Page 2 of 15 FirstFirst 12345612 ... LastLast
Results 11 to 20 of 144

Thread: A dirty little bug is in my house

  1. #11
    Member
    Join Date
    Oct 2011
    Posts
    81

    Default

    ok...here's the greek...aka...'puter speak, from that scan.

    18:06:19.0752 1136 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
    18:06:20.0160 1136 ============================================================
    18:06:20.0160 1136 Current date / time: 2011/10/31 18:06:20.0160
    18:06:20.0160 1136 SystemInfo:
    18:06:20.0160 1136
    18:06:20.0161 1136 OS Version: 6.0.6002 ServicePack: 2.0
    18:06:20.0161 1136 Product type: Workstation
    18:06:20.0161 1136 ComputerName: FAMILY-PC
    18:06:20.0162 1136 UserName: Family
    18:06:20.0162 1136 Windows directory: C:\Windows
    18:06:20.0162 1136 System windows directory: C:\Windows
    18:06:20.0162 1136 Processor architecture: Intel x86
    18:06:20.0162 1136 Number of processors: 2
    18:06:20.0162 1136 Page size: 0x1000
    18:06:20.0162 1136 Boot type: Normal boot
    18:06:20.0162 1136 ============================================================
    18:06:21.0114 1136 Initialize success
    18:06:22.0487 2168 ============================================================
    18:06:22.0487 2168 Scan started
    18:06:22.0487 2168 Mode: Manual;
    18:06:22.0487 2168 ============================================================
    18:06:22.0955 2168 .kbdclass - ok
    18:06:23.0347 2168 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    18:06:23.0357 2168 ACPI - ok
    18:06:23.0452 2168 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    18:06:23.0462 2168 adp94xx - ok
    18:06:23.0531 2168 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    18:06:23.0538 2168 adpahci - ok
    18:06:23.0639 2168 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    18:06:23.0644 2168 adpu160m - ok
    18:06:23.0691 2168 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    18:06:23.0695 2168 adpu320 - ok
    18:06:23.0800 2168 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    18:06:23.0811 2168 AFD - ok
    18:06:23.0990 2168 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
    18:06:23.0994 2168 agp440 - ok
    18:06:24.0045 2168 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    18:06:24.0048 2168 aic78xx - ok
    18:06:24.0102 2168 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
    18:06:24.0104 2168 aliide - ok
    18:06:24.0163 2168 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
    18:06:24.0166 2168 amdagp - ok
    18:06:24.0211 2168 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
    18:06:24.0212 2168 amdide - ok
    18:06:24.0346 2168 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    18:06:24.0348 2168 AmdK7 - ok
    18:06:24.0393 2168 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
    18:06:24.0395 2168 AmdK8 - ok
    18:06:24.0479 2168 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
    18:06:24.0483 2168 ApfiltrService - ok
    18:06:24.0661 2168 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    18:06:24.0663 2168 arc - ok
    18:06:24.0730 2168 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    18:06:24.0734 2168 arcsas - ok
    18:06:24.0804 2168 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    18:06:24.0806 2168 AsyncMac - ok
    18:06:24.0922 2168 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    18:06:24.0923 2168 atapi - ok
    18:06:25.0082 2168 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    18:06:25.0086 2168 AVGIDSDriver - ok
    18:06:25.0157 2168 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    18:06:25.0158 2168 AVGIDSEH - ok
    18:06:25.0244 2168 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    18:06:25.0246 2168 AVGIDSFilter - ok
    18:06:25.0327 2168 AVGIDSShim (54d710b7d2e30e1ddc8ce2c6e685576b) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
    18:06:25.0328 2168 AVGIDSShim - ok
    18:06:25.0424 2168 Avgldx86 (f4dbbc8d3c5338693da23c59a50f8abc) C:\Windows\system32\DRIVERS\avgldx86.sys
    18:06:25.0430 2168 Avgldx86 - ok
    18:06:25.0525 2168 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
    18:06:25.0527 2168 Avgmfx86 - ok
    18:06:25.0628 2168 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
    18:06:25.0630 2168 Avgrkx86 - ok
    18:06:25.0712 2168 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
    18:06:25.0720 2168 Avgtdix - ok
    18:06:25.0832 2168 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
