Dell Vista X32 Won't hibernate, sleep, shut down when lid is closed

[HawkZ28]

Just tried it after clean boot. Still nothing- same error message.

 

[HawkZ28]

Go to search type services
Make sure that Volume shadow copy services is set to manual
and that Remote Procedure call is set to automatic and running

Remote Procedure Call and Remote Procedure Call Locator? Locator is set to manual.

Is this what you were referring to in the even viewer?

 

[richc46]

I think my last post will nail this. Forget the past, you just turned it on and off, when turned on it goes to default. Default will do a SR on all the drives. Reset that then test, it will work (I hope)
Event viewer just gives the problems, they have to be solved by going to services. I do not think that will be necessaary if you set restore only for C.

Step 6 shows what you have to change
http://www.vistax64.com/tutorials/66971-system-restore.html

Information that you should know
Each drive that can be backed up with SR has those points saved on that drive. That cannot be changed.
If one drive does not have sufficient space, you cannot back up on any drive
The solution, and Im sure we nailed this sucker, is to change the setting to back up only C. You have enough space and it will be saved on C and the other drives will not matter.

 

[HawkZ28]

Ok, I reset it- I turned SR off, rebooted, turned it back on, and attempted.

Also, SR only 'sees' C - it doesn't see D or E. I don't remember if that's always been the case, or if that's part of the problem. Results are attached.

THANKS again for your help, patience, and persistence!!!

 

[richc46]

I am sure that you checked the box for C
If you did, lets go further back than square one.
Download and run malwarebytes at full scan and after updated
Run a full anti virus scan.
I dont really think that this will lead anywhere, but everything else seems to be set correctly.

 

[richc46]

Try this too, increase the space available for restore. What you are backing up may be too large for the space that you have set aside.

 

[HawkZ28]

I ran the malwarebytes and have a screenie of what it found. The last one I'm not sure what it is/was.

I'm waiting on trend micro to do a scan, and will follow up with windows defender.

Also, I increased from 30gb to 50, and then 100gb, and it still wouldn't create a restore point.

 

[richc46]

I will get help, trojans are not good.
After our security people remove the trojan. I will continue to help you. Hopefully this may be the cause of the Restore problem
Glad that we found it. One seems to be involved with registry; not good.

 

[Jacee]

Have you done this?
1. Click on Start, type Services.msc in Start Search. In the following windows look for Volume Shadow Copy service.
2. Right click on Volume Shadow Copy service (VSS) and Check if it is started.
3. If it is stopped select Start or Restart.
Make sure that the service is started and set as Automatic.

If that still doen't work, then...
Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

• Double click combofix.exe and follow the prompts.
• When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply.
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix

 

[HawkZ28]

I've attached what I've got. I won't have a chance to test anything else out until later tonight.

Also, when I ran Hijackthis, I didn't check the 'scan and fix stuff', just scan and produce the log. Took about 10 seconds if that.

THANKS again to both of you for all your help!!!! I really appreciate it!!!

 

[richc46]

Jacee will get the malware out and then if SR does not work we can go back there.
Jacee mentioned setting the Volume Shadow Copy to automatic give that a try. I have mine set to manual because I dont want points made on schedule, but when I want them. In your situation give automatic a try, you have one strange problem.

 

[Jacee]

Looks like you had/have a Rootkit! "Bootkit TDL4 was found and disinfected"

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.

• If TDSSKiller does not run, try renaming it.
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
• Click the Start Scan button.
• Do not use the computer during the scan
• If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKillerwill be created and saved to the root directory (usually Local Disk C.
• Copy and paste the contents of that file in your next reply.

 

[HawkZ28]

Done. Here you go....


