E2-8F84-83E4-A2A4-95F15A7C8CBE}] "c:\users\jeremy barter\appdata\roaming\bozoytf\acmyte.exe"

mRun: [<NO NAME>]

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{582586D9-86CC-46AB-8DA2-45EDC31813B6} : DhcpNameServer = 192.168.1.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\jeremy barter\appdata\roaming\mozilla\firefox\profiles\yd8mqwcz.default\

FF - prefs.js: browser.search.selectedEngine - Custom search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk

FF - prefs.js: keyword.URL - hxxp://www.starwebsearch.com/results.php?q=

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll

FF - plugin: c:\users\jeremy barter\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2011-8-10 158000]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2011-8-10 93488]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-12-29 366152]

R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\norton pc checkup\engine\2.0.2.506\ccSvcHst.exe [2009-12-9 126392]

R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2008-3-12 674048]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-29 22216]

R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr61.sys [2009-6-10 335872]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-6-3 27632]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2011-7-19 104752]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2011-7-19 116016]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c98deac4499b39;Google Update Service (gupdate1c98deac4499b39);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]

S3 camdrv41;Philips SPC 900NC PC Camera;c:\windows\system32\drivers\camdrv41.sys [2007-4-23 1347584]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-6-3 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-6-2 86824]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-6-2 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-6-2 114600]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-6-2 108328]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-6-2 26024]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-6-2 104616]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-6-2 109736]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\norton pc checkup\engine\2.0.2.506\SymcPCCULaunchSvc.exe [2009-12-9 120248]

S4 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-6-2 90112]

S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]

.

=============== Created Last 30 ================

.

2011-11-07 16:55:48 -------- d-----w- c:\users\jeremy barter\appdata\roaming\Supuez

2011-11-07 16:55:48 -------- d-----w- c:\users\jeremy barter\appdata\roaming\Bozoytf

2011-11-07 16:20:10 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c7d27614-e722-444e-8705-1c60f7ed5964}\offreg.dll

2011-11-04 15:37:01 -------- d-sh--w- c:\users\jeremy barter\appdata\local\de5890cc

2011-11-04 07:32:43 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c7d27614-e722-444e-8705-1c60f7ed5964}\mpengine.dll

2011-10-31 16:00:00 -------- d-----w- c:\users\jeremy barter\appdata\roaming\DVDVideoSoft

2011-10-31 15:59:56 -------- d-----w- c:\users\jeremy barter\appdata\roaming\DVDVideoSoftIEHelpers

2011-10-31 15:43:53 -------- d-----w- c:\program files\YoutubeDownloader.org

2011-10-14 17:51:16 -------- d-----w- c:\program files\Easy DVD Player

.

==================== Find3M ====================

.

2011-09-04 12:32:12 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 17:06:19.21 ===============

ATTACH.txt.........................

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 08/08/2008 15:41:28

System Uptime: 07/11/2011 16:19:42 (1 hours ago)

.

Motherboard: DIXONSXP | | MS-7358

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | CPU 1 | 2400/267mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 287 GiB total, 97.313 GiB free.

E: is CDROM (UDF)

F: is Removable

G: is Removable

H: is Removable

I: is Removable

S: is FIXED (NTFS) - 1 GiB total, 1.417 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP2395: 16/10/2011 00:00:01 - Scheduled Checkpoint