    18:06:25.0836 2168 b57nd60x - ok
    18:06:25.0969 2168 BCM43XX (559db7c7d958c6262cc3efee4ad95cce) C:\Windows\system32\DRIVERS\bcmwl6.sys
    18:06:25.0992 2168 BCM43XX - ok
    18:06:26.0076 2168 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    18:06:26.0077 2168 Beep - ok
    18:06:26.0168 2168 blbdrive - ok
    18:06:26.0241 2168 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    18:06:26.0244 2168 bowser - ok
    18:06:26.0338 2168 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    18:06:26.0340 2168 BrFiltLo - ok
    18:06:26.0440 2168 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    18:06:26.0441 2168 BrFiltUp - ok
    18:06:26.0542 2168 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    18:06:26.0544 2168 Brserid - ok
    18:06:26.0595 2168 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    18:06:26.0598 2168 BrSerWdm - ok
    18:06:26.0682 2168 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    18:06:26.0684 2168 BrUsbMdm - ok
    18:06:26.0737 2168 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    18:06:26.0739 2168 BrUsbSer - ok
    18:06:26.0831 2168 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    18:06:26.0834 2168 BTHMODEM - ok
    18:06:26.0878 2168 catchme - ok
    18:06:26.0964 2168 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    18:06:26.0967 2168 cdfs - ok
    18:06:27.0025 2168 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
    18:06:27.0030 2168 cdrom - ok
    18:06:27.0145 2168 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
    18:06:27.0147 2168 circlass - ok
    18:06:27.0229 2168 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    18:06:27.0238 2168 CLFS - ok
    18:06:27.0365 2168 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    18:06:27.0367 2168 CmBatt - ok
    18:06:27.0432 2168 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
    18:06:27.0434 2168 cmdide - ok
    18:06:27.0500 2168 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    18:06:27.0502 2168 Compbatt - ok
    18:06:27.0564 2168 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    18:06:27.0566 2168 crcdisk - ok
    18:06:27.0617 2168 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    18:06:27.0619 2168 Crusoe - ok
    18:06:27.0765 2168 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    18:06:27.0768 2168 DfsC - ok
    18:06:27.0935 2168 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    18:06:27.0937 2168 disk - ok
    18:06:28.0086 2168 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    18:06:28.0088 2168 drmkaud - ok
    18:06:28.0184 2168 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    18:06:28.0185 2168 DSproct - ok
    18:06:28.0255 2168 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
    18:06:28.0258 2168 dsunidrv - ok
    18:06:28.0340 2168 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    18:06:28.0375 2168 DXGKrnl - ok
    18:06:28.0471 2168 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
    18:06:28.0476 2168 e1express - ok
    18:06:28.0561 2168 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
    18:06:28.0565 2168 E1G60 - ok
    18:06:28.0667 2168 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    18:06:28.0673 2168 Ecache - ok
    18:06:28.0798 2168 ElRawDisk (b8eac99b14772bdc36ca963aed109fa2) C:\Windows\system32\drivers\rsdrv.sys
    18:06:28.0802 2168 ElRawDisk - ok
    18:06:28.0901 2168 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    18:06:28.0910 2168 elxstor - ok
    18:06:29.0052 2168 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    18:06:29.0059 2168 exfat - ok
    18:06:29.0123 2168 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    18:06:29.0128 2168 fastfat - ok
    18:06:29.0251 2168 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
    18:06:29.0252 2168 fdc - ok
    18:06:29.0340 2168 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    18:06:29.0343 2168 FileInfo - ok
    18:06:29.0415 2168 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    18:06:29.0419 2168 Filetrace - ok
    18:06:29.0470 2168 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
    18:06:29.0472 2168 flpydisk - ok
    18:06:29.0584 2168 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    18:06:29.0591 2168 FltMgr - ok
    18:06:29.0756 2168 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
    18:06:29.0758 2168 fssfltr - ok
    18:06:29.0901 2168 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    18:06:29.0904 2168 Fs_Rec - ok