2011/01/14 06:27:50.0680 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:11
2011/01/14 06:27:50.0680 ================================================================================
2011/01/14 06:27:50.0680 SystemInfo:
2011/01/14 06:27:50.0680
2011/01/14 06:27:50.0680 OS Version: 6.0.6002 ServicePack: 2.0
2011/01/14 06:27:50.0681 Product type: Workstation
2011/01/14 06:27:50.0681 ComputerName: RHAWKINS-PC
2011/01/14 06:27:50.0681 UserName: RHawkins
2011/01/14 06:27:50.0681 Windows directory: C:\Windows
2011/01/14 06:27:50.0681 System windows directory: C:\Windows
2011/01/14 06:27:50.0681 Processor architecture: Intel x86
2011/01/14 06:27:50.0681 Number of processors: 2
2011/01/14 06:27:50.0681 Page size: 0x1000
2011/01/14 06:27:50.0681 Boot type: Normal boot
2011/01/14 06:27:50.0681 ================================================================================
2011/01/14 06:27:51.0257 Initialize success
2011/01/14 06:27:59.0906 ================================================================================
2011/01/14 06:27:59.0906 Scan started
2011/01/14 06:27:59.0906 Mode: Manual;
2011/01/14 06:27:59.0906 ================================================================================
2011/01/14 06:28:00.0682 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/14 06:28:00.0789 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/01/14 06:28:00.0931 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/01/14 06:28:01.0034 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/01/14 06:28:01.0208 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/01/14 06:28:01.0339 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/14 06:28:01.0449 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/01/14 06:28:01.0528 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/14 06:28:01.0662 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
2011/01/14 06:28:01.0773 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/01/14 06:28:01.0836 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
2011/01/14 06:28:01.0891 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/01/14 06:28:01.0981 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/01/14 06:28:02.0048 androidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
2011/01/14 06:28:02.0119 ApfiltrService (448da519f3b6ffa158c513156053181e) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/01/14 06:28:02.0216 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/01/14 06:28:02.0272 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/01/14 06:28:02.0371 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys
2011/01/14 06:28:02.0443 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/14 06:28:02.0507 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/14 06:28:02.0576 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/14 06:28:02.0728 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/14 06:28:02.0808 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/14 06:28:02.0860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/14 06:28:02.0902 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/14 06:28:02.0988 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/14 06:28:03.0076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/14 06:28:03.0123 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/14 06:28:03.0282 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/01/14 06:28:03.0384 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/14 06:28:03.0467 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/01/14 06:28:03.0536 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/01/14 06:28:03.0702 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/01/14 06:28:03.0798 btusbflt (24b6f65f80ebe0111e7807769ae3d6c0) C:\Windows\system32\drivers\btusbflt.sys
2011/01/14 06:28:03.0869 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
2011/01/14 06:28:03.0944 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
2011/01/14 06:28:04.0197 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/01/14 06:28:04.0437 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/14 06:28:04.0503 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/14 06:28:04.0580 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/01/14 06:28:04.0707 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/14 06:28:04.0836 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/14 06:28:05.0037 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
2011/01/14 06:28:05.0130 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/14 06:28:05.0323 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/01/14 06:28:05.0453 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/01/14 06:28:05.0607 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
2011/01/14 06:28:05.0904 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/14 06:28:06.0094 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/14 06:28:06.0317 DLABMFSM (a53723176d0002feb486eff8e17812f2) C:\Windows\system32\DLA\DLABMFSM.SYS
2011/01/14 06:28:06.0574 DLABOIOM (d4587063acea776699251e177d719586) C:\Windows\system32\DLA\DLABOIOM.SYS
2011/01/14 06:28:06.0723 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS
2011/01/14 06:28:06.0833 DLADResM (c950c2e7b9ed1a4fc4a2ac7ec044f1d6) C:\Windows\system32\DLA\DLADResM.SYS
2011/01/14 06:28:06.0927 DLAIFS_M (24400137e387a24410c52a591f3cfb4d) C:\Windows\system32\DLA\DLAIFS_M.SYS
2011/01/14 06:28:07.0056 DLAOPIOM (29a303feceb28641ecebdae89eb71c63) C:\Windows\system32\DLA\DLAOPIOM.SYS
2011/01/14 06:28:07.0208 DLAPoolM (c93e33a22a1ae0c5508f3fb1f6d0a50c) C:\Windows\system32\DLA\DLAPoolM.SYS
2011/01/14 06:28:07.0275 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS
2011/01/14 06:28:07.0410 DLAUDFAM (b953498c35a31e5ac98f49adbcf3e627) C:\Windows\system32\DLA\DLAUDFAM.SYS
2011/01/14 06:28:07.0620 DLAUDF_M (4897704c093c1f59ce58fc65e1e1ef1e) C:\Windows\system32\DLA\DLAUDF_M.SYS
2011/01/14 06:28:07.0748 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/14 06:28:07.0844 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS
2011/01/14 06:28:07.0939 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS
2011/01/14 06:28:08.0018 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/14 06:28:08.0136 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/14 06:28:08.0213 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/14 06:28:08.0303 elagopro (7ec42ec12a4bac14bcca99fb06f2d125) C:\Windows\system32\DRIVERS\elagopro.sys
2011/01/14 06:28:08.0374 elaunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\elaunidr.sys
2011/01/14 06:28:08.0508 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/01/14 06:28:08.0703 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/14 06:28:08.0815 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/14 06:28:08.0918 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/14 06:28:08.0980 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/14 06:28:09.0056 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/14 06:28:09.0130 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/14 06:28:09.0195 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/14 06:28:09.0324 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/14 06:28:09.0389 FTD2XX (07a83a2e070357075c2056810c67c9e4) C:\Windows\system32\Drivers\FTD2XX.sys