RP2397: 17/10/2011 00:00:01 - Scheduled Checkpoint

RP2399: 18/10/2011 00:00:01 - Scheduled Checkpoint

RP2401: 18/10/2011 12:09:18 - Windows Update

RP2403: 20/10/2011 00:00:02 - Scheduled Checkpoint

RP2405: 21/10/2011 00:00:01 - Scheduled Checkpoint

RP2407: 21/10/2011 22:17:36 - Windows Update

RP2409: 23/10/2011 00:00:06 - Scheduled Checkpoint

RP2411: 24/10/2011 00:00:05 - Scheduled Checkpoint

RP2413: 25/10/2011 05:42:53 - Scheduled Checkpoint

RP2415: 25/10/2011 07:40:25 - Windows Update

RP2417: 26/10/2011 - Scheduled Checkpoint

RP2419: 27/10/2011 00:00:03 - Scheduled Checkpoint

RP2421: 28/10/2011 00:32:39 - Scheduled Checkpoint

RP2423: 28/10/2011 15:37:21 - Windows Update

RP2425: 30/10/2011 09:05:42 - Scheduled Checkpoint

RP2427: 31/10/2011 - Scheduled Checkpoint

RP2429: 01/11/2011 00:00:02 - Scheduled Checkpoint

RP2431: 01/11/2011 20:16:27 - Windows Update

RP2433: 03/11/2011 00:00:01 - Scheduled Checkpoint

RP2435: 04/11/2011 00:00:01 - Scheduled Checkpoint

RP2437: 04/11/2011 07:32:37 - Windows Update

RP2439: 05/11/2011 - Scheduled Checkpoint

RP2441: 06/11/2011 00:00:01 - Scheduled Checkpoint

RP2443: 06/11/2011 13:23:51 - Scheduled Checkpoint

RP2445: 07/11/2011 16:54:43 - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

2xAV Plug-In for WMP

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.0

Adobe Shockwave Player 11.6

Any Video Converter 3.0.5

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATV 1.0

Audacity 1.2.6

BOINC

Bonjour

Cisco Connect

Compatibility Pack for the 2007 Office system

Creative Jukebox Driver

Dixon Hybrid TV Tuner Card BDA Driver

Easy Banner Creator 1.3

Easy DVD Player 2.0

FLV Player 2.0 (build 25)

Google Earth

Google Update Helper

Google Updater

Governor of Poker

GTA San Andreas

Half-Life

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® PRO Network Connections Drivers

iTunes

Jakarta Motorcross Challenge 1.0

Java Auto Updater

Java DB 10.5.3.0

Java 6 Update 24

Java 6 Update 7

Java SE Development Kit 6 Update 22

Malwarebytes' Anti-Malware version 1.51.2.1300

MCE Software Encoder 1.1

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Works

Miro

Mozilla Firefox 7.0.1 (x86 en-GB)

Napster

Napster Burn Engine

Norton PC Checkup

NVIDIA Drivers

OpenOffice.org 3.2

Oracle VM VirtualBox 4.1.0

PartyPoker

Philips SPC 900NC PC Camera

Poker Academy

PokerStars

Power2Go

QuickTime

Realtek High Definition Audio Driver

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Sony Ericsson PC Suite 6.011.00

Spare Messaging

Strawberry Perl

Super-Bikes Riding Challenge

swMSM

TextPad 5

TomTom HOME 2.8.2.2264

TomTom HOME Visual Studio Merge Modules

Tunatic

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Service

VLC media player 0.9.9

Windows Live installer

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Toolbar

Windows Live Writer

Windows Media Player Firefox Plugin

WinRAR archiver

ZENcast Organizer

.

==== Event Viewer Messages From Past Week ========

.

07/11/2011 16:20:13, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.103 for the Network Card with network address 001D9217E5F0 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

07/11/2011 05:14:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

07/11/2011 05:14:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

07/11/2011 05:14:25, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC i8042prt NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx VBoxDrv VBoxUSBMon Wanarpv6

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2011 05:14:25, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2011 05:13:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

07/11/2011 05:13:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

07/11/2011 05:13:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

07/11/2011 05:13:51, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

07/11/2011 05:13:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

07/11/2011 05:13:16, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .

07/11/2011 05:13:16, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

07/11/2011 05:13:15, Error: EventLog [6008] - The previous system shutdown at 21:12:23 on 06/11/2011 was unexpected.

06/11/2011 11:58:05, Error: EventLog [6008] - The previous system shutdown at 11:56:04 on 06/11/2011 was unexpected.

04/11/2011 15:44:16, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

04/11/2011 15:42:55, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.6 for the Network Card with network address 001D9217E5F0 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

04/11/2011 15:42:48, Error: EventLog [6008] - The previous system shutdown at 15:39:24 on 04/11/2011 was unexpected.

.

==== End Of File ===========================

Thanks for your time.

Link to post
Share on other sites
Elise

Elise

Posted
Posted

Hello, and :welcome:

Lets do an additional rootkit scan here first.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Link to post
Share on other sites
jbarter

jbarter

Posted
  • Author
Posted

Hi I have run the TDSSKiller app but it found no problems...