    18:06:29.0961 2168 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\Windows\system32\drivers\ftdibus.sys
    18:06:29.0964 2168 FTDIBUS - ok
    18:06:30.0046 2168 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\Windows\system32\drivers\ftser2k.sys
    18:06:30.0049 2168 FTSER2K - ok
    18:06:30.0113 2168 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    18:06:30.0116 2168 gagp30kx - ok
    18:06:30.0185 2168 GEARAspiWDM - ok
    18:06:30.0374 2168 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    18:06:30.0410 2168 HDAudBus - ok
    18:06:30.0555 2168 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    18:06:30.0556 2168 HidBth - ok
    18:06:30.0603 2168 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    18:06:30.0605 2168 HidIr - ok
    18:06:30.0694 2168 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    18:06:30.0697 2168 HidUsb - ok
    18:06:30.0865 2168 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    18:06:30.0867 2168 HpCISSs - ok
    18:06:31.0026 2168 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
    18:06:31.0048 2168 HSF_DPV - ok
    18:06:31.0119 2168 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
    18:06:31.0127 2168 HSXHWAZL - ok
    18:06:31.0202 2168 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    18:06:31.0226 2168 HTTP - ok
    18:06:31.0329 2168 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    18:06:31.0332 2168 i2omp - ok
    18:06:31.0453 2168 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    18:06:31.0457 2168 i8042prt - ok
    18:06:31.0533 2168 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
    18:06:31.0540 2168 iaStor - ok
    18:06:31.0659 2168 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    18:06:31.0667 2168 iaStorV - ok
    18:06:31.0883 2168 igfx (bbace0293b73bf8c7cb591f2d06f26fa) C:\Windows\system32\DRIVERS\igdkmd32.sys
    18:06:31.0925 2168 igfx - ok
    18:06:32.0124 2168 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    18:06:32.0127 2168 iirsp - ok
    18:06:32.0201 2168 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
    18:06:32.0204 2168 intelide - ok
    18:06:32.0311 2168 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    18:06:32.0313 2168 intelppm - ok
    18:06:32.0417 2168 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    18:06:32.0422 2168 IpFilterDriver - ok
    18:06:32.0502 2168 IpInIp - ok
    18:06:32.0573 2168 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    18:06:32.0577 2168 IPMIDRV - ok
    18:06:32.0671 2168 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    18:06:32.0677 2168 IPNAT - ok
    18:06:32.0754 2168 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    18:06:32.0757 2168 IRENUM - ok
    18:06:32.0827 2168 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
    18:06:32.0830 2168 isapnp - ok
    18:06:32.0917 2168 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    18:06:32.0924 2168 iScsiPrt - ok
    18:06:32.0990 2168 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    18:06:32.0993 2168 iteatapi - ok
    18:06:33.0093 2168 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    18:06:33.0098 2168 iteraid - ok
    18:06:33.0173 2168 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    18:06:33.0176 2168 kbdhid - ok
    18:06:33.0266 2168 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    18:06:33.0290 2168 KSecDD - ok
    18:06:33.0419 2168 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
    18:06:33.0422 2168 Lbd - ok
    18:06:33.0507 2168 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    18:06:33.0511 2168 lltdio - ok
    18:06:33.0596 2168 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    18:06:33.0600 2168 LSI_FC - ok
    18:06:33.0683 2168 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    18:06:33.0687 2168 LSI_SAS - ok
    18:06:33.0778 2168 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    18:06:33.0782 2168 LSI_SCSI - ok
    18:06:33.0854 2168 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    18:06:33.0858 2168 luafv - ok
    18:06:33.0957 2168 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
    18:06:33.0959 2168 LVPr2Mon - ok
    18:06:34.0091 2168 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\Windows\system32\DRIVERS\lvrs.sys
    18:06:34.0103 2168 LVRS - ok
    18:06:34.0483 2168 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
    18:06:34.0775 2168 LVUVC - ok