2011/01/14 06:28:09.0464 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/14 06:28:09.0564 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/14 06:28:09.0710 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/01/14 06:28:09.0798 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/14 06:28:09.0889 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/14 06:28:09.0996 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/14 06:28:10.0071 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/14 06:28:10.0246 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/01/14 06:28:10.0385 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/01/14 06:28:10.0469 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/01/14 06:28:10.0529 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/14 06:28:10.0660 iaStor (5df93509037399b53d3ecaa8a67b6c58) C:\Windows\system32\DRIVERS\iaStor.sys
2011/01/14 06:28:10.0772 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/01/14 06:28:10.0892 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/14 06:28:10.0961 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/01/14 06:28:11.0006 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/14 06:28:11.0097 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/14 06:28:11.0289 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/14 06:28:11.0383 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/14 06:28:11.0507 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/14 06:28:11.0587 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/01/14 06:28:11.0686 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/14 06:28:11.0741 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/14 06:28:11.0826 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/14 06:28:11.0885 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/14 06:28:11.0945 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/14 06:28:12.0014 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/14 06:28:12.0159 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/14 06:28:12.0245 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/14 06:28:12.0405 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/14 06:28:12.0506 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/14 06:28:12.0636 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/14 06:28:12.0773 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/01/14 06:28:12.0910 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/14 06:28:13.0014 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/14 06:28:13.0097 motandroidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
2011/01/14 06:28:13.0203 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
2011/01/14 06:28:13.0342 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/14 06:28:13.0398 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/14 06:28:13.0504 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/14 06:28:13.0592 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/01/14 06:28:13.0688 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/14 06:28:13.0843 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/14 06:28:13.0906 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/14 06:28:13.0968 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/14 06:28:14.0034 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/14 06:28:14.0114 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/14 06:28:14.0225 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
2011/01/14 06:28:14.0297 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/01/14 06:28:14.0389 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/14 06:28:14.0448 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/14 06:28:14.0583 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/14 06:28:14.0657 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/14 06:28:14.0741 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/14 06:28:14.0858 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/14 06:28:15.0032 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/14 06:28:15.0141 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/14 06:28:15.0229 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/14 06:28:15.0326 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/14 06:28:15.0436 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/14 06:28:15.0540 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/14 06:28:15.0630 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/14 06:28:15.0692 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/14 06:28:15.0775 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/14 06:28:15.0867 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/14 06:28:15.0932 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/14 06:28:16.0114 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/01/14 06:28:16.0408 NETw5v32 (9ca26dccf0b84a6ff2b54fbb2a94520b) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/01/14 06:28:16.0705 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/14 06:28:16.0827 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/14 06:28:16.0900 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/14 06:28:17.0064 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/14 06:28:17.0305 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/14 06:28:17.0383 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/14 06:28:17.0761 nvlddmkm (8fe5350fa6a9f0b6633aee811c468954) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/14 06:28:18.0495 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
2011/01/14 06:28:18.0561 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/01/14 06:28:18.0654 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/01/14 06:28:18.0873 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2011/01/14 06:28:18.0967 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2011/01/14 06:28:19.0032 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/14 06:28:19.0115 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/01/14 06:28:19.0185 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/14 06:28:19.0291 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/01/14 06:28:19.0392 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/14 06:28:19.0471 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
2011/01/14 06:28:19.0625 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/14 06:28:19.0893 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/14 06:28:20.0063 pnetmdm (da19e3401f39c10df193be029c7e7bba) C:\Windows\system32\DRIVERS\pnetmdm.sys
2011/01/14 06:28:20.0167 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/14 06:28:20.0303 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/01/14 06:28:20.0399 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/14 06:28:20.0447 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/01/14 06:28:20.0564 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/01/14 06:28:20.0820 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/14 06:28:20.0906 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/14 06:28:20.0994 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/14 06:28:21.0072 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/14 06:28:21.0150 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/14 06:28:21.0235 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/14 06:28:21.0318 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/14 06:28:21.0411 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/14 06:28:21.0494 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/01/14 06:28:21.0558 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/14 06:28:21.0635 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/14 06:28:21.0845 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/01/14 06:28:21.0918 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/01/14 06:28:21.0967 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/01/14 06:28:22.0009 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/01/14 06:28:22.0079 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2011/01/14 06:28:22.0200 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/14 06:28:22.0274 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/01/14 06:28:22.0392 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/01/14 06:28:22.0462 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/14 06:28:22.0581 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/01/14 06:28:22.0662 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/01/14 06:28:22.0761 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/14 06:28:22.0896 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/14 06:28:22.0943 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/14 06:28:23.0037 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/14 06:28:23.0083 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/14 06:28:23.0165 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/01/14 06:28:23.0232 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/01/14 06:28:23.0316 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/01/14 06:28:23.0449 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/14 06:28:23.0548 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/14 06:28:23.0662 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/01/14 06:28:23.0817 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/14 06:28:23.0914 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/14 06:28:24.0030 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\Windows\system32\Drivers\sskbfd.sys
2011/01/14 06:28:24.0108 STHDA (68a0d39e357dd7a234b1d4f1e844c615) C:\Windows\system32\drivers\stwrt.sys
2011/01/14 06:28:24.0190 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/14 06:28:24.0291 sxuptp (86083b04dc2b90397f4b47add6eaa407) C:\Windows\system32\DRIVERS\sxuptp.sys
2011/01/14 06:28:24.0383 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/14 06:28:24.0442 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/14 06:28:24.0492 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/14 06:28:24.0585 t3 (7d044dffee4f57047bb3ba3ce62f29d5) C:\Windows\system32\drivers\t3.sys
2011/01/14 06:28:24.0766 tbhsd (77bd6143c6dce0a1bf7b5571bed860dc) C:\Windows\system32\drivers\tbhsd.sys
2011/01/14 06:28:24.0858 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/01/14 06:28:25.0000 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/14 06:28:25.0097 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/14 06:28:25.0160 TcUsb (a54b8fc62db00c018eafafb47d00511e) C:\Windows\system32\Drivers\tcusb.sys
2011/01/14 06:28:25.0223 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/14 06:28:25.0292 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/14 06:28:25.0381 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/14 06:28:25.0449 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/14 06:28:25.0538 tmcfw (3929c6784db38788d76a88d9c4043dee) C:\Windows\system32\DRIVERS\TM_CFW.sys
2011/01/14 06:28:25.0703 tmpreflt (0c89809f1df614bd42093a446b222a32) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/01/14 06:28:25.0816 tmtdi (264ea39fdebd0b5e9d49d79923ed91ad) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/01/14 06:28:25.0880 tmxpflt (3d473e97ff805dab903aa66f08286c90) C:\Windows\system32\drivers\TmXPFlt.sys
2011/01/14 06:28:26.0081 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/14 06:28:26.0205 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/14 06:28:26.0263 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/14 06:28:26.0347 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/01/14 06:28:26.0414 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/14 06:28:26.0509 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/14 06:28:26.0630 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/01/14 06:28:26.0759 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/14 06:28:26.0822 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/14 06:28:26.0928 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/14 06:28:27.0080 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/14 06:28:27.0218 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/14 06:28:27.0330 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/14 06:28:27.0500 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/14 06:28:27.0578 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/01/14 06:28:27.0666 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/14 06:28:27.0767 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/14 06:28:27.0853 usbsermpt (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
2011/01/14 06:28:28.0015 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/14 06:28:28.0083 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/14 06:28:28.0240 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/01/14 06:28:28.0360 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/14 06:28:28.0487 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/14 06:28:28.0701 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/01/14 06:28:28.0844 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/01/14 06:28:28.0947 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
2011/01/14 06:28:29.0099 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/14 06:28:29.0258 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/14 06:28:29.0357 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/14 06:28:29.0517 vsapint (50e1ea1dd3ea74919d7a1c5d6c9c0b56) C:\Windows\system32\DRIVERS\vsapint.sys
2011/01/14 06:28:29.0744 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/01/14 06:28:29.0919 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/14 06:28:30.0047 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/14 06:28:30.0105 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/14 06:28:30.0266 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/01/14 06:28:30.0426 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/14 06:28:30.0653 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
2011/01/14 06:28:30.0794 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/14 06:28:30.0878 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/14 06:28:31.0082 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/14 06:28:31.0180 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/14 06:28:31.0231 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/01/14 06:28:31.0236 ================================================================================
2011/01/14 06:28:31.0236 Scan finished
2011/01/14 06:28:31.0236 ================================================================================
2011/01/14 06:28:31.0248 Detected object count: 1
2011/01/14 06:28:51.0747 \HardDisk0 - will be cured after reboot
2011/01/14 06:28:51.0748 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/01/14 06:28:59.0310 Deinitialize success