16:04:20.0684 3560 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15

16:04:21.0028 3560 ============================================================

16:04:21.0028 3560 Current date / time: 2011/11/11 16:04:21.0028

16:04:21.0028 3560 SystemInfo:

16:04:21.0028 3560

16:04:21.0028 3560 OS Version: 6.0.6001 ServicePack: 1.0

16:04:21.0028 3560 Product type: Workstation

16:04:21.0028 3560 ComputerName: JEREMYBARTER-PC

16:04:21.0028 3560 UserName: Jeremy Barter

16:04:21.0028 3560 Windows directory: C:\Windows

16:04:21.0028 3560 System windows directory: C:\Windows

16:04:21.0028 3560 Processor architecture: Intel x86

16:04:21.0028 3560 Number of processors: 4

16:04:21.0028 3560 Page size: 0x1000

16:04:21.0028 3560 Boot type: Normal boot

16:04:21.0028 3560 ============================================================

16:04:22.0227 3560 Initialize success

16:04:25.0134 2308 ============================================================

16:04:25.0134 2308 Scan started

16:04:25.0134 2308 Mode: Manual;

16:04:25.0134 2308 ============================================================

16:04:27.0993 2308 3xHybrid (396538550667e0e2f5771b23e10154c2) C:\Windows\system32\DRIVERS\3xHybrid.sys

16:04:28.0009 2308 3xHybrid - ok

16:04:28.0056 2308 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

16:04:28.0056 2308 ACPI - ok

16:04:28.0087 2308 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

16:04:28.0103 2308 adp94xx - ok

16:04:28.0118 2308 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

16:04:28.0118 2308 adpahci - ok

16:04:28.0181 2308 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

16:04:28.0197 2308 adpu160m - ok

16:04:28.0212 2308 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

16:04:28.0212 2308 adpu320 - ok

16:04:28.0259 2308 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

16:04:28.0259 2308 AFD - ok

16:04:28.0322 2308 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys

16:04:28.0337 2308 AgereSoftModem - ok

16:04:28.0400 2308 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

16:04:28.0400 2308 agp440 - ok

16:04:28.0431 2308 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

16:04:28.0431 2308 aic78xx - ok

16:04:28.0462 2308 aliide (cc373bbc3fd0605b87cd14bd14ddeb77) C:\Windows\system32\drivers\aliide.sys

16:04:28.0462 2308 aliide - ok

16:04:28.0509 2308 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

16:04:28.0509 2308 amdagp - ok

16:04:28.0540 2308 amdide (4838c4620d501ae2c009d337ccaddc63) C:\Windows\system32\drivers\amdide.sys

16:04:28.0540 2308 amdide - ok

16:04:28.0572 2308 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

16:04:28.0572 2308 AmdK7 - ok

16:04:28.0603 2308 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

16:04:28.0603 2308 AmdK8 - ok

16:04:28.0681 2308 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

16:04:28.0681 2308 arc - ok

16:04:28.0697 2308 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

16:04:28.0712 2308 arcsas - ok

16:04:28.0759 2308 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

16:04:28.0759 2308 AsyncMac - ok

16:04:28.0806 2308 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

16:04:28.0806 2308 atapi - ok

16:04:28.0853 2308 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

16:04:28.0853 2308 Beep - ok

16:04:28.0868 2308 blbdrive - ok

16:04:28.0947 2308 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

16:04:28.0947 2308 bowser - ok

16:04:29.0009 2308 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

16:04:29.0009 2308 BrFiltLo - ok

16:04:29.0009 2308 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

16:04:29.0009 2308 BrFiltUp - ok

16:04:29.0040 2308 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

16:04:29.0040 2308 Brserid - ok

16:04:29.0056 2308 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

16:04:29.0056 2308 BrSerWdm - ok

16:04:29.0072 2308 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

16:04:29.0087 2308 BrUsbMdm - ok

16:04:29.0087 2308 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

16:04:29.0087 2308 BrUsbSer - ok

16:04:29.0118 2308 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

16:04:29.0118 2308 BTHMODEM - ok

16:04:29.0165 2308 camdrv41 (2948ebd41fa73c5743162a5c49ebf224) C:\Windows\system32\DRIVERS\camdrv41.sys