    18:06:34.0939 2168 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    18:06:34.0951 2168 mdmxsdk - ok
    18:06:35.0083 2168 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    18:06:35.0086 2168 megasas - ok
    18:06:35.0167 2168 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    18:06:35.0169 2168 Modem - ok
    18:06:35.0356 2168 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    18:06:35.0359 2168 monitor - ok
    18:06:35.0446 2168 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    18:06:35.0451 2168 mouclass - ok
    18:06:35.0491 2168 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    18:06:35.0494 2168 mouhid - ok
    18:06:35.0561 2168 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    18:06:35.0564 2168 MountMgr - ok
    18:06:35.0722 2168 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    18:06:35.0728 2168 mpio - ok
    18:06:35.0817 2168 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    18:06:35.0822 2168 mpsdrv - ok
    18:06:35.0890 2168 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    18:06:35.0893 2168 Mraid35x - ok
    18:06:36.0002 2168 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    18:06:36.0006 2168 MREMP50 - ok
    18:06:36.0118 2168 MREMP50a64 - ok
    18:06:36.0160 2168 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    18:06:36.0164 2168 MRESP50 - ok
    18:06:36.0215 2168 MRESP50a64 - ok
    18:06:36.0308 2168 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    18:06:36.0313 2168 MRxDAV - ok
    18:06:36.0510 2168 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    18:06:36.0514 2168 mrxsmb - ok
    18:06:36.0655 2168 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    18:06:36.0662 2168 mrxsmb10 - ok
    18:06:36.0722 2168 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    18:06:36.0726 2168 mrxsmb20 - ok
    18:06:36.0808 2168 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
    18:06:36.0812 2168 msahci - ok
    18:06:36.0868 2168 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    18:06:36.0874 2168 msdsm - ok
    18:06:37.0051 2168 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    18:06:37.0053 2168 Msfs - ok
    18:06:37.0117 2168 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    18:06:37.0120 2168 msisadrv - ok
    18:06:37.0219 2168 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    18:06:37.0222 2168 MSKSSRV - ok
    18:06:37.0335 2168 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    18:06:37.0338 2168 MSPCLOCK - ok
    18:06:37.0399 2168 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    18:06:37.0402 2168 MSPQM - ok
    18:06:37.0475 2168 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    18:06:37.0481 2168 MsRPC - ok
    18:06:37.0551 2168 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    18:06:37.0553 2168 mssmbios - ok
    18:06:37.0694 2168 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    18:06:37.0697 2168 MSTEE - ok
    18:06:37.0758 2168 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    18:06:37.0760 2168 Mup - ok
    18:06:37.0879 2168 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    18:06:37.0887 2168 NativeWifiP - ok
    18:06:38.0056 2168 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    18:06:38.0092 2168 NDIS - ok
    18:06:38.0170 2168 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    18:06:38.0174 2168 NdisTapi - ok
    18:06:38.0275 2168 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    18:06:38.0278 2168 Ndisuio - ok
    18:06:38.0520 2168 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    18:06:38.0526 2168 NdisWan - ok
    18:06:38.0588 2168 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    18:06:38.0593 2168 NDProxy - ok
    18:06:38.0666 2168 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    18:06:38.0669 2168 NetBIOS - ok
    18:06:38.0809 2168 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    18:06:38.0817 2168 netbt - ok
    18:06:38.0924 2168 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    18:06:38.0929 2168 nfrd960 - ok
    18:06:39.0011 2168 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    18:06:39.0014 2168 Npfs - ok
    18:06:39.0123 2168 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    18:06:39.0126 2168 nsiproxy - ok
    18:06:39.0239 2168 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    18:06:39.0285 2168 Ntfs - ok
    18:06:39.0368 2168 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    18:06:39.0372 2168 ntrigdigi - ok