 

[richc46]

The way things turned out, it was actually a good thing that you had problems with the System R. We may have not discovered this Malware and you may have had bigger problems down the road.

 

[HawkZ28]

AMEN! I could only imagine how the frustration of dealing with my laptop would've been the least worrisome aspect!!!!!

 

[richc46]

Trust me when I tell you this. I got you one of the best to help. You will rid of this problem and be like new, again.
Look how awful this thing is
Rootkit - Wikipedia, the free encyclopedia
And these so called people that create these things, disable System Restore because they know that they can be removed if restore works. I think once this is solved, with a few adjustments you will be up and running like new

 

[Jacee]

Because your computer has been badly compromised, You need to change all your passwords using a known 'clean' computer, not this one. If you have any critical information on this computer, Banking and credit card institutions should be notified of the possible security breech.

If you haven't rebooted, please do so, then ..
Rescan with combofix, following my instructions above. Post both HJT and CF logs for me to review.

 

[HawkZ28]

Here you go.....

THANKS for the headsup- looks like we'll be doing everything from either my wife's laptop or our phones for a bit. We'll be redoing passwords and contacting everyone tonight.

 

[HawkZ28]

Also, I tried everything all over again in regards to SR- turned off, rebooted, turned it on and tried to create a point. No dice.

 

[richc46]

Im pretty sure that you will not get that SR working until the Virus is gone. I think that the Virus shuts off SR to make it more difficult to remove.

You dont want points,now, anyway that will be infected. If you ever restored with one, the virus would be back.