16:04:29.0181 2308 camdrv41 - ok

16:04:29.0259 2308 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

16:04:29.0259 2308 cdfs - ok

16:04:29.0353 2308 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

16:04:29.0353 2308 cdrom - ok

16:04:29.0400 2308 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

16:04:29.0400 2308 circlass - ok

16:04:29.0447 2308 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

16:04:29.0447 2308 CLFS - ok

16:04:29.0478 2308 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys

16:04:29.0478 2308 CmBatt - ok

16:04:29.0525 2308 cmdide (e7fd00f9016e3ca48c0d2a65602032ca) C:\Windows\system32\drivers\cmdide.sys

16:04:29.0525 2308 cmdide - ok

16:04:29.0572 2308 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

16:04:29.0572 2308 Compbatt - ok

16:04:29.0603 2308 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

16:04:29.0603 2308 crcdisk - ok

16:04:29.0618 2308 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

16:04:29.0618 2308 Crusoe - ok

16:04:29.0665 2308 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

16:04:29.0665 2308 DfsC - ok

16:04:29.0728 2308 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

16:04:29.0728 2308 disk - ok

16:04:29.0806 2308 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

16:04:29.0806 2308 drmkaud - ok

16:04:29.0868 2308 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

16:04:29.0868 2308 DXGKrnl - ok

16:04:29.0931 2308 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys

16:04:29.0931 2308 e1express - ok

16:04:29.0962 2308 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

16:04:29.0962 2308 E1G60 - ok

16:04:30.0072 2308 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

16:04:30.0072 2308 Ecache - ok

16:04:30.0118 2308 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

16:04:30.0118 2308 elxstor - ok

16:04:30.0197 2308 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

16:04:30.0197 2308 exfat - ok

16:04:30.0228 2308 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

16:04:30.0228 2308 fastfat - ok

16:04:30.0322 2308 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

16:04:30.0337 2308 fdc - ok

16:04:30.0368 2308 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

16:04:30.0368 2308 FileInfo - ok

16:04:30.0431 2308 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

16:04:30.0447 2308 Filetrace - ok

16:04:30.0478 2308 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

16:04:30.0478 2308 flpydisk - ok

16:04:30.0525 2308 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

16:04:30.0525 2308 FltMgr - ok

16:04:30.0556 2308 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

16:04:30.0556 2308 Fs_Rec - ok

16:04:30.0587 2308 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

16:04:30.0587 2308 gagp30kx - ok

16:04:30.0665 2308 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:04:30.0665 2308 GEARAspiWDM - ok

16:04:30.0697 2308 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys

16:04:30.0697 2308 ggflt - ok

16:04:30.0728 2308 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys

16:04:30.0728 2308 ggsemc - ok

16:04:30.0790 2308 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

16:04:30.0790 2308 HdAudAddService - ok

16:04:30.0837 2308 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:04:30.0837 2308 HDAudBus - ok

16:04:31.0087 2308 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

16:04:31.0103 2308 HidBth - ok

16:04:31.0134 2308 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

16:04:31.0134 2308 HidIr - ok

16:04:31.0197 2308 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

16:04:31.0212 2308 HidUsb - ok

16:04:31.0259 2308 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

16:04:31.0259 2308 HpCISSs - ok

16:04:31.0306 2308 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

16:04:31.0322 2308 HTTP - ok

16:04:31.0368 2308 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

16:04:31.0368 2308 i2omp - ok

16:04:31.0447 2308 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

16:04:31.0447 2308 i8042prt - ok

16:04:31.0556 2308 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys

16:04:31.0572 2308 ialm - ok

16:04:31.0618 2308 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

16:04:31.0618 2308 iaStorV - ok

16:04:31.0650 2308 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

16:04:31.0650 2308 iirsp - ok

16:04:31.0728 2308 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys

16:04:31.0728 2308 IntcAzAudAddService - ok

16:04:31.0790 2308 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys

16:04:31.0790 2308 intelide - ok

16:04:31.0900 2308 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

16:04:31.0900 2308 intelppm - ok

16:04:31.0978 2308 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:04:31.0978 2308 IpFilterDriver - ok

16:04:31.0978 2308 IpInIp - ok

16:04:31.0993 2308 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

16:04:32.0009 2308 IPMIDRV - ok

16:04:32.0040 2308 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

16:04:32.0040 2308 IPNAT - ok

16:04:32.0072 2308 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

16:04:32.0072 2308 IRENUM - ok

16:04:32.0165 2308 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

16:04:32.0181 2308 isapnp - ok

16:04:32.0259 2308 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

16:04:32.0275 2308 iScsiPrt - ok

16:04:32.0290 2308 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

16:04:32.0290 2308 iteatapi - ok

16:04:32.0306 2308 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

16:04:32.0306 2308 iteraid - ok

16:04:32.0353 2308 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

16:04:32.0353 2308 kbdclass - ok

16:04:32.0712 2308 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

16:04:32.0728 2308 kbdhid - ok

16:04:32.0822 2308 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

16:04:32.0853 2308 KSecDD - ok

16:04:32.0947 2308 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

16:04:32.0947 2308 lltdio - ok

16:04:33.0040 2308 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

16:04:33.0040 2308 LSI_FC - ok

16:04:33.0056 2308 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

16:04:33.0056 2308 LSI_SAS - ok

16:04:33.0087 2308 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

16:04:33.0087 2308 LSI_SCSI - ok

16:04:33.0134 2308 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

16:04:33.0134 2308 luafv - ok

16:04:33.0165 2308 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

16:04:33.0165 2308 MBAMProtector - ok

16:04:33.0197 2308 MBAMSwissArmy - ok

16:04:33.0228 2308 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

16:04:33.0228 2308 megasas - ok

16:04:33.0275 2308 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

16:04:33.0275 2308 Modem - ok

16:04:33.0322 2308 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

16:04:33.0322 2308 monitor - ok

16:04:33.0478 2308 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

16:04:33.0493 2308 mouclass - ok

16:04:33.0572 2308 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

16:04:33.0572 2308 mouhid - ok

16:04:33.0618 2308 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

16:04:33.0618 2308 MountMgr - ok

16:04:33.0665 2308 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

16:04:33.0665 2308 mpio - ok

16:04:33.0697 2308 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

16:04:33.0697 2308 mpsdrv - ok

16:04:33.0728 2308 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

16:04:33.0728 2308 Mraid35x - ok

16:04:33.0759 2308 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

16:04:33.0759 2308 MRxDAV - ok

16:04:33.0790 2308 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:04:33.0790 2308 mrxsmb - ok

16:04:33.0868 2308 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:04:33.0868 2308 mrxsmb10 - ok

16:04:33.0884 2308 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:04:33.0884 2308 mrxsmb20 - ok

16:04:33.0915 2308 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

16:04:33.0915 2308 msahci - ok

16:04:33.0947 2308 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

16:04:33.0947 2308 msdsm - ok

16:04:33.0993 2308 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

16:04:33.0993 2308 Msfs - ok

16:04:34.0056 2308 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

16:04:34.0056 2308 msisadrv - ok

16:04:34.0103 2308 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

16:04:34.0103 2308 MSKSSRV - ok

16:04:34.0118 2308 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

16:04:34.0118 2308 MSPCLOCK - ok

16:04:34.0165 2308 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

16:04:34.0165 2308 MSPQM - ok

16:04:34.0212 2308 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

16:04:34.0212 2308 MsRPC - ok

16:04:34.0228 2308 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

16:04:34.0228 2308 mssmbios - ok

16:04:34.0243 2308 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

16:04:34.0243 2308 MSTEE - ok

16:04:34.0290 2308 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

16:04:34.0290 2308 Mup - ok

16:04:34.0353 2308 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

16:04:34.0353 2308 NativeWifiP - ok

16:04:34.0431 2308 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

16:04:34.0431 2308 NDIS - ok

16:04:34.0493 2308 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

16:04:34.0493 2308 NdisTapi - ok

16:04:34.0540 2308 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

16:04:34.0540 2308 Ndisuio - ok

16:04:34.0572 2308 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

16:04:34.0572 2308 NdisWan - ok

16:04:34.0618 2308 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

16:04:34.0618 2308 NDProxy - ok

16:04:34.0634 2308 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

16:04:34.0634 2308 NetBIOS - ok

16:04:34.0681 2308 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

16:04:34.0681 2308 netbt - ok

16:04:34.0759 2308 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys

16:04:34.0790 2308 NETw3v32 - ok

16:04:34.0837 2308 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

16:04:34.0837 2308 nfrd960 - ok

16:04:34.0853 2308 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

16:04:34.0853 2308 Npfs - ok

16:04:34.0884 2308 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

16:04:34.0884 2308 nsiproxy - ok

16:04:34.0978 2308 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

16:04:34.0993 2308 Ntfs - ok

16:04:35.0040 2308 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

16:04:35.0040 2308 ntrigdigi - ok

16:04:35.0103 2308 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

16:04:35.0103 2308 Null - ok

16:04:35.0259 2308 nvlddmkm (1eeda71e7e1e8862d5b532d9ebd7369e) C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:04:35.0368 2308 nvlddmkm - ok

16:04:35.0447 2308 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

16:04:35.0447 2308 nvraid - ok

16:04:35.0462 2308 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

16:04:35.0462 2308 nvstor - ok

16:04:35.0462 2308 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

16:04:35.0462 2308 nv_agp - ok

16:04:35.0478 2308 NwlnkFlt - ok

16:04:35.0478 2308 NwlnkFwd - ok

16:04:35.0525 2308 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

16:04:35.0525 2308 ohci1394 - ok

16:04:35.0556 2308 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

16:04:35.0556 2308 Parport - ok

16:04:35.0603 2308 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

16:04:35.0603 2308 partmgr - ok

16:04:35.0665 2308 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

16:04:35.0665 2308 Parvdm - ok

16:04:35.0712 2308 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

16:04:35.0712 2308 pci - ok

16:04:35.0743 2308 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

16:04:35.0743 2308 pciide - ok

16:04:35.0775 2308 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

16:04:35.0775 2308 pcmcia - ok

16:04:35.0822 2308 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

16:04:35.0822 2308 PEAUTH - ok

16:04:35.0915 2308 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

16:04:35.0915 2308 PptpMiniport - ok

16:04:35.0947 2308 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

16:04:35.0947 2308 Processor - ok

16:04:35.0993 2308 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

16:04:36.0009 2308 PSched - ok

16:04:36.0040 2308 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

16:04:36.0040 2308 PxHelp20 - ok

16:04:36.0103 2308 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

16:04:36.0118 2308 ql2300 - ok

16:04:36.0165 2308 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

16:04:36.0181 2308 ql40xx - ok

16:04:36.0212 2308 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

16:04:36.0212 2308 QWAVEdrv - ok

16:04:36.0259 2308 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

16:04:36.0259 2308 RasAcd - ok

16:04:36.0322 2308 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:04:36.0322 2308 Rasl2tp - ok

16:04:36.0353 2308 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

16:04:36.0353 2308 RasPppoe - ok

16:04:36.0384 2308 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

16:04:36.0384 2308 RasSstp - ok

16:04:36.0447 2308 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

16:04:36.0447 2308 rdbss - ok

16:04:36.0493 2308 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:04:36.0493 2308 RDPCDD - ok

16:04:36.0525 2308 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

16:04:36.0525 2308 rdpdr - ok

16:04:36.0556 2308 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

16:04:36.0556 2308 RDPENCDD - ok

16:04:36.0587 2308 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

16:04:36.0587 2308 RDPWD - ok

16:04:36.0634 2308 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

16:04:36.0634 2308 rspndr - ok

16:04:36.0728 2308 rt61x86 (dd0bacc94b640abd17901557814e0bff) C:\Windows\system32\DRIVERS\netr61.sys

16:04:36.0728 2308 rt61x86 - ok

16:04:36.0743 2308 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys

16:04:36.0759 2308 RTL8169 - ok

16:04:36.0775 2308 s0017bus (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys

16:04:36.0775 2308 s0017bus - ok

16:04:36.0853 2308 s0017mdfl (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys

16:04:36.0853 2308 s0017mdfl - ok

16:04:36.0900 2308 s0017mdm (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys

16:04:36.0900 2308 s0017mdm - ok

16:04:36.0947 2308 s0017mgmt (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys

16:04:36.0947 2308 s0017mgmt - ok

16:04:36.0993 2308 s0017nd5 (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys

16:04:36.0993 2308 s0017nd5 - ok

16:04:37.0040 2308 s0017obex (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys

16:04:37.0040 2308 s0017obex - ok

16:04:37.0087 2308 s0017unic (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys

16:04:37.0087 2308 s0017unic - ok

16:04:37.0118 2308 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

16:04:37.0118 2308 sbp2port - ok

16:04:37.0150 2308 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

16:04:37.0150 2308 secdrv - ok

16:04:37.0212 2308 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys

16:04:37.0212 2308 seehcri - ok

16:04:37.0259 2308 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

16:04:37.0259 2308 Serenum - ok

16:04:37.0290 2308 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

16:04:37.0290 2308 Serial - ok

16:04:37.0337 2308 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

16:04:37.0337 2308 sermouse - ok

16:04:37.0368 2308 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys

16:04:37.0384 2308 sffdisk - ok

16:04:37.0384 2308 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys

16:04:37.0400 2308 sffp_mmc - ok

16:04:37.0400 2308 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys

16:04:37.0400 2308 sffp_sd - ok

16:04:37.0462 2308 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

16:04:37.0462 2308 sfloppy - ok

16:04:37.0478 2308 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

16:04:37.0478 2308 sisagp - ok

16:04:37.0493 2308 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

16:04:37.0493 2308 SiSRaid2 - ok

16:04:37.0509 2308 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

16:04:37.0525 2308 SiSRaid4 - ok

16:04:37.0556 2308 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

16:04:37.0556 2308 Smb - ok

16:04:37.0618 2308 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

16:04:37.0618 2308 spldr - ok

16:04:37.0665 2308 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

16:04:37.0665 2308 srv - ok

16:04:37.0728 2308 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

16:04:37.0728 2308 srv2 - ok

16:04:37.0743 2308 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

16:04:37.0743 2308 srvnet - ok

16:04:37.0806 2308 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

16:04:37.0806 2308 swenum - ok

16:04:37.0822 2308 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

16:04:37.0837 2308 Symc8xx - ok

16:04:37.0837 2308 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

16:04:37.0853 2308 Sym_hi - ok

16:04:37.0868 2308 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

16:04:37.0868 2308 Sym_u3 - ok

16:04:37.0947 2308 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

16:04:37.0962 2308 Tcpip - ok

16:04:38.0009 2308 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

16:04:38.0009 2308 Tcpip6 - ok

16:04:38.0165 2308 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

16:04:38.0165 2308 tcpipreg - ok

16:04:38.0212 2308 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

16:04:38.0212 2308 TDPIPE - ok

16:04:38.0212 2308 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

16:04:38.0212 2308 TDTCP - ok

16:04:38.0259 2308 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

16:04:38.0259 2308 tdx - ok

16:04:38.0322 2308 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

16:04:38.0322 2308 TermDD - ok

16:04:38.0353 2308 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:04:38.0353 2308 tssecsrv - ok

16:04:38.0368 2308 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

16:04:38.0368 2308 tunmp - ok

16:04:38.0415 2308 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

16:04:38.0415 2308 tunnel - ok

16:04:38.0447 2308 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

16:04:38.0447 2308 uagp35 - ok

16:04:38.0493 2308 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

16:04:38.0493 2308 udfs - ok

16:04:38.0509 2308 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

16:04:38.0509 2308 uliagpkx - ok

16:04:38.0525 2308 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

16:04:38.0540 2308 uliahci - ok

16:04:38.0556 2308 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

16:04:38.0556 2308 UlSata - ok

16:04:38.0572 2308 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

16:04:38.0572 2308 ulsata2 - ok

16:04:38.0618 2308 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

16:04:38.0618 2308 umbus - ok

16:04:38.0697 2308 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys

16:04:38.0697 2308 USBAAPL - ok

16:04:38.0759 2308 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys

16:04:38.0759 2308 usbaudio - ok

16:04:38.0806 2308 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

16:04:38.0806 2308 usbccgp - ok

16:04:38.0822 2308 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

16:04:38.0822 2308 usbcir - ok

16:04:38.0868 2308 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

16:04:38.0868 2308 usbehci - ok

16:04:38.0931 2308 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

16:04:38.0931 2308 usbhub - ok

16:04:38.0978 2308 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

16:04:38.0978 2308 usbohci - ok

16:04:39.0025 2308 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

16:04:39.0025 2308 usbprint - ok

16:04:39.0087 2308 usbser (a96191470581a7091420d25ecd444502) C:\Windows\system32\DRIVERS\usbser.sys

16:04:39.0103 2308 usbser - ok

16:04:39.0150 2308 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:04:39.0150 2308 USBSTOR - ok

16:04:39.0165 2308 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

16:04:39.0165 2308 usbuhci - ok

16:04:39.0228 2308 VBoxDrv (30c64b663efebc34c0070838bcca32ef) C:\Windows\system32\DRIVERS\VBoxDrv.sys

16:04:39.0228 2308 VBoxDrv - ok

16:04:39.0290 2308 VBoxNetAdp (3d4b1f1f81ef8813348c01081f8b2a17) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

16:04:39.0290 2308 VBoxNetAdp - ok

16:04:39.0322 2308 VBoxNetFlt (634b2797abf28158d1667500c78ce6d1) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

16:04:39.0322 2308 VBoxNetFlt - ok

16:04:39.0353 2308 VBoxUSBMon (6aeaf649ef06dbb3f83efe2249472e38) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

16:04:39.0353 2308 VBoxUSBMon - ok

16:04:39.0415 2308 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

16:04:39.0415 2308 vga - ok

16:04:39.0462 2308 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

16:04:39.0462 2308 VgaSave - ok

16:04:39.0493 2308 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

16:04:39.0493 2308 viaagp - ok

16:04:39.0509 2308 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

16:04:39.0509 2308 ViaC7 - ok

16:04:39.0525 2308 viaide (48c9b50cddd51a205f7aa1639b3d4822) C:\Windows\system32\drivers\viaide.sys

16:04:39.0525 2308 viaide - ok

16:04:39.0587 2308 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

16:04:39.0587 2308 volmgr - ok

16:04:39.0618 2308 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

16:04:39.0634 2308 volmgrx - ok

16:04:39.0681 2308 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

16:04:39.0681 2308 volsnap - ok

16:04:39.0712 2308 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

16:04:39.0712 2308 vsmraid - ok

16:04:39.0743 2308 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

16:04:39.0759 2308 WacomPen - ok

16:04:39.0790 2308 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

16:04:39.0790 2308 Wanarp - ok

16:04:39.0790 2308 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

16:04:39.0790 2308 Wanarpv6 - ok

16:04:39.0853 2308 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

16:04:39.0853 2308 Wd - ok

16:04:39.0900 2308 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

16:04:39.0900 2308 Wdf01000 - ok

16:04:39.0962 2308 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys

16:04:39.0962 2308 WmiAcpi - ok

16:04:40.0025 2308 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

16:04:40.0025 2308 WpdUsb - ok

16:04:40.0072 2308 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

16:04:40.0072 2308 ws2ifsl - ok

16:04:40.0150 2308 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:04:40.0150 2308 WUDFRd - ok

16:04:40.0181 2308 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

16:04:40.0197 2308 \Device\Harddisk0\DR0 - ok

16:04:40.0197 2308 Boot (0x1200) (41e2aaa28ebccc9337a4a32df794d47d) \Device\Harddisk0\DR0\Partition0

16:04:40.0197 2308 \Device\Harddisk0\DR0\Partition0 - ok

16:04:40.0212 2308 Boot (0x1200) (d5b054a9ee1e620f19211da034451b04) \Device\Harddisk0\DR0\Partition1

16:04:40.0212 2308 \Device\Harddisk0\DR0\Partition1 - ok

16:04:40.0212 2308 ============================================================

16:04:40.0212 2308 Scan finished

16:04:40.0212 2308 ============================================================

16:04:40.0212 3848 Detected object count: 0

16:04:40.0212 3848 Actual detected object count: 0

16:05:20.0587 2252 Deinitialize success

Any further advice would be really appreciated.

Many Thanks

Link to post
Share on other sites
Elise

Elise

Posted
Posted

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites
  • 2 weeks later...
  • 3 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.