    18:06:39.0432 2168 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    18:06:39.0435 2168 Null - ok
    18:06:39.0627 2168 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
    18:06:39.0643 2168 nvraid - ok
    18:06:39.0738 2168 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    18:06:39.0743 2168 nvstor - ok
    18:06:39.0857 2168 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
    18:06:39.0863 2168 nv_agp - ok
    18:06:39.0918 2168 NwlnkFlt - ok
    18:06:40.0059 2168 NwlnkFwd - ok
    18:06:40.0153 2168 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    18:06:40.0157 2168 ohci1394 - ok
    18:06:40.0314 2168 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    18:06:40.0319 2168 Parport - ok
    18:06:40.0385 2168 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    18:06:40.0388 2168 partmgr - ok
    18:06:40.0445 2168 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    18:06:40.0448 2168 Parvdm - ok
    18:06:40.0524 2168 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    18:06:40.0529 2168 pci - ok
    18:06:40.0635 2168 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    18:06:40.0637 2168 pciide - ok
    18:06:40.0725 2168 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    18:06:40.0733 2168 pcmcia - ok
    18:06:40.0820 2168 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
    18:06:40.0824 2168 pcouffin - ok
    18:06:41.0078 2168 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    18:06:41.0123 2168 PEAUTH - ok
    18:06:41.0278 2168 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    18:06:41.0283 2168 PptpMiniport - ok
    18:06:41.0347 2168 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    18:06:41.0351 2168 Processor - ok
    18:06:41.0433 2168 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    18:06:41.0437 2168 PSched - ok
    18:06:41.0579 2168 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
    18:06:41.0581 2168 PxHelp20 - ok
    18:06:41.0693 2168 qgdttjh - ok
    18:06:41.0824 2168 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    18:06:41.0858 2168 ql2300 - ok
    18:06:42.0135 2168 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    18:06:42.0141 2168 ql40xx - ok
    18:06:42.0215 2168 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    18:06:42.0218 2168 QWAVEdrv - ok
    18:06:42.0408 2168 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
    18:06:42.0485 2168 R300 - ok
    18:06:42.0579 2168 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    18:06:42.0583 2168 RasAcd - ok
    18:06:42.0735 2168 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    18:06:42.0740 2168 Rasl2tp - ok
    18:06:42.0872 2168 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    18:06:42.0876 2168 RasPppoe - ok
    18:06:42.0949 2168 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    18:06:42.0955 2168 RasSstp - ok
    18:06:43.0030 2168 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    18:06:43.0038 2168 rdbss - ok
    18:06:43.0168 2168 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    18:06:43.0171 2168 RDPCDD - ok
    18:06:43.0308 2168 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
    18:06:43.0318 2168 rdpdr - ok
    18:06:43.0360 2168 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    18:06:43.0364 2168 RDPENCDD - ok
    18:06:43.0450 2168 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    18:06:43.0459 2168 RDPWD - ok
    18:06:43.0545 2168 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
    18:06:43.0549 2168 rimmptsk - ok
    18:06:43.0674 2168 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
    18:06:43.0678 2168 rimsptsk - ok
    18:06:43.0726 2168 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
    18:06:43.0730 2168 rismxdp - ok
    18:06:43.0837 2168 RPSKT - ok
    18:06:43.0927 2168 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    18:06:43.0935 2168 rspndr - ok
    18:06:44.0074 2168 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    18:06:44.0079 2168 sbp2port - ok
    18:06:44.0144 2168 SBRE (0505da5d357f18a5d42fc5dede6bc9a0) C:\Windows\system32\drivers\SBREdrv.sys
    18:06:44.0149 2168 SBRE - ok
    18:06:44.0271 2168 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    18:06:44.0276 2168 sdbus - ok
    18:06:44.0339 2168 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    18:06:44.0342 2168 secdrv - ok
    18:06:44.0471 2168 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
    18:06:44.0474 2168 Serenum - ok
    18:06:44.0524 2168 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    18:06:44.0529 2168 Serial - ok
    18:06:44.0602 2168 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    18:06:44.0605 2168 sermouse - ok
    18:06:44.0707 2168 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    18:06:44.0711 2168 sffdisk - ok
    18:06:44.0817 2168 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
    18:06:44.0820 2168 sffp_mmc - ok
    18:06:44.0879 2168 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    18:06:44.0883 2168 sffp_sd - ok
    18:06:44.0943 2168 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    18:06:44.0946 2168 sfloppy - ok
    18:06:45.0015 2168 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
    18:06:45.0019 2168 sisagp - ok
    18:06:45.0135 2168 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    18:06:45.0138 2168 SiSRaid2 - ok
    18:06:45.0229 2168 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    18:06:45.0234 2168 SiSRaid4 - ok
    18:06:45.0338 2168 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    18:06:45.0344 2168 Smb - ok
    18:06:45.0437 2168 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    18:06:45.0440 2168 spldr - ok
    18:06:45.0550 2168 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    18:06:45.0573 2168 srv - ok
    18:06:45.0774 2168 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    18:06:45.0779 2168 srv2 - ok
    18:06:45.0825 2168 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    18:06:45.0829 2168 srvnet - ok
    18:06:45.0941 2168 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
    18:06:45.0952 2168 sscdbus - ok
    18:06:46.0088 2168 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
    18:06:46.0091 2168 sscdmdfl - ok
    18:06:46.0142 2168 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
    18:06:46.0146 2168 sscdmdm - ok
    18:06:46.0235 2168 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
    18:06:46.0239 2168 sscdserd - ok
    18:06:46.0419 2168 STHDA (5af135b2e2097d4494b9067ce84e2665) C:\Windows\system32\drivers\stwrt.sys
    18:06:46.0431 2168 STHDA - ok
    18:06:46.0519 2168 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    18:06:46.0522 2168 swenum - ok
    18:06:46.0626 2168 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    18:06:46.0629 2168 Symc8xx - ok
    18:06:46.0684 2168 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    18:06:46.0688 2168 Sym_hi - ok
    18:06:46.0744 2168 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    18:06:46.0747 2168 Sym_u3 - ok
    18:06:46.0903 2168 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
    18:06:47.0004 2168 Tcpip - ok
    18:06:47.0248 2168 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
    18:06:47.0268 2168 Tcpip6 - ok
    18:06:47.0332 2168 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    18:06:47.0336 2168 tcpipreg - ok
    18:06:47.0398 2168 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    18:06:47.0401 2168 TDPIPE - ok
    18:06:47.0448 2168 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    18:06:47.0452 2168 TDTCP - ok
    18:06:47.0574 2168 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    18:06:47.0578 2168 tdx - ok
    18:06:47.0666 2168 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    18:06:47.0669 2168 TermDD - ok
    18:06:47.0788 2168 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    18:06:47.0792 2168 tssecsrv - ok
    18:06:47.0899 2168 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    18:06:47.0903 2168 tunmp - ok
    18:06:47.0978 2168 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    18:06:47.0984 2168 tunnel - ok
    18:06:48.0064 2168 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    18:06:48.0068 2168 uagp35 - ok
    18:06:48.0140 2168 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    18:06:48.0147 2168 udfs - ok
    18:06:48.0242 2168 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
    18:06:48.0249 2168 uliagpkx - ok
    18:06:48.0304 2168 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    18:06:48.0314 2168 uliahci - ok
    18:06:48.0445 2168 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    18:06:48.0450 2168 UlSata - ok
    18:06:48.0518 2168 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    18:06:48.0522 2168 ulsata2 - ok
    18:06:48.0589 2168 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    18:06:48.0594 2168 umbus - ok
    18:06:48.0737 2168 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
    18:06:48.0741 2168 USBAAPL - ok
    18:06:48.0816 2168 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
    18:06:48.0821 2168 usbaudio - ok
    18:06:48.0901 2168 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    18:06:48.0905 2168 usbccgp - ok
    18:06:49.0069 2168 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    18:06:49.0074 2168 usbcir - ok
    18:06:49.0152 2168 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    18:06:49.0156 2168 usbehci - ok
    18:06:49.0215 2168 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    18:06:49.0222 2168 usbhub - ok
    18:06:49.0357 2168 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    18:06:49.0360 2168 usbohci - ok
    18:06:49.0451 2168 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    18:06:49.0456 2168 usbprint - ok
    18:06:49.0562 2168 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    18:06:49.0566 2168 usbscan - ok
    18:06:49.0646 2168 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    18:06:49.0650 2168 USBSTOR - ok
    18:06:49.0720 2168 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    18:06:49.0724 2168 usbuhci - ok
    18:06:49.0829 2168 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
    18:06:49.0835 2168 usbvideo - ok
    18:06:49.0907 2168 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
    18:06:49.0911 2168 usb_rndisx - ok
    18:06:50.0028 2168 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
    18:06:50.0031 2168 vga - ok
    18:06:50.0110 2168 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    18:06:50.0116 2168 VgaSave - ok
    18:06:50.0176 2168 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
    18:06:50.0180 2168 viaagp - ok
    18:06:50.0306 2168 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    18:06:50.0309 2168 ViaC7 - ok
    18:06:50.0385 2168 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
    18:06:50.0388 2168 viaide - ok
    18:06:50.0457 2168 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    18:06:50.0461 2168 volmgr - ok
    18:06:50.0548 2168 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    18:06:50.0557 2168 volmgrx - ok
    18:06:50.0679 2168 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    18:06:50.0686 2168 volsnap - ok
    18:06:50.0842 2168 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    18:06:50.0848 2168 vsmraid - ok
    18:06:51.0006 2168 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    18:06:51.0008 2168 WacomPen - ok
    18:06:51.0077 2168 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    18:06:51.0081 2168 Wanarp - ok
    18:06:51.0102 2168 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    18:06:51.0105 2168 Wanarpv6 - ok
    18:06:51.0263 2168 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    18:06:51.0266 2168 Wd - ok
    18:06:51.0361 2168 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    18:06:51.0396 2168 Wdf01000 - ok
    18:06:51.0619 2168 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    18:06:51.0654 2168 winachsf - ok
    18:06:51.0893 2168 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    18:06:51.0896 2168 WmiAcpi - ok
    18:06:52.0119 2168 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    18:06:52.0123 2168 WpdUsb - ok
    18:06:52.0195 2168 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    18:06:52.0205 2168 ws2ifsl - ok
    18:06:52.0442 2168 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    18:06:52.0446 2168 WUDFRd - ok
    18:06:52.0546 2168 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
    18:06:52.0548 2168 XAudio - ok
    18:06:52.0648 2168 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    18:06:52.0692 2168 \Device\Harddisk0\DR0 - ok
    18:06:52.0715 2168 Boot (0x1200) (b36b2b1cf28f89c9eb2043708663ea66) \Device\Harddisk0\DR0\Partition0
    18:06:52.0739 2168 \Device\Harddisk0\DR0\Partition0 - ok
    18:06:52.0750 2168 Boot (0x1200) (bf8884cc45984339a36a4361ad4c2dbd) \Device\Harddisk0\DR0\Partition1
    18:06:52.0752 2168 \Device\Harddisk0\DR0\Partition1 - ok
    18:06:52.0758 2168 ============================================================
    18:06:52.0758 2168 Scan finished
    18:06:52.0758 2168 ============================================================
    18:06:52.0792 4672 Detected object count: 0
    18:06:52.0792 4672 Actual detected object count: 0

  2. #12
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi mnyyoungs,

    TDSSKiller looked good.
    -----------

    • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
      Code:
      File::
      c:\windows\system32\c_41644.nl_
      c:\windows\System32\drivers\bpfvii.sys
      c:\windows\system32\ConduitEngine.tmp
      
      Firefox::
      FF - ProfilePath - c:\users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\85q3ua9k.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
      
      RegLock::
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      @Denied: (2) (LocalSystem)
      "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,f0,d9,f8,d9,92,fd,4d,ae,29,ae,\
      "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,f0,d9,f8,d9,92,fd,4d,ae,29,ae,\
      "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,f0,d9,f8,d9,92,fd,4d,ae,29,ae,\
      
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      
      RegNull::
      [HKEY_USERS\S-1-5-21-2740605613-3585765697-2305856818-1000\Software\SecuROM\License information*]
      "datasecu"=hex:cb,cc,19,08,d8,6d,2e,40,1a,65,bb,68,0a,b9,d8,3d,ed,1e,80,69,df,
      e9,de,db,27,4a,44,51,86,72,49,6f,cd,da,71,56,3c,29,57,35,4a,5a,58,0d,a3,ce,\
      "rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49
      
      Driver::
      qgdttjh
    • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.


    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
    • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
    • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

    CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
    ----------

  3. #13
    Member
    Join Date
    Oct 2011
    Posts
    81

    Default

    Am working on running, as described, but the program has stalled at:

    "deleting files"

    Does this mean it's done? Please advise.

    THANKS!!!!

  4. #14
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi mnyyoungs,

    If ComboFix stalls just go ahead and run it again using the instructions I provided before. If you still have problems just let me know.

  5. #15
    Member
    Join Date
    Oct 2011
    Posts
    81

    Default

    urg....quick q. should the blue box say anything in it when I've followed your directions re: notebook, disable any clean-ware, and drag note-file into combo fix. I get nadda...blue box opens...cursor bounces...and nothing else...also getting A LOT of spybot notices about changes to the system....no spybot in the tray to disable...so I didn't...but should I be getting notices of system changes, at this point unless it's that bug i've got?

  6. #16
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi mnyyoungs,

    I am sorry you are having these troubles. This infection that is on your system is the real-deal so this may take some time.

    What I would like for you to do is just uninstall Spybot completely. We can reinstall it later. Go to Control Panel > Programs and Features and then delete Spybot.
    ------------

    Delete your ComboFix icon and then get a fresh copy using the links I provided earlier. Once you get a fresh copy of ComboFix please try to run the cfscript.txt that we created earlier. If you are still having problems let me know.

  7. #17
    Member
    Join Date
    Oct 2011
    Posts
    81

    Default

    Hi Jeff....Combo Fix removed and re-installed after I removed Spybot. I'm still waiting for a log, but the program has been hung up on "Completed Stage__50" for quite some time.

    Now as far as my data that i'd like to save from this laptop...since this does not seem to be going well. Would word, excel, powerpoint files, photos and some .exe extensions....be affected by this rootkit that I don't seem to be able to give the bootkick to?

    Also, WHO makes these nasty things...do these delinquent masterminds really get what they want when they cause this havoc to people? I mean, really...I believe in Karma, so I'd hope they get "theirs" but besides Karma, does "Big Brother" find them and take them to one of North America's plush prisons? Seriously, WHO does this crap and why?

  8. #18
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi mnyyoungs,

    WHO makes these nasty things...do these delinquent masterminds really get what they want when they cause this havoc to people?
    LOL!! I have no idea but they do get more creative.

    As far as what you should backup, I have been treating this with the idea that ANY .exe should be considered infected throughout the system. Saving photos, music, word documents and such should be just fine but nothing else. Absolutely no .exe files at all though.

    If ComboFix has not completed yet, go ahead and reboot then take a look in your C:\ drive and look for the most recent copy of ComboFix.txt and post that into your next reply.

  9. #19
    Member
    Join Date
    Oct 2011
    Posts
    81

    Default

    I've followed the steps you mentioned in your last post. I've followed them and it's still getting hung up at the same place. There is NO Log in the C: drive either.....any further suggestions? Now, if I was using ehemmmm, Adult sites, or opening those incessant emails about how I've won a gazillion dollars from a long lost uncle, I wouldn't be so angry about this computer trauma....but I'm a clean surfer! lol.

    I'm afraid to use my click-free to back up my personal files....I wonder if this nasty bug is what caused my external hard drive to give up the fight a few weeks ago....it wasn't that old....garrrrrrr.

  10. #20
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi mnyyoungs,

    I wouldn't be so angry about this computer trauma....but I'm a clean surfer! lol.
    It is amazing the places that people can pick up these infections. There is just never any way to really tell.

    Let's try something different. You will need a jump drive for this next part (or a CD).
    • I want you to delete ComboFix from your desktop.
    • Download a fresh copy of ComboFix to a USB drive from another computer, but before saving it to the USB drive I want you to rename it to svchost.exe.
    • Now transfer it to the infected computer and save it to C:\Windows.
    • Now move the CFScript.txt that you made on your desktop to C:\Windows as well.
    • Drag the cfscript.txt onto svchost.exe and let it run.


    If there is a log created post that into your next reply. If you still have problems let me know.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •