lisa58
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by lisa58
-
-
-
Everything seems to be okay now. Thanks.
-
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8253
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/27/2011 3:28:09 PM
mbam-log-2011-11-27 (15-28-09).txt
Scan type: Quick scan
Objects scanned: 213491
Time elapsed: 13 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I still don't see all the programs when I click Start-Programs. No disk scan or defragment.
-
Here is the new report.
15:06:06.0373 14060 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
15:06:06.0702 14060 ============================================================
15:06:06.0702 14060 Current date / time: 2011/11/27 15:06:06.0702
15:06:06.0702 14060 SystemInfo:
15:06:06.0702 14060
15:06:06.0702 14060 OS Version: 5.1.2600 ServicePack: 3.0
15:06:06.0702 14060 Product type: Workstation
15:06:06.0702 14060 ComputerName: EMACHINE
15:06:06.0702 14060 UserName: Owner
15:06:06.0702 14060 Windows directory: C:\WINDOWS
15:06:06.0702 14060 System windows directory: C:\WINDOWS
15:06:06.0702 14060 Processor architecture: Intel x86
15:06:06.0702 14060 Number of processors: 1
15:06:06.0702 14060 Page size: 0x1000
15:06:06.0702 14060 Boot type: Normal boot
15:06:06.0702 14060 ============================================================
15:06:07.0858 14060 Initialize success
15:06:09.0514 12952 ============================================================
15:06:09.0514 12952 Scan started
15:06:09.0514 12952 Mode: Manual;
15:06:09.0514 12952 ============================================================
15:06:10.0670 12952 Abiosdsk - ok
15:06:10.0983 12952 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:06:10.0983 12952 abp480n5 - ok
15:06:11.0358 12952 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:06:11.0358 12952 ACPI - ok
15:06:11.0686 12952 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:06:11.0686 12952 ACPIEC - ok
15:06:11.0967 12952 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:06:11.0983 12952 adpu160m - ok
15:06:12.0311 12952 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:06:12.0311 12952 aec - ok
15:06:12.0655 12952 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:06:12.0655 12952 AFD - ok
15:06:13.0327 12952 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:06:13.0327 12952 agp440 - ok
15:06:13.0780 12952 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:06:13.0780 12952 agpCPQ - ok
15:06:14.0092 12952 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:06:14.0092 12952 Aha154x - ok
15:06:14.0405 12952 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:06:14.0405 12952 aic78u2 - ok
15:06:14.0733 12952 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:06:14.0733 12952 aic78xx - ok
15:06:15.0170 12952 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:06:15.0186 12952 ALCXWDM - ok
15:06:15.0514 12952 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:06:15.0514 12952 AliIde - ok
15:06:15.0873 12952 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:06:15.0873 12952 alim1541 - ok
15:06:16.0233 12952 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:06:16.0233 12952 amdagp - ok
15:06:16.0545 12952 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
15:06:16.0545 12952 amsint - ok
15:06:16.0967 12952 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:06:16.0967 12952 Arp1394 - ok
15:06:17.0327 12952 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
15:06:17.0327 12952 asc - ok
15:06:17.0623 12952 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:06:17.0623 12952 asc3350p - ok
15:06:17.0936 12952 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:06:17.0936 12952 asc3550 - ok
15:06:18.0295 12952 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:06:18.0295 12952 AsyncMac - ok
15:06:18.0655 12952 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:06:18.0655 12952 atapi - ok
15:06:18.0967 12952 Atdisk - ok
15:06:19.0342 12952 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:06:19.0342 12952 ati2mtag - ok
15:06:19.0702 12952 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:06:19.0702 12952 Atmarpc - ok
15:06:20.0014 12952 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:06:20.0014 12952 audstub - ok
15:06:20.0327 12952 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:06:20.0327 12952 Beep - ok
15:06:20.0655 12952 BT - ok
15:06:20.0952 12952 Btcsrusb - ok
15:06:21.0295 12952 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
15:06:21.0295 12952 BtHidBus - ok
15:06:21.0623 12952 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
15:06:21.0623 12952 btnetBUs - ok
15:06:21.0967 12952 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
15:06:21.0967 12952 BVRPMPR5 - ok
15:06:22.0280 12952 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:06:22.0280 12952 cbidf - ok
15:06:22.0577 12952 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:06:22.0577 12952 cbidf2k - ok
15:06:22.0889 12952 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:06:22.0889 12952 cd20xrnt - ok
15:06:23.0233 12952 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
15:06:23.0233 12952 CdaD10BA - ok
15:06:23.0545 12952 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:06:23.0561 12952 Cdaudio - ok
15:06:23.0905 12952 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:06:23.0905 12952 Cdfs - ok
15:06:24.0233 12952 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
15:06:24.0233 12952 Cdr4_xp - ok
15:06:24.0561 12952 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
15:06:24.0561 12952 Cdralw2k - ok
15:06:24.0889 12952 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:06:24.0889 12952 Cdrom - ok
15:06:25.0233 12952 Changer - ok
15:06:25.0561 12952 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:06:25.0561 12952 CmdIde - ok
15:06:25.0936 12952 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:06:25.0936 12952 Cpqarray - ok
15:06:26.0295 12952 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:06:26.0311 12952 dac2w2k - ok
15:06:26.0655 12952 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:06:26.0655 12952 dac960nt - ok
15:06:27.0030 12952 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:06:27.0030 12952 Disk - ok
15:06:27.0420 12952 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:06:27.0420 12952 dmboot - ok
15:06:27.0827 12952 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:06:27.0842 12952 dmio - ok
15:06:28.0186 12952 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:06:28.0186 12952 dmload - ok
15:06:28.0545 12952 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:06:28.0545 12952 DMusic - ok
15:06:28.0920 12952 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
15:06:28.0920 12952 dot4 - ok
15:06:29.0280 12952 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
15:06:29.0280 12952 Dot4Print - ok
15:06:29.0623 12952 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
15:06:29.0623 12952 Dot4Scan - ok
15:06:29.0983 12952 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
15:06:29.0983 12952 dot4usb - ok
15:06:30.0342 12952 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:06:30.0342 12952 dpti2o - ok
15:06:30.0686 12952 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:06:30.0686 12952 drmkaud - ok
15:06:31.0045 12952 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:06:31.0045 12952 Fastfat - ok
15:06:31.0420 12952 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:06:31.0420 12952 Fdc - ok
15:06:31.0764 12952 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:06:31.0764 12952 Fips - ok
15:06:32.0170 12952 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:06:32.0170 12952 Flpydisk - ok
15:06:32.0639 12952 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:06:32.0655 12952 FltMgr - ok
15:06:33.0061 12952 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:06:33.0061 12952 Fs_Rec - ok
15:06:33.0420 12952 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:06:33.0420 12952 Ftdisk - ok
15:06:33.0733 12952 gdiw2k - ok
15:06:34.0108 12952 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:06:34.0108 12952 GEARAspiWDM - ok
15:06:34.0452 12952 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:06:34.0452 12952 Gpc - ok
15:06:34.0795 12952 hoiqslbv - ok
15:06:35.0139 12952 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
15:06:35.0139 12952 hpn - ok
15:06:35.0483 12952 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:06:35.0483 12952 HPZid412 - ok
15:06:35.0842 12952 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:06:35.0842 12952 HPZipr12 - ok
15:06:36.0248 12952 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:06:36.0248 12952 HPZius12 - ok
15:06:36.0623 12952 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
15:06:36.0623 12952 HSFHWBS2 - ok
15:06:37.0030 12952 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:06:37.0045 12952 HSF_DP - ok
15:06:37.0389 12952 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:06:37.0389 12952 HTTP - ok
15:06:37.0733 12952 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:06:37.0733 12952 i2omgmt - ok
15:06:38.0108 12952 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:06:38.0108 12952 i2omp - ok
15:06:38.0467 12952 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:06:38.0467 12952 i8042prt - ok
15:06:38.0827 12952 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:06:38.0827 12952 Imapi - ok
15:06:39.0186 12952 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:06:39.0186 12952 ini910u - ok
15:06:39.0545 12952 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:06:39.0545 12952 IntelIde - ok
15:06:39.0889 12952 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:06:39.0889 12952 Ip6Fw - ok
15:06:40.0248 12952 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:06:40.0248 12952 IpFilterDriver - ok
15:06:40.0608 12952 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:06:40.0608 12952 IpInIp - ok
15:06:40.0967 12952 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:06:40.0967 12952 IpNat - ok
15:06:41.0342 12952 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:06:41.0342 12952 IPSec - ok
15:06:41.0702 12952 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:06:41.0702 12952 IRENUM - ok
15:06:42.0061 12952 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:06:42.0061 12952 isapnp - ok
15:06:42.0405 12952 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
15:06:42.0405 12952 IvtBtBUs - ok
15:06:42.0748 12952 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:06:42.0748 12952 Kbdclass - ok
15:06:43.0092 12952 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:06:43.0092 12952 kmixer - ok
15:06:43.0436 12952 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:06:43.0436 12952 KSecDD - ok
15:06:43.0733 12952 lbrtfdc - ok
15:06:44.0092 12952 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
15:06:44.0092 12952 MBAMProtector - ok
15:06:44.0389 12952 MBAMSwissArmy - ok
15:06:44.0748 12952 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:06:44.0748 12952 mdmxsdk - ok
15:06:45.0092 12952 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:06:45.0092 12952 MHNDRV - ok
15:06:45.0467 12952 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:06:45.0467 12952 mnmdd - ok
15:06:45.0827 12952 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:06:45.0827 12952 Modem - ok
15:06:46.0170 12952 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
15:06:46.0170 12952 motmodem - ok
15:06:46.0498 12952 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:06:46.0498 12952 Mouclass - ok
15:06:46.0842 12952 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:06:46.0842 12952 MountMgr - ok
15:06:47.0295 12952 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:06:47.0295 12952 MpFilter - ok
15:06:47.0420 12952 MpKsl1053e1c2 - ok
15:06:47.0436 12952 MpKsl128603ce - ok
15:06:47.0452 12952 MpKsl18edb515 - ok
15:06:47.0467 12952 MpKsl193d2b14 - ok
15:06:47.0483 12952 MpKsl1ba45776 - ok
15:06:47.0498 12952 MpKsl1c44341c - ok
15:06:47.0514 12952 MpKsl1e518544 - ok
15:06:47.0530 12952 MpKsl225d22a0 - ok
15:06:47.0545 12952 MpKsl26734daa - ok
15:06:47.0561 12952 MpKsl27dfd542 - ok
15:06:47.0577 12952 MpKsl2aa06fd3 - ok
15:06:47.0592 12952 MpKsl395783ad - ok
15:06:47.0608 12952 MpKsl461ab117 - ok
15:06:47.0623 12952 MpKsl4d39c53c - ok
15:06:47.0639 12952 MpKsl568fd414 - ok
15:06:47.0655 12952 MpKsl68117935 - ok
15:06:47.0670 12952 MpKsl6dc75969 - ok
15:06:47.0686 12952 MpKsl8804e3c8 - ok
15:06:47.0702 12952 MpKsl8e5aeb5b - ok
15:06:47.0717 12952 MpKsl91b90cc1 - ok
15:06:47.0733 12952 MpKsl9c78c2b4 - ok
15:06:47.0748 12952 MpKsl9d14898e - ok
15:06:47.0764 12952 MpKsl9d44a0f9 - ok
15:06:47.0780 12952 MpKsla1335bc1 - ok
15:06:47.0795 12952 MpKsla9238964 - ok
15:06:47.0811 12952 MpKslabd28ac4 - ok
15:06:47.0827 12952 MpKslad7d60bc - ok
15:06:47.0842 12952 MpKslb1b803d0 - ok
15:06:47.0858 12952 MpKslb320f895 - ok
15:06:47.0873 12952 MpKslb907d62f - ok
15:06:47.0889 12952 MpKslbc933e7f - ok
15:06:47.0905 12952 MpKslbe40c4b0 - ok
15:06:47.0920 12952 MpKslcb5a29e0 - ok
15:06:47.0967 12952 MpKsld1bff95c (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8BE61CD4-9022-4C23-B143-CA4B1A92242B}\MpKsld1bff95c.sys
15:06:47.0967 12952 MpKsld1bff95c - ok
15:06:47.0983 12952 MpKsld616c37b - ok
15:06:47.0998 12952 MpKsld7ca0242 - ok
15:06:48.0014 12952 MpKsld99e6c53 - ok
15:06:48.0030 12952 MpKsle3de4626 - ok
15:06:48.0045 12952 MpKslf22068e3 - ok
15:06:48.0061 12952 MpKslf8f79d2e - ok
15:06:48.0077 12952 MpKslfbe4fd56 - ok
15:06:48.0405 12952 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:06:48.0420 12952 mraid35x - ok
15:06:48.0780 12952 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:06:48.0780 12952 MRxDAV - ok
15:06:49.0139 12952 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:06:49.0139 12952 MRxSmb - ok
15:06:49.0483 12952 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:06:49.0483 12952 Msfs - ok
15:06:49.0858 12952 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:06:49.0858 12952 MSKSSRV - ok
15:06:50.0233 12952 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:06:50.0233 12952 MSPCLOCK - ok
15:06:50.0670 12952 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:06:50.0670 12952 MSPQM - ok
15:06:51.0264 12952 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:06:51.0264 12952 mssmbios - ok
15:06:51.0920 12952 MSW_USB (b648018aabe80d62a099e105f4164596) C:\WINDOWS\system32\DRIVERS\MN510-51.sys
15:06:52.0077 12952 MSW_USB - ok
15:06:52.0686 12952 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:06:52.0686 12952 Mup - ok
15:06:53.0170 12952 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
15:06:53.0170 12952 mxnic - ok
15:06:53.0717 12952 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:06:53.0717 12952 NDIS - ok
15:06:54.0311 12952 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:06:54.0311 12952 NdisTapi - ok
15:06:54.0655 12952 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:06:54.0655 12952 Ndisuio - ok
15:06:55.0030 12952 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:06:55.0030 12952 NdisWan - ok
15:06:55.0358 12952 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:06:55.0373 12952 NDProxy - ok
15:06:55.0717 12952 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:06:55.0717 12952 NetBIOS - ok
15:06:56.0061 12952 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:06:56.0061 12952 NetBT - ok
15:06:56.0436 12952 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:06:56.0436 12952 NIC1394 - ok
15:06:56.0889 12952 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
15:06:56.0889 12952 nm - ok
15:06:57.0248 12952 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
15:06:57.0248 12952 NPF - ok
15:06:57.0592 12952 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:06:57.0592 12952 Npfs - ok
15:06:57.0952 12952 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:06:57.0967 12952 Ntfs - ok
15:06:58.0373 12952 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:06:58.0373 12952 Null - ok
15:06:58.0764 12952 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:06:58.0780 12952 nv - ok
15:06:59.0436 12952 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:06:59.0436 12952 NwlnkFlt - ok
15:07:00.0202 12952 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:07:00.0202 12952 NwlnkFwd - ok
15:07:00.0686 12952 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:07:00.0686 12952 NwlnkIpx - ok
15:07:01.0061 12952 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:07:01.0061 12952 NwlnkNb - ok
15:07:01.0420 12952 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:07:01.0420 12952 NwlnkSpx - ok
15:07:01.0764 12952 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:07:01.0764 12952 NWRDR - ok
15:07:02.0123 12952 odysseyIM3 (dd03bdd1459d1966ee640f63221c175a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
15:07:02.0139 12952 odysseyIM3 - ok
15:07:02.0483 12952 ohci1394 (8b61e22e07eeb703e2168fbfe1073545) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:07:02.0483 12952 ohci1394 - ok
15:07:02.0842 12952 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
15:07:02.0842 12952 P3 - ok
15:07:03.0186 12952 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:07:03.0186 12952 Parport - ok
15:07:03.0530 12952 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:07:03.0530 12952 PartMgr - ok
15:07:03.0873 12952 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:07:03.0873 12952 ParVdm - ok
15:07:04.0217 12952 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:07:04.0217 12952 pccsmcfd - ok
15:07:04.0561 12952 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:07:04.0561 12952 PCI - ok
15:07:04.0873 12952 PCIDump - ok
15:07:05.0233 12952 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:07:05.0233 12952 PCIIde - ok
15:07:05.0577 12952 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:07:05.0577 12952 Pcmcia - ok
15:07:05.0873 12952 PDCOMP - ok
15:07:06.0186 12952 PDFRAME - ok
15:07:06.0498 12952 PDRELI - ok
15:07:06.0795 12952 PDRFRAME - ok
15:07:07.0155 12952 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
15:07:07.0155 12952 perc2 - ok
15:07:07.0514 12952 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:07:07.0514 12952 perc2hib - ok
15:07:07.0889 12952 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
15:07:07.0889 12952 pfc - ok
15:07:08.0202 12952 pifcwnbm - ok
15:07:08.0592 12952 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:07:08.0592 12952 PptpMiniport - ok
15:07:08.0952 12952 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
15:07:08.0952 12952 Processor - ok
15:07:09.0358 12952 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:07:09.0358 12952 PSched - ok
15:07:09.0717 12952 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:07:09.0717 12952 Ptilink - ok
15:07:10.0061 12952 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:07:10.0077 12952 PxHelp20 - ok
15:07:10.0405 12952 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:07:10.0405 12952 ql1080 - ok
15:07:10.0764 12952 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:07:10.0764 12952 Ql10wnt - ok
15:07:11.0123 12952 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:07:11.0123 12952 ql12160 - ok
15:07:11.0467 12952 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:07:11.0467 12952 ql1240 - ok
15:07:11.0827 12952 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:07:11.0827 12952 ql1280 - ok
15:07:12.0186 12952 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:07:12.0186 12952 RasAcd - ok
15:07:12.0530 12952 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:07:12.0530 12952 Rasl2tp - ok
15:07:12.0905 12952 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:07:12.0905 12952 RasPppoe - ok
15:07:13.0264 12952 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:07:13.0264 12952 Raspti - ok
15:07:13.0655 12952 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:07:13.0655 12952 Rdbss - ok
15:07:13.0998 12952 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:07:13.0998 12952 RDPCDD - ok
15:07:14.0373 12952 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:07:14.0373 12952 rdpdr - ok
15:07:14.0717 12952 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:07:14.0717 12952 RDPWD - ok
15:07:15.0077 12952 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:07:15.0077 12952 redbook - ok
15:07:15.0452 12952 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
15:07:15.0452 12952 RimUsb - ok
15:07:15.0842 12952 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
15:07:15.0842 12952 ROOTMODEM - ok
15:07:16.0186 12952 RT73 (bf4709c002d632170dc15a282813d6b3) C:\WINDOWS\system32\DRIVERS\rt73.sys
15:07:16.0186 12952 RT73 - ok
15:07:16.0514 12952 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
15:07:16.0514 12952 RTL8023xp - ok
15:07:16.0889 12952 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:07:16.0905 12952 Secdrv - ok
15:07:17.0280 12952 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
15:07:17.0280 12952 Serial - ok
15:07:17.0655 12952 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:07:17.0655 12952 Sfloppy - ok
15:07:17.0967 12952 Simbad - ok
15:07:18.0311 12952 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:07:18.0311 12952 sisagp - ok
15:07:18.0670 12952 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:07:18.0670 12952 Sparrow - ok
15:07:19.0014 12952 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:07:19.0030 12952 splitter - ok
15:07:19.0373 12952 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:07:19.0373 12952 sr - ok
15:07:19.0748 12952 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:07:19.0764 12952 Srv - ok
15:07:20.0108 12952 SunkFilt (86ca1a5c15a5a98d5533945fb1120b05) C:\WINDOWS\System32\Drivers\sunkfilt.sys
15:07:20.0108 12952 SunkFilt - ok
15:07:20.0467 12952 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:07:20.0467 12952 swenum - ok
15:07:20.0811 12952 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:07:20.0811 12952 swmidi - ok
15:07:21.0123 12952 SWMX00 - ok
15:07:21.0436 12952 SWNC5E00 - ok
15:07:21.0811 12952 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
15:07:21.0811 12952 symc810 - ok
15:07:22.0155 12952 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:07:22.0155 12952 symc8xx - ok
15:07:22.0498 12952 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:07:22.0498 12952 sym_hi - ok
15:07:22.0858 12952 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:07:22.0858 12952 sym_u3 - ok
15:07:23.0233 12952 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:07:23.0233 12952 sysaudio - ok
15:07:23.0639 12952 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:07:23.0639 12952 Tcpip - ok
15:07:23.0998 12952 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:07:23.0998 12952 Tcpip6 - ok
15:07:24.0327 12952 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:07:24.0327 12952 TDPIPE - ok
15:07:24.0670 12952 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:07:24.0670 12952 TDTCP - ok
15:07:25.0030 12952 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:07:25.0030 12952 TermDD - ok
15:07:25.0389 12952 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
15:07:25.0389 12952 TosIde - ok
15:07:25.0748 12952 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:07:25.0748 12952 tunmp - ok
15:07:25.0764 12952 Suspicious service (Hidden): UACd.sys
15:07:26.0092 12952 UACd.sys (ffd7cfafe1ffdc032087a7a6636b99a2) C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys
15:07:26.0092 12952 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
15:07:26.0092 12952 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
15:07:26.0092 12952 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - infected
15:07:26.0092 12952 UACd.sys - detected Rootkit.Win32.TDSS.tdl2 (0)
15:07:26.0420 12952 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:07:26.0420 12952 Udfs - ok
15:07:26.0733 12952 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
15:07:26.0733 12952 ultra - ok
15:07:27.0108 12952 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:07:27.0108 12952 Update - ok
15:07:27.0436 12952 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:07:27.0452 12952 USBAAPL - ok
15:07:27.0795 12952 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:07:27.0795 12952 usbccgp - ok
15:07:28.0155 12952 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:07:28.0155 12952 usbehci - ok
15:07:28.0530 12952 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:07:28.0530 12952 usbhub - ok
15:07:28.0873 12952 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:07:28.0873 12952 usbohci - ok
15:07:29.0217 12952 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:07:29.0217 12952 usbprint - ok
15:07:29.0561 12952 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:07:29.0561 12952 usbscan - ok
15:07:29.0967 12952 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:07:29.0967 12952 USBSTOR - ok
15:07:30.0264 12952 VComm - ok
15:07:30.0577 12952 VcommMgr - ok
15:07:30.0920 12952 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:07:30.0920 12952 VgaSave - ok
15:07:31.0280 12952 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:07:31.0280 12952 viaagp - ok
15:07:31.0639 12952 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
15:07:31.0639 12952 ViaIde - ok
15:07:31.0998 12952 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:07:31.0998 12952 VolSnap - ok
15:07:32.0389 12952 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:07:32.0389 12952 Wanarp - ok
15:07:32.0889 12952 wanatw - ok
15:07:33.0233 12952 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:07:33.0233 12952 Wdf01000 - ok
15:07:33.0530 12952 WDICA - ok
15:07:33.0873 12952 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:07:33.0873 12952 wdmaud - ok
15:07:34.0264 12952 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:07:34.0264 12952 winachsf - ok
15:07:34.0670 12952 WpdUsb (d87ea9f191df6731818ffd93659badf4) C:\WINDOWS\system32\Drivers\wpdusb.sys
15:07:34.0670 12952 WpdUsb - ok
15:07:35.0014 12952 zabslmsf - ok
15:07:35.0311 12952 zvuueeds - ok
15:07:35.0389 12952 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
15:07:35.0405 12952 \Device\Harddisk0\DR0 - ok
15:07:35.0420 12952 Boot (0x1200) (4d98067400fe9c2200a8bda154034897) \Device\Harddisk0\DR0\Partition0
15:07:35.0420 12952 \Device\Harddisk0\DR0\Partition0 - ok
15:07:35.0420 12952 ============================================================
15:07:35.0420 12952 Scan finished
15:07:35.0420 12952 ============================================================
15:07:35.0452 11244 Detected object count: 1
15:07:35.0452 11244 Actual detected object count: 1
15:07:46.0873 11244 C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys - copied to quarantine
15:07:46.0873 11244 C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys - copied to quarantine
15:07:47.0139 11244 C:\WINDOWS\system32\UACgplbdltxeakxqvnuk.dll - copied to quarantine
15:07:47.0686 11244 C:\WINDOWS\system32\UACnpjvcuorcyqmihuhw.dat - copied to quarantine
15:07:48.0467 11244 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - User select action: Quarantine
-
Do you mean quarrantine or delete? Those are the only options besides skip.
-
here are the results.
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_02
Run by Owner at 14:13:53 on 2011-11-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.303 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\program files\real\realplayer\update\realsched.exe
c:\program files\real\realplayer\RealPlay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://search.imesh.com/sidebar.html?src=ssb
uSearchMigratedDefaultURL = hxxp://www.Google.com/
uDefault_Search_URL = hxxp://www.Google.com/
mDefault_Search_URL = hxxp://www.Google.com/
mSearch Page = hxxp://www.Google.com/
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.Google.com/
mSearchURL = hxxp://www.Google.com/
mSearchAssistant = hxxp://search.imesh.com/sidebar.html?src=ssb
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {da879c19-9088-418b-a63a-2e6fb294eaf0} - c:\program files\aadvantage eshoppingsm toolbar\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
{19b9cd57-3043-442f-8dff-f9924af056bd}
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AAdvantage eShoppingSM Toolbar BHO: {5712a6bb-b6c8-4e52-a152-1ba741c9a6a2} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
BHO: {cb123249-5059-40db-a51c-728222fccd8e} - No File
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
{fc8c94fa-2bdd-4395-b59d-df429a34eb85}
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
TB: AAdvantage eShoppingSM Toolbar: {85741f1d-ed47-4dcf-9109-07d10213c4d0} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [searchEngineProtection] c:\program files\gamesbar\SearchEngineProtection.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11c_ActiveX.exe -update activex
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [soundMan] SOUNDMAN.EXE
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [eFax 4.2] "c:\program files\efax messenger 4.2\J2GDllCmd.exe" /R
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: americanexpress.com\www
Trusted Zone: associatedbank.com\www
Trusted Zone: boxtops4education.com\www
Trusted Zone: linksynergy.com
Trusted Zone: pogo.com\www
Trusted Zone: state.wi.us\wiscjobs
Trusted Zone: turbotax.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - hxxp://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxps://www.microsoft.com/resources/virtuallabs/ActiveX/VMRCActiveXClient1.cab
DPF: {93EFDAB8-8800-4896-B428-76F943140E1B} - hxxp://www.consumerinput.com.edgesuite.net/panel/maple/dcainst.cab
DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{8BA4481C-D190-47CA-A479-1DF41738DB49} : DhcpNameServer = 10.0.0.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: gdiwxp - gdiwxp.dll
Notify: pmnOEurp - pmnOEurp.dll
STS: {db763ed8-100a-481b-8913-50a2f41dcdc3}: exegeses
{19b9cd57-3043-442f-8dff-f9924af056bd}
LSA: Authentication Packages = msv1_0 nwprovau c:\windows\system32\ddcBQijK
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-6-17 20744]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R1 MpKsl4d39c53c;MpKsl4d39c53c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\mpksl4d39c53c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl4d39c53c.sys [?]
R1 MpKslabd28ac4;MpKslabd28ac4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\mpkslabd28ac4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKslabd28ac4.sys [?]
R1 MpKsld1bff95c;MpKsld1bff95c;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8be61cd4-9022-4c23-b143-ca4b1a92242b}\MpKsld1bff95c.sys [2011-11-27 28752]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-5 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-5 22216]
S1 gdiw2k;GDI kernel srvc; [x]
S1 hoiqslbv;hoiqslbv;\??\c:\windows\system32\drivers\hoiqslbv.sys --> c:\windows\system32\drivers\hoiqslbv.sys [?]
S1 MpKsl1053e1c2;MpKsl1053e1c2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\mpksl1053e1c2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\MpKsl1053e1c2.sys [?]
S1 MpKsl128603ce;MpKsl128603ce;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\mpksl128603ce.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\MpKsl128603ce.sys [?]
S1 MpKsl18edb515;MpKsl18edb515;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl18edb515.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl18edb515.sys [?]
S1 MpKsl193d2b14;MpKsl193d2b14;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\mpksl193d2b14.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\MpKsl193d2b14.sys [?]
S1 MpKsl1ba45776;MpKsl1ba45776;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\mpksl1ba45776.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\MpKsl1ba45776.sys [?]
S1 MpKsl1c44341c;MpKsl1c44341c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\mpksl1c44341c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\MpKsl1c44341c.sys [?]
S1 MpKsl1e518544;MpKsl1e518544;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\mpksl1e518544.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\MpKsl1e518544.sys [?]
S1 MpKsl225d22a0;MpKsl225d22a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl225d22a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl225d22a0.sys [?]
S1 MpKsl26734daa;MpKsl26734daa;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\mpksl26734daa.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\MpKsl26734daa.sys [?]
S1 MpKsl27dfd542;MpKsl27dfd542;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\mpksl27dfd542.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\MpKsl27dfd542.sys [?]
S1 MpKsl2aa06fd3;MpKsl2aa06fd3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\mpksl2aa06fd3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\MpKsl2aa06fd3.sys [?]
S1 MpKsl395783ad;MpKsl395783ad;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\mpksl395783ad.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\MpKsl395783ad.sys [?]
S1 MpKsl461ab117;MpKsl461ab117;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl461ab117.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl461ab117.sys [?]
S1 MpKsl568fd414;MpKsl568fd414;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\mpksl568fd414.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\MpKsl568fd414.sys [?]
S1 MpKsl68117935;MpKsl68117935;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\mpksl68117935.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\MpKsl68117935.sys [?]
S1 MpKsl6dc75969;MpKsl6dc75969;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\mpksl6dc75969.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\MpKsl6dc75969.sys [?]
S1 MpKsl8804e3c8;MpKsl8804e3c8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\mpksl8804e3c8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\MpKsl8804e3c8.sys [?]
S1 MpKsl8e5aeb5b;MpKsl8e5aeb5b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl8e5aeb5b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl8e5aeb5b.sys [?]
S1 MpKsl91b90cc1;MpKsl91b90cc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpksl91b90cc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKsl91b90cc1.sys [?]
S1 MpKsl9c78c2b4;MpKsl9c78c2b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\mpksl9c78c2b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\MpKsl9c78c2b4.sys [?]
S1 MpKsl9d14898e;MpKsl9d14898e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\mpksl9d14898e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\MpKsl9d14898e.sys [?]
S1 MpKsl9d44a0f9;MpKsl9d44a0f9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl9d44a0f9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl9d44a0f9.sys [?]
S1 MpKsla1335bc1;MpKsla1335bc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla1335bc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla1335bc1.sys [?]
S1 MpKsla9238964;MpKsla9238964;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla9238964.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla9238964.sys [?]
S1 MpKslad7d60bc;MpKslad7d60bc;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\mpkslad7d60bc.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\MpKslad7d60bc.sys [?]
S1 MpKslb1b803d0;MpKslb1b803d0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\mpkslb1b803d0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\MpKslb1b803d0.sys [?]
S1 MpKslb320f895;MpKslb320f895;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\mpkslb320f895.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\MpKslb320f895.sys [?]
S1 MpKslb907d62f;MpKslb907d62f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\mpkslb907d62f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\MpKslb907d62f.sys [?]
S1 MpKslbc933e7f;MpKslbc933e7f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\mpkslbc933e7f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\MpKslbc933e7f.sys [?]
S1 MpKslbe40c4b0;MpKslbe40c4b0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpkslbe40c4b0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKslbe40c4b0.sys [?]
S1 MpKslcb5a29e0;MpKslcb5a29e0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\mpkslcb5a29e0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\MpKslcb5a29e0.sys [?]
S1 MpKsld616c37b;MpKsld616c37b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\mpksld616c37b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\MpKsld616c37b.sys [?]
S1 MpKsld7ca0242;MpKsld7ca0242;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\mpksld7ca0242.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\MpKsld7ca0242.sys [?]
S1 MpKsld99e6c53;MpKsld99e6c53;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\mpksld99e6c53.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\MpKsld99e6c53.sys [?]
S1 MpKsle3de4626;MpKsle3de4626;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\mpksle3de4626.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\MpKsle3de4626.sys [?]
S1 MpKslf22068e3;MpKslf22068e3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\mpkslf22068e3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\MpKslf22068e3.sys [?]
S1 MpKslf8f79d2e;MpKslf8f79d2e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\mpkslf8f79d2e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\MpKslf8f79d2e.sys [?]
S1 MpKslfbe4fd56;MpKslfbe4fd56;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpkslfbe4fd56.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKslfbe4fd56.sys [?]
S1 pifcwnbm;pifcwnbm;\??\c:\windows\system32\drivers\pifcwnbm.sys --> c:\windows\system32\drivers\pifcwnbm.sys [?]
S1 zabslmsf;zabslmsf;\??\c:\windows\system32\drivers\zabslmsf.sys --> c:\windows\system32\drivers\zabslmsf.sys [?]
S1 zvuueeds;zvuueeds;\??\c:\windows\system32\drivers\zvuueeds.sys --> c:\windows\system32\drivers\zvuueeds.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-6-17 29192]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2010-10-10 50704]
.
=============== Created Last 30 ================
.
2011-11-27 07:46:19 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8be61cd4-9022-4c23-b143-ca4b1a92242b}\MpKsld1bff95c.sys
2011-11-27 07:45:56 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8be61cd4-9022-4c23-b143-ca4b1a92242b}\offreg.dll
2011-11-27 07:45:48 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8be61cd4-9022-4c23-b143-ca4b1a92242b}\mpengine.dll
2011-11-11 01:46:01 575520 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\nss\0306000.01F
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\NSS
2011-11-10 06:18:29 -------- d-----w- c:\program files\Norton Security Scan
2011-11-10 06:18:29 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-11-10 06:18:25 -------- d-----w- c:\program files\NortonInstaller
2011-11-10 06:18:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-11-10 04:17:51 -------- d-----w- c:\windows\system32\Adobe
2011-11-07 22:03:27 -------- d-----w- c:\documents and settings\owner\local settings\application data\Yahoo!
2011-11-05 22:39:03 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2011-11-05 21:34:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-05 21:34:17 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 21:34:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2011-10-15 02:38:39 499712 ---ha-w- c:\windows\system32\msvcp71.dll
2011-09-26 16:41:20 611328 ---ha-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ---ha-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ---ha-w- c:\windows\system32\oleaccrc.dll
2011-09-17 22:09:59 404640 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12:13 599040 ---ha-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ---ha-w- c:\windows\system32\win32k.sys
2008-05-26 02:27:53 262144 ----a-w- c:\program files\Uninstall Ask Toolbar.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The maximum number of secrets that may be stored in a single system has been exceeded.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe >>UNKNOWN [0x856EA8E3]<< >>UNKNOWN [0xF551C466]<<
_asm { JMP 0x6fe31b83; }
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8573AAB8]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5f; }
user != kernel MBR !!!
.
============= FINISH: 14:14:43.04 ===============
Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/3/2005 5:29:29 PM
System Uptime: 11/17/2011 7:53:52 PM (235 hours ago)
.
Motherboard: MICRO-STAR | | MS-7145
Processor: AMD Athlon 64 Processor 3400+ | Socket 754 | 2393/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 182 GiB total, 122.722 GiB free.
D: is Removable
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: ATI RADEON Xpress 200 Series
Device ID: PCI\VEN_1002&DEV_5954&SUBSYS_71411462&REV_00\4&D623FAE&0&2808
Manufacturer: ATI Technologies Inc.
Name: ATI RADEON Xpress 200 Series
PNP Device ID: PCI\VEN_1002&DEV_5954&SUBSYS_71411462&REV_00\4&D623FAE&0&2808
Service: ati2mtag
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
AAdvantage eShoppingSM Toolbar
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Ask Toolbar
ATI - Software Uninstall Utility
ATI Display Driver
Bonjour
CCScore
Charting Companion for Family Tree Maker
Compatibility Pack for the 2007 Office system
Digital Media Reader
DirectX Media Runtime 5.1
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
eVoice Player 1.0
Family Tree Maker 2006
fflink
GamesBar 2.0.1.67
GdiplusUpgrade
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Update
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 9
Java 6 Update 2
Java SE Runtime Environment 6 Update 1
kgcbaby
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft MSDN 2005 Express Edition - ENU
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Picture It! Premium 10
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual Web Developer 2005 Express Edition - ENU
Microsoft Visual Web Developer 2005 Express Edition - ENU Service Pack 1 (KB926751)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Move Media Player
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Multimedia Keyboard Driver
Napster Burn Engine
Nero BurnRights
Nero OEM
netbrdg
Nokia Connectivity Cable Driver
Norton Security Scan
OfotoXMI
PC Connectivity Solution
Photosmart 140,240,7200,7600,7700,7900 Series
PS7200
PSShortcutsP
PSUsage
QFolder
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
RealUpgrade 1.1
Recovery Software Suite eMachines
Reporting Add-In for Microsoft Visual Web Developer 2005 Express
RuneScape Launcher 1.0.4
Savings Bond Wizard
Secure Game Player
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SFR
SHASTA
skin0001
SKINXSDK
SoftV92 Data Fax Modem with SmartCP
Sonic Encoders
staticcr
swMSM
The Poppit! Show
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Viewpoint Media Player
VPRINTOL
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WIRELESS
Works Upgrade
World of Warcraft
Yahoo! Browser Services
Yahoo! BrowserPlus 2.9.8
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================
TDSSKiller
14:18:05.0217 6040 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
14:18:05.0498 6040 ============================================================
14:18:05.0498 6040 Current date / time: 2011/11/27 14:18:05.0498
14:18:05.0498 6040 SystemInfo:
14:18:05.0498 6040
14:18:05.0498 6040 OS Version: 5.1.2600 ServicePack: 3.0
14:18:05.0498 6040 Product type: Workstation
14:18:05.0498 6040 ComputerName: EMACHINE
14:18:05.0498 6040 UserName: Owner
14:18:05.0498 6040 Windows directory: C:\WINDOWS
14:18:05.0498 6040 System windows directory: C:\WINDOWS
14:18:05.0498 6040 Processor architecture: Intel x86
14:18:05.0498 6040 Number of processors: 1
14:18:05.0498 6040 Page size: 0x1000
14:18:05.0498 6040 Boot type: Normal boot
14:18:05.0498 6040 ============================================================
14:18:06.0842 6040 Initialize success
14:18:11.0998 9036 ============================================================
14:18:11.0998 9036 Scan started
14:18:11.0998 9036 Mode: Manual;
14:18:11.0998 9036 ============================================================
14:18:13.0108 9036 Abiosdsk - ok
14:18:13.0436 9036 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:18:13.0436 9036 abp480n5 - ok
14:18:13.0795 9036 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:18:13.0811 9036 ACPI - ok
14:18:14.0139 9036 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:18:14.0139 9036 ACPIEC - ok
14:18:14.0436 9036 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:18:14.0436 9036 adpu160m - ok
14:18:14.0795 9036 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:18:14.0795 9036 aec - ok
14:18:15.0139 9036 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:18:15.0139 9036 AFD - ok
14:18:15.0483 9036 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:18:15.0483 9036 agp440 - ok
14:18:15.0827 9036 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:18:15.0827 9036 agpCPQ - ok
14:18:16.0139 9036 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:18:16.0139 9036 Aha154x - ok
14:18:16.0452 9036 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:18:16.0452 9036 aic78u2 - ok
14:18:16.0811 9036 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:18:16.0811 9036 aic78xx - ok
14:18:17.0280 9036 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
14:18:17.0389 9036 ALCXWDM - ok
14:18:17.0733 9036 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:18:17.0733 9036 AliIde - ok
14:18:18.0077 9036 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:18:18.0077 9036 alim1541 - ok
14:18:18.0420 9036 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:18:18.0420 9036 amdagp - ok
14:18:18.0780 9036 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:18:18.0780 9036 amsint - ok
14:18:19.0155 9036 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:18:19.0155 9036 Arp1394 - ok
14:18:19.0452 9036 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:18:19.0452 9036 asc - ok
14:18:19.0795 9036 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:18:19.0795 9036 asc3350p - ok
14:18:20.0092 9036 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:18:20.0108 9036 asc3550 - ok
14:18:20.0483 9036 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:18:20.0483 9036 AsyncMac - ok
14:18:20.0842 9036 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:18:20.0842 9036 atapi - ok
14:18:21.0155 9036 Atdisk - ok
14:18:21.0545 9036 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:18:21.0561 9036 ati2mtag - ok
14:18:21.0920 9036 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:18:21.0920 9036 Atmarpc - ok
14:18:22.0264 9036 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:18:22.0264 9036 audstub - ok
14:18:22.0686 9036 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:18:22.0686 9036 Beep - ok
14:18:22.0998 9036 BT - ok
14:18:23.0311 9036 Btcsrusb - ok
14:18:23.0655 9036 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
14:18:23.0655 9036 BtHidBus - ok
14:18:23.0983 9036 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
14:18:23.0983 9036 btnetBUs - ok
14:18:24.0327 9036 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
14:18:24.0327 9036 BVRPMPR5 - ok
14:18:24.0623 9036 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:18:24.0623 9036 cbidf - ok
14:18:24.0936 9036 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:18:24.0936 9036 cbidf2k - ok
14:18:25.0248 9036 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:18:25.0248 9036 cd20xrnt - ok
14:18:25.0592 9036 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
14:18:25.0608 9036 CdaD10BA - ok
14:18:25.0920 9036 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:18:25.0920 9036 Cdaudio - ok
14:18:26.0264 9036 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:18:26.0264 9036 Cdfs - ok
14:18:26.0592 9036 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
14:18:26.0592 9036 Cdr4_xp - ok
14:18:26.0936 9036 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
14:18:26.0936 9036 Cdralw2k - ok
14:18:27.0233 9036 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:18:27.0233 9036 Cdrom - ok
14:18:27.0561 9036 Changer - ok
14:18:27.0920 9036 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:18:27.0920 9036 CmdIde - ok
14:18:28.0295 9036 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:18:28.0295 9036 Cpqarray - ok
14:18:28.0655 9036 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:18:28.0670 9036 dac2w2k - ok
14:18:29.0030 9036 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:18:29.0030 9036 dac960nt - ok
14:18:29.0405 9036 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:18:29.0405 9036 Disk - ok
14:18:29.0780 9036 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:18:29.0795 9036 dmboot - ok
14:18:30.0155 9036 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:18:30.0170 9036 dmio - ok
14:18:30.0514 9036 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:18:30.0514 9036 dmload - ok
14:18:30.0873 9036 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:18:30.0873 9036 DMusic - ok
14:18:31.0248 9036 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
14:18:31.0248 9036 dot4 - ok
14:18:31.0608 9036 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
14:18:31.0608 9036 Dot4Print - ok
14:18:31.0936 9036 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
14:18:31.0936 9036 Dot4Scan - ok
14:18:32.0358 9036 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
14:18:32.0420 9036 dot4usb - ok
14:18:33.0170 9036 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:18:33.0170 9036 dpti2o - ok
14:18:33.0514 9036 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:18:33.0514 9036 drmkaud - ok
14:18:33.0920 9036 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:18:33.0936 9036 Fastfat - ok
14:18:34.0280 9036 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:18:34.0280 9036 Fdc - ok
14:18:34.0623 9036 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:18:34.0623 9036 Fips - ok
14:18:34.0983 9036 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:18:34.0983 9036 Flpydisk - ok
14:18:35.0342 9036 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:18:35.0342 9036 FltMgr - ok
14:18:35.0686 9036 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:18:35.0686 9036 Fs_Rec - ok
14:18:36.0045 9036 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:18:36.0045 9036 Ftdisk - ok
14:18:36.0405 9036 gdiw2k - ok
14:18:36.0795 9036 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
14:18:36.0795 9036 GEARAspiWDM - ok
14:18:37.0139 9036 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:18:37.0139 9036 Gpc - ok
14:18:37.0483 9036 hoiqslbv - ok
14:18:37.0889 9036 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:18:37.0889 9036 hpn - ok
14:18:38.0248 9036 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:18:38.0264 9036 HPZid412 - ok
14:18:38.0608 9036 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:18:38.0608 9036 HPZipr12 - ok
14:18:38.0967 9036 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:18:38.0967 9036 HPZius12 - ok
14:18:39.0327 9036 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
14:18:39.0327 9036 HSFHWBS2 - ok
14:18:39.0717 9036 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
14:18:39.0748 9036 HSF_DP - ok
14:18:40.0092 9036 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:18:40.0108 9036 HTTP - ok
14:18:40.0436 9036 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:18:40.0436 9036 i2omgmt - ok
14:18:40.0795 9036 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:18:40.0795 9036 i2omp - ok
14:18:41.0155 9036 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:18:41.0155 9036 i8042prt - ok
14:18:41.0530 9036 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:18:41.0530 9036 Imapi - ok
14:18:41.0920 9036 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:18:41.0920 9036 ini910u - ok
14:18:42.0280 9036 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:18:42.0280 9036 IntelIde - ok
14:18:42.0655 9036 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:18:42.0655 9036 Ip6Fw - ok
14:18:43.0014 9036 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:18:43.0014 9036 IpFilterDriver - ok
14:18:43.0358 9036 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:18:43.0358 9036 IpInIp - ok
14:18:43.0717 9036 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:18:43.0717 9036 IpNat - ok
14:18:44.0077 9036 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:18:44.0077 9036 IPSec - ok
14:18:44.0420 9036 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:18:44.0420 9036 IRENUM - ok
14:18:44.0795 9036 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:18:44.0795 9036 isapnp - ok
14:18:45.0139 9036 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
14:18:45.0139 9036 IvtBtBUs - ok
14:18:45.0467 9036 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:18:45.0483 9036 Kbdclass - ok
14:18:45.0842 9036 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:18:45.0842 9036 kmixer - ok
14:18:46.0186 9036 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:18:46.0186 9036 KSecDD - ok
14:18:46.0483 9036 lbrtfdc - ok
14:18:46.0842 9036 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
14:18:46.0842 9036 MBAMProtector - ok
14:18:47.0139 9036 MBAMSwissArmy - ok
14:18:47.0498 9036 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:18:47.0498 9036 mdmxsdk - ok
14:18:47.0889 9036 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
14:18:47.0889 9036 MHNDRV - ok
14:18:48.0233 9036 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:18:48.0248 9036 mnmdd - ok
14:18:48.0608 9036 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:18:48.0608 9036 Modem - ok
14:18:48.0967 9036 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
14:18:48.0967 9036 motmodem - ok
14:18:49.0295 9036 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:18:49.0295 9036 Mouclass - ok
14:18:49.0655 9036 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:18:49.0655 9036 MountMgr - ok
14:18:49.0998 9036 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:18:50.0014 9036 MpFilter - ok
14:18:50.0139 9036 MpKsl1053e1c2 - ok
14:18:50.0155 9036 MpKsl128603ce - ok
14:18:50.0170 9036 MpKsl18edb515 - ok
14:18:50.0186 9036 MpKsl193d2b14 - ok
14:18:50.0202 9036 MpKsl1ba45776 - ok
14:18:50.0217 9036 MpKsl1c44341c - ok
14:18:50.0233 9036 MpKsl1e518544 - ok
14:18:50.0248 9036 MpKsl225d22a0 - ok
14:18:50.0264 9036 MpKsl26734daa - ok
14:18:50.0280 9036 MpKsl27dfd542 - ok
14:18:50.0295 9036 MpKsl2aa06fd3 - ok
14:18:50.0311 9036 MpKsl395783ad - ok
14:18:50.0327 9036 MpKsl461ab117 - ok
14:18:50.0358 9036 MpKsl4d39c53c - ok
14:18:50.0373 9036 MpKsl568fd414 - ok
14:18:50.0389 9036 MpKsl68117935 - ok
14:18:50.0405 9036 MpKsl6dc75969 - ok
14:18:50.0420 9036 MpKsl8804e3c8 - ok
14:18:50.0436 9036 MpKsl8e5aeb5b - ok
14:18:50.0452 9036 MpKsl91b90cc1 - ok
14:18:50.0467 9036 MpKsl9c78c2b4 - ok
14:18:50.0483 9036 MpKsl9d14898e - ok
14:18:50.0498 9036 MpKsl9d44a0f9 - ok
14:18:50.0514 9036 MpKsla1335bc1 - ok
14:18:50.0530 9036 MpKsla9238964 - ok
14:18:50.0545 9036 MpKslabd28ac4 - ok
14:18:50.0561 9036 MpKslad7d60bc - ok
14:18:50.0577 9036 MpKslb1b803d0 - ok
14:18:50.0592 9036 MpKslb320f895 - ok
14:18:50.0608 9036 MpKslb907d62f - ok
14:18:50.0639 9036 MpKslbc933e7f - ok
14:18:50.0639 9036 MpKslbe40c4b0 - ok
14:18:50.0670 9036 MpKslcb5a29e0 - ok
14:18:50.0717 9036 MpKsld1bff95c (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8BE61CD4-9022-4C23-B143-CA4B1A92242B}\MpKsld1bff95c.sys
14:18:50.0717 9036 MpKsld1bff95c - ok
14:18:50.0733 9036 MpKsld616c37b - ok
14:18:50.0748 9036 MpKsld7ca0242 - ok
14:18:50.0748 9036 MpKsld99e6c53 - ok
14:18:50.0764 9036 MpKsle3de4626 - ok
14:18:50.0795 9036 MpKslf22068e3 - ok
14:18:50.0811 9036 MpKslf8f79d2e - ok
14:18:50.0827 9036 MpKslfbe4fd56 - ok
14:18:51.0170 9036 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:18:51.0170 9036 mraid35x - ok
14:18:51.0514 9036 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:18:51.0530 9036 MRxDAV - ok
14:18:51.0889 9036 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:18:51.0905 9036 MRxSmb - ok
14:18:52.0264 9036 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:18:52.0264 9036 Msfs - ok
14:18:52.0639 9036 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:18:52.0639 9036 MSKSSRV - ok
14:18:52.0983 9036 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:18:52.0983 9036 MSPCLOCK - ok
14:18:53.0327 9036 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:18:53.0342 9036 MSPQM - ok
14:18:53.0702 9036 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:18:53.0702 9036 mssmbios - ok
14:18:54.0061 9036 MSW_USB (b648018aabe80d62a099e105f4164596) C:\WINDOWS\system32\DRIVERS\MN510-51.sys
14:18:54.0092 9036 MSW_USB - ok
14:18:54.0420 9036 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:18:54.0436 9036 Mup - ok
14:18:54.0764 9036 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
14:18:54.0764 9036 mxnic - ok
14:18:55.0155 9036 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:18:55.0170 9036 NDIS - ok
14:18:55.0498 9036 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:18:55.0498 9036 NdisTapi - ok
14:18:55.0842 9036 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:18:55.0842 9036 Ndisuio - ok
14:18:56.0186 9036 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:18:56.0202 9036 NdisWan - ok
14:18:56.0545 9036 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:18:56.0545 9036 NDProxy - ok
14:18:56.0905 9036 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:18:56.0905 9036 NetBIOS - ok
14:18:57.0248 9036 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:18:57.0248 9036 NetBT - ok
14:18:57.0686 9036 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:18:57.0686 9036 NIC1394 - ok
14:18:58.0030 9036 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
14:18:58.0030 9036 nm - ok
14:18:58.0358 9036 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
14:18:58.0373 9036 NPF - ok
14:18:58.0702 9036 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:18:58.0702 9036 Npfs - ok
14:18:59.0077 9036 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:18:59.0108 9036 Ntfs - ok
14:18:59.0467 9036 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:18:59.0467 9036 Null - ok
14:18:59.0873 9036 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:18:59.0967 9036 nv - ok
14:19:00.0295 9036 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:19:00.0295 9036 NwlnkFlt - ok
14:19:00.0639 9036 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:19:00.0639 9036 NwlnkFwd - ok
14:19:00.0983 9036 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
14:19:00.0983 9036 NwlnkIpx - ok
14:19:01.0327 9036 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
14:19:01.0327 9036 NwlnkNb - ok
14:19:01.0670 9036 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
14:19:01.0670 9036 NwlnkSpx - ok
14:19:02.0030 9036 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
14:19:02.0030 9036 NWRDR - ok
14:19:02.0405 9036 odysseyIM3 (dd03bdd1459d1966ee640f63221c175a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
14:19:02.0405 9036 odysseyIM3 - ok
14:19:02.0780 9036 ohci1394 (8b61e22e07eeb703e2168fbfe1073545) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:19:02.0780 9036 ohci1394 - ok
14:19:03.0123 9036 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
14:19:03.0139 9036 P3 - ok
14:19:03.0483 9036 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
14:19:03.0483 9036 Parport - ok
14:19:03.0842 9036 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:19:03.0842 9036 PartMgr - ok
14:19:04.0202 9036 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:19:04.0202 9036 ParVdm - ok
14:19:04.0545 9036 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
14:19:04.0545 9036 pccsmcfd - ok
14:19:04.0889 9036 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:19:04.0889 9036 PCI - ok
14:19:05.0202 9036 PCIDump - ok
14:19:05.0873 9036 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:19:05.0873 9036 PCIIde - ok
14:19:06.0264 9036 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:19:06.0264 9036 Pcmcia - ok
14:19:06.0639 9036 PDCOMP - ok
14:19:06.0936 9036 PDFRAME - ok
14:19:07.0280 9036 PDRELI - ok
14:19:07.0639 9036 PDRFRAME - ok
14:19:07.0983 9036 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:19:07.0983 9036 perc2 - ok
14:19:08.0342 9036 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:19:08.0342 9036 perc2hib - ok
14:19:08.0702 9036 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
14:19:08.0702 9036 pfc - ok
14:19:08.0998 9036 pifcwnbm - ok
14:19:09.0358 9036 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:19:09.0358 9036 PptpMiniport - ok
14:19:09.0717 9036 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
14:19:09.0717 9036 Processor - ok
14:19:10.0077 9036 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:19:10.0077 9036 PSched - ok
14:19:10.0436 9036 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:19:10.0436 9036 Ptilink - ok
14:19:10.0780 9036 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:19:10.0780 9036 PxHelp20 - ok
14:19:11.0139 9036 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:19:11.0155 9036 ql1080 - ok
14:19:11.0498 9036 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:19:11.0498 9036 Ql10wnt - ok
14:19:11.0842 9036 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:19:11.0842 9036 ql12160 - ok
14:19:12.0217 9036 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:19:12.0217 9036 ql1240 - ok
14:19:12.0561 9036 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:19:12.0561 9036 ql1280 - ok
14:19:12.0936 9036 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:19:12.0936 9036 RasAcd - ok
14:19:13.0280 9036 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:19:13.0295 9036 Rasl2tp - ok
14:19:13.0655 9036 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:19:13.0655 9036 RasPppoe - ok
14:19:13.0998 9036 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:19:13.0998 9036 Raspti - ok
14:19:14.0358 9036 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:19:14.0358 9036 Rdbss - ok
14:19:14.0717 9036 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:19:14.0717 9036 RDPCDD - ok
14:19:15.0092 9036 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:19:15.0092 9036 rdpdr - ok
14:19:15.0420 9036 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:19:15.0436 9036 RDPWD - ok
14:19:15.0780 9036 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:19:15.0780 9036 redbook - ok
14:19:16.0123 9036 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
14:19:16.0123 9036 RimUsb - ok
14:19:16.0452 9036 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
14:19:16.0452 9036 ROOTMODEM - ok
14:19:16.0811 9036 RT73 (bf4709c002d632170dc15a282813d6b3) C:\WINDOWS\system32\DRIVERS\rt73.sys
14:19:16.0811 9036 RT73 - ok
14:19:17.0155 9036 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
14:19:17.0155 9036 RTL8023xp - ok
14:19:17.0530 9036 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:19:17.0530 9036 Secdrv - ok
14:19:17.0936 9036 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
14:19:17.0936 9036 Serial - ok
14:19:18.0342 9036 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:19:18.0342 9036 Sfloppy - ok
14:19:18.0670 9036 Simbad - ok
14:19:19.0030 9036 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:19:19.0030 9036 sisagp - ok
14:19:19.0389 9036 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:19:19.0389 9036 Sparrow - ok
14:19:19.0748 9036 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:19:19.0748 9036 splitter - ok
14:19:20.0092 9036 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:19:20.0092 9036 sr - ok
14:19:20.0467 9036 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:19:20.0483 9036 Srv - ok
14:19:20.0827 9036 SunkFilt (86ca1a5c15a5a98d5533945fb1120b05) C:\WINDOWS\System32\Drivers\sunkfilt.sys
14:19:20.0827 9036 SunkFilt - ok
14:19:21.0202 9036 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:19:21.0202 9036 swenum - ok
14:19:21.0561 9036 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:19:21.0561 9036 swmidi - ok
14:19:21.0889 9036 SWMX00 - ok
14:19:22.0202 9036 SWNC5E00 - ok
14:19:22.0561 9036 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:19:22.0561 9036 symc810 - ok
14:19:22.0920 9036 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:19:22.0920 9036 symc8xx - ok
14:19:23.0264 9036 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:19:23.0264 9036 sym_hi - ok
14:19:23.0623 9036 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:19:23.0623 9036 sym_u3 - ok
14:19:23.0983 9036 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:19:23.0983 9036 sysaudio - ok
14:19:24.0358 9036 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:19:24.0373 9036 Tcpip - ok
14:19:24.0717 9036 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
14:19:24.0717 9036 Tcpip6 - ok
14:19:25.0061 9036 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:19:25.0061 9036 TDPIPE - ok
14:19:25.0373 9036 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:19:25.0373 9036 TDTCP - ok
14:19:25.0702 9036 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:19:25.0717 9036 TermDD - ok
14:19:26.0061 9036 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
14:19:26.0061 9036 TosIde - ok
14:19:26.0436 9036 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
14:19:26.0436 9036 tunmp - ok
14:19:26.0452 9036 Suspicious service (Hidden): UACd.sys
14:19:26.0764 9036 UACd.sys (ffd7cfafe1ffdc032087a7a6636b99a2) C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys
14:19:26.0764 9036 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
14:19:26.0780 9036 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
14:19:26.0780 9036 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - infected
14:19:26.0780 9036 UACd.sys - detected Rootkit.Win32.TDSS.tdl2 (0)
14:19:27.0092 9036 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:19:27.0108 9036 Udfs - ok
14:19:27.0436 9036 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:19:27.0452 9036 ultra - ok
14:19:27.0842 9036 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:19:27.0842 9036 Update - ok
14:19:28.0217 9036 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
14:19:28.0217 9036 USBAAPL - ok
14:19:28.0561 9036 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:19:28.0561 9036 usbccgp - ok
14:19:28.0920 9036 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:19:28.0920 9036 usbehci - ok
14:19:29.0280 9036 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:19:29.0280 9036 usbhub - ok
14:19:29.0623 9036 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:19:29.0623 9036 usbohci - ok
14:19:29.0967 9036 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:19:29.0967 9036 usbprint - ok
14:19:30.0311 9036 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:19:30.0311 9036 usbscan - ok
14:19:30.0655 9036 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:19:30.0655 9036 USBSTOR - ok
14:19:30.0967 9036 VComm - ok
14:19:31.0280 9036 VcommMgr - ok
14:19:31.0623 9036 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:19:31.0623 9036 VgaSave - ok
14:19:32.0014 9036 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:19:32.0014 9036 viaagp - ok
14:19:32.0639 9036 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:19:32.0639 9036 ViaIde - ok
14:19:32.0983 9036 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:19:32.0998 9036 VolSnap - ok
14:19:33.0358 9036 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:19:33.0358 9036 Wanarp - ok
14:19:33.0670 9036 wanatw - ok
14:19:34.0030 9036 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:19:34.0045 9036 Wdf01000 - ok
14:19:34.0342 9036 WDICA - ok
14:19:34.0702 9036 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:19:34.0702 9036 wdmaud - ok
14:19:35.0077 9036 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
14:19:35.0108 9036 winachsf - ok
14:19:35.0530 9036 WpdUsb (d87ea9f191df6731818ffd93659badf4) C:\WINDOWS\system32\Drivers\wpdusb.sys
14:19:35.0530 9036 WpdUsb - ok
14:19:35.0858 9036 zabslmsf - ok
14:19:36.0155 9036 zvuueeds - ok
14:19:36.0248 9036 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
14:19:36.0248 9036 \Device\Harddisk0\DR0 - ok
14:19:36.0280 9036 Boot (0x1200) (4d98067400fe9c2200a8bda154034897) \Device\Harddisk0\DR0\Partition0
14:19:36.0280 9036 \Device\Harddisk0\DR0\Partition0 - ok
14:19:36.0280 9036 ============================================================
14:19:36.0280 9036 Scan finished
14:19:36.0280 9036 ============================================================
14:19:36.0311 8748 Detected object count: 1
14:19:36.0311 8748 Actual detected object count: 1
14:19:48.0592 8748 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - skipped by user
14:19:48.0592 8748 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - User select action: Skip
-
I could not find that file to delete. I ran the next steps anyway. The fixme.reg worked, but the ComboFix still would not run.
-
I did exactly what you instructed, but nothing happened.
-
I get the option to Run as current user, or Administrator. I tried both, but neither one works.
-
Nothing happens when I double-click on ComboFix.exe. It has been saved to the Desktop.
-
Yes, we are still working on this. I will have the results posted later today. Thanks.
-
Also, my browser, Internet Explorer keeps dropping.
-
Sorry, I missed the line that said to skip. Here is the log file.
09:22:46.0526 19928 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
09:22:46.0995 19928 ============================================================
09:22:46.0995 19928 Current date / time: 2011/11/20 09:22:46.0995
09:22:46.0995 19928 SystemInfo:
09:22:46.0995 19928
09:22:46.0995 19928 OS Version: 5.1.2600 ServicePack: 3.0
09:22:46.0995 19928 Product type: Workstation
09:22:46.0995 19928 ComputerName: EMACHINE
09:22:46.0995 19928 UserName: Owner
09:22:46.0995 19928 Windows directory: C:\WINDOWS
09:22:46.0995 19928 System windows directory: C:\WINDOWS
09:22:46.0995 19928 Processor architecture: Intel x86
09:22:46.0995 19928 Number of processors: 1
09:22:46.0995 19928 Page size: 0x1000
09:22:46.0995 19928 Boot type: Normal boot
09:22:46.0995 19928 ============================================================
09:22:48.0808 19928 Initialize success
09:22:57.0901 15668 ============================================================
09:22:57.0901 15668 Scan started
09:22:57.0901 15668 Mode: Manual;
09:22:57.0901 15668 ============================================================
09:22:58.0276 15668 Abiosdsk - ok
09:22:58.0604 15668 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:22:58.0604 15668 abp480n5 - ok
09:22:58.0979 15668 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:22:58.0979 15668 ACPI - ok
09:22:59.0307 15668 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:22:59.0307 15668 ACPIEC - ok
09:22:59.0635 15668 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:22:59.0635 15668 adpu160m - ok
09:23:00.0073 15668 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:23:00.0073 15668 aec - ok
09:23:00.0432 15668 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:23:00.0448 15668 AFD - ok
09:23:00.0776 15668 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:23:00.0791 15668 agp440 - ok
09:23:01.0119 15668 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:23:01.0135 15668 agpCPQ - ok
09:23:01.0448 15668 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:23:01.0448 15668 Aha154x - ok
09:23:01.0760 15668 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:23:01.0760 15668 aic78u2 - ok
09:23:02.0088 15668 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:23:02.0088 15668 aic78xx - ok
09:23:02.0526 15668 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
09:23:02.0604 15668 ALCXWDM - ok
09:23:02.0932 15668 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:23:02.0932 15668 AliIde - ok
09:23:03.0276 15668 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:23:03.0276 15668 alim1541 - ok
09:23:03.0635 15668 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:23:03.0635 15668 amdagp - ok
09:23:03.0947 15668 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:23:03.0963 15668 amsint - ok
09:23:04.0338 15668 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:23:04.0354 15668 Arp1394 - ok
09:23:04.0651 15668 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:23:04.0651 15668 asc - ok
09:23:04.0979 15668 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:23:04.0979 15668 asc3350p - ok
09:23:05.0275 15668 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:23:05.0275 15668 asc3550 - ok
09:23:05.0650 15668 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:23:05.0650 15668 AsyncMac - ok
09:23:06.0010 15668 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:23:06.0010 15668 atapi - ok
09:23:06.0338 15668 Atdisk - ok
09:23:06.0729 15668 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:23:06.0744 15668 ati2mtag - ok
09:23:07.0104 15668 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:23:07.0104 15668 Atmarpc - ok
09:23:07.0432 15668 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:23:07.0432 15668 audstub - ok
09:23:07.0760 15668 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:23:07.0760 15668 Beep - ok
09:23:08.0088 15668 BT - ok
09:23:08.0400 15668 Btcsrusb - ok
09:23:08.0744 15668 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
09:23:08.0744 15668 BtHidBus - ok
09:23:09.0072 15668 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
09:23:09.0072 15668 btnetBUs - ok
09:23:09.0400 15668 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:23:09.0400 15668 BVRPMPR5 - ok
09:23:09.0697 15668 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:23:09.0697 15668 cbidf - ok
09:23:09.0994 15668 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:23:09.0994 15668 cbidf2k - ok
09:23:10.0431 15668 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:23:10.0431 15668 cd20xrnt - ok
09:23:10.0775 15668 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
09:23:10.0775 15668 CdaD10BA - ok
09:23:11.0088 15668 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:23:11.0088 15668 Cdaudio - ok
09:23:11.0447 15668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:23:11.0447 15668 Cdfs - ok
09:23:11.0791 15668 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:23:11.0791 15668 Cdr4_xp - ok
09:23:12.0119 15668 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:23:12.0119 15668 Cdralw2k - ok
09:23:12.0447 15668 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:23:12.0447 15668 Cdrom - ok
09:23:12.0744 15668 Changer - ok
09:23:13.0103 15668 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:23:13.0103 15668 CmdIde - ok
09:23:13.0463 15668 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:23:13.0463 15668 Cpqarray - ok
09:23:13.0822 15668 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:23:13.0838 15668 dac2w2k - ok
09:23:14.0197 15668 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:23:14.0197 15668 dac960nt - ok
09:23:14.0556 15668 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:23:14.0556 15668 Disk - ok
09:23:14.0931 15668 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:23:14.0947 15668 dmboot - ok
09:23:15.0337 15668 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:23:15.0353 15668 dmio - ok
09:23:15.0697 15668 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:23:15.0697 15668 dmload - ok
09:23:16.0056 15668 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:23:16.0056 15668 DMusic - ok
09:23:16.0462 15668 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
09:23:16.0462 15668 dot4 - ok
09:23:16.0822 15668 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
09:23:16.0822 15668 Dot4Print - ok
09:23:17.0197 15668 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:23:17.0197 15668 Dot4Scan - ok
09:23:17.0540 15668 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
09:23:17.0556 15668 dot4usb - ok
09:23:17.0900 15668 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:23:17.0900 15668 dpti2o - ok
09:23:18.0244 15668 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:23:18.0244 15668 drmkaud - ok
09:23:18.0619 15668 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:23:18.0634 15668 Fastfat - ok
09:23:18.0994 15668 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:23:18.0994 15668 Fdc - ok
09:23:19.0337 15668 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:23:19.0337 15668 Fips - ok
09:23:19.0697 15668 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:23:19.0697 15668 Flpydisk - ok
09:23:20.0040 15668 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:23:20.0056 15668 FltMgr - ok
09:23:20.0447 15668 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:23:20.0447 15668 Fs_Rec - ok
09:23:20.0806 15668 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:23:20.0822 15668 Ftdisk - ok
09:23:21.0134 15668 gdiw2k - ok
09:23:21.0509 15668 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
09:23:21.0509 15668 GEARAspiWDM - ok
09:23:21.0853 15668 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:23:21.0853 15668 Gpc - ok
09:23:22.0212 15668 hoiqslbv - ok
09:23:22.0571 15668 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:23:22.0571 15668 hpn - ok
09:23:22.0915 15668 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:23:22.0931 15668 HPZid412 - ok
09:23:23.0275 15668 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:23:23.0275 15668 HPZipr12 - ok
09:23:23.0618 15668 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:23:23.0618 15668 HPZius12 - ok
09:23:23.0993 15668 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:23:23.0993 15668 HSFHWBS2 - ok
09:23:24.0368 15668 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:23:24.0415 15668 HSF_DP - ok
09:23:24.0759 15668 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:23:24.0774 15668 HTTP - ok
09:23:25.0134 15668 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:23:25.0134 15668 i2omgmt - ok
09:23:25.0493 15668 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:23:25.0493 15668 i2omp - ok
09:23:25.0946 15668 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:23:25.0946 15668 i8042prt - ok
09:23:26.0321 15668 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:23:26.0321 15668 Imapi - ok
09:23:26.0665 15668 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:23:26.0681 15668 ini910u - ok
09:23:27.0071 15668 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:23:27.0071 15668 IntelIde - ok
09:23:27.0415 15668 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:23:27.0415 15668 Ip6Fw - ok
09:23:27.0759 15668 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:23:27.0759 15668 IpFilterDriver - ok
09:23:28.0102 15668 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:23:28.0102 15668 IpInIp - ok
09:23:28.0477 15668 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:23:28.0477 15668 IpNat - ok
09:23:28.0852 15668 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:23:28.0852 15668 IPSec - ok
09:23:29.0196 15668 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:23:29.0196 15668 IRENUM - ok
09:23:29.0571 15668 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:23:29.0571 15668 isapnp - ok
09:23:29.0915 15668 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
09:23:29.0915 15668 IvtBtBUs - ok
09:23:30.0274 15668 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:23:30.0290 15668 Kbdclass - ok
09:23:30.0634 15668 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:23:30.0649 15668 kmixer - ok
09:23:30.0977 15668 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:23:30.0977 15668 KSecDD - ok
09:23:31.0274 15668 lbrtfdc - ok
09:23:31.0618 15668 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
09:23:31.0618 15668 MBAMProtector - ok
09:23:31.0915 15668 MBAMSwissArmy - ok
09:23:32.0258 15668 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:23:32.0258 15668 mdmxsdk - ok
09:23:32.0618 15668 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
09:23:32.0618 15668 MHNDRV - ok
09:23:32.0962 15668 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:23:32.0962 15668 mnmdd - ok
09:23:33.0352 15668 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:23:33.0352 15668 Modem - ok
09:23:33.0696 15668 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
09:23:33.0696 15668 motmodem - ok
09:23:34.0024 15668 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:23:34.0024 15668 Mouclass - ok
09:23:34.0399 15668 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:23:34.0399 15668 MountMgr - ok
09:23:34.0743 15668 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:23:34.0743 15668 MpFilter - ok
09:23:34.0868 15668 MpKsl1053e1c2 - ok
09:23:34.0883 15668 MpKsl128603ce - ok
09:23:34.0899 15668 MpKsl18edb515 - ok
09:23:34.0930 15668 MpKsl193d2b14 - ok
09:23:34.0946 15668 MpKsl1ba45776 - ok
09:23:34.0961 15668 MpKsl1c44341c - ok
09:23:34.0961 15668 MpKsl1e518544 - ok
09:23:34.0993 15668 MpKsl225d22a0 - ok
09:23:35.0008 15668 MpKsl26734daa - ok
09:23:35.0024 15668 MpKsl27dfd542 - ok
09:23:35.0040 15668 MpKsl2aa06fd3 - ok
09:23:35.0040 15668 MpKsl395783ad - ok
09:23:35.0055 15668 MpKsl461ab117 - ok
09:23:35.0102 15668 MpKsl4d39c53c - ok
09:23:35.0118 15668 MpKsl568fd414 - ok
09:23:35.0133 15668 MpKsl68117935 - ok
09:23:35.0149 15668 MpKsl6dc75969 - ok
09:23:35.0211 15668 MpKsl7a65edff (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{23DAE217-F878-437E-8974-7462E982B2FC}\MpKsl7a65edff.sys
09:23:35.0211 15668 MpKsl7a65edff - ok
09:23:35.0352 15668 MpKsl8804e3c8 - ok
09:23:35.0368 15668 MpKsl8e5aeb5b - ok
09:23:35.0383 15668 MpKsl91b90cc1 - ok
09:23:35.0399 15668 MpKsl9c78c2b4 - ok
09:23:35.0415 15668 MpKsl9d14898e - ok
09:23:35.0430 15668 MpKsl9d44a0f9 - ok
09:23:35.0446 15668 MpKsla1335bc1 - ok
09:23:35.0461 15668 MpKsla9238964 - ok
09:23:35.0477 15668 MpKslabd28ac4 - ok
09:23:35.0493 15668 MpKslad7d60bc - ok
09:23:35.0508 15668 MpKslb1b803d0 - ok
09:23:35.0524 15668 MpKslb320f895 - ok
09:23:35.0540 15668 MpKslb907d62f - ok
09:23:35.0555 15668 MpKslbc933e7f - ok
09:23:35.0571 15668 MpKslbe40c4b0 - ok
09:23:35.0586 15668 MpKslcb5a29e0 - ok
09:23:35.0602 15668 MpKsld616c37b - ok
09:23:35.0618 15668 MpKsld7ca0242 - ok
09:23:35.0633 15668 MpKsld99e6c53 - ok
09:23:35.0649 15668 MpKsle3de4626 - ok
09:23:35.0665 15668 MpKslf22068e3 - ok
09:23:35.0680 15668 MpKslf8f79d2e - ok
09:23:35.0696 15668 MpKslfbe4fd56 - ok
09:23:36.0040 15668 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:23:36.0040 15668 mraid35x - ok
09:23:36.0399 15668 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:23:36.0399 15668 MRxDAV - ok
09:23:36.0758 15668 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:23:36.0789 15668 MRxSmb - ok
09:23:37.0133 15668 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:23:37.0133 15668 Msfs - ok
09:23:37.0493 15668 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:23:37.0493 15668 MSKSSRV - ok
09:23:37.0914 15668 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:23:37.0977 15668 MSPCLOCK - ok
09:23:38.0696 15668 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:23:38.0696 15668 MSPQM - ok
09:23:39.0071 15668 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:23:39.0071 15668 mssmbios - ok
09:23:39.0446 15668 MSW_USB (b648018aabe80d62a099e105f4164596) C:\WINDOWS\system32\DRIVERS\MN510-51.sys
09:23:39.0461 15668 MSW_USB - ok
09:23:39.0805 15668 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:23:39.0805 15668 Mup - ok
09:23:40.0149 15668 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
09:23:40.0149 15668 mxnic - ok
09:23:40.0555 15668 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:23:40.0571 15668 NDIS - ok
09:23:40.0883 15668 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:23:40.0899 15668 NdisTapi - ok
09:23:41.0242 15668 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:23:41.0242 15668 Ndisuio - ok
09:23:41.0617 15668 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:23:41.0617 15668 NdisWan - ok
09:23:41.0961 15668 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:23:41.0961 15668 NDProxy - ok
09:23:42.0289 15668 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:23:42.0289 15668 NetBIOS - ok
09:23:42.0649 15668 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:23:42.0649 15668 NetBT - ok
09:23:43.0055 15668 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:23:43.0055 15668 NIC1394 - ok
09:23:43.0414 15668 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
09:23:43.0414 15668 nm - ok
09:23:43.0774 15668 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
09:23:43.0774 15668 NPF - ok
09:23:44.0117 15668 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:23:44.0117 15668 Npfs - ok
09:23:44.0508 15668 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:23:44.0523 15668 Ntfs - ok
09:23:44.0898 15668 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:23:44.0898 15668 Null - ok
09:23:45.0289 15668 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:23:45.0352 15668 nv - ok
09:23:45.0695 15668 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:23:45.0695 15668 NwlnkFlt - ok
09:23:46.0023 15668 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:23:46.0023 15668 NwlnkFwd - ok
09:23:46.0367 15668 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:23:46.0367 15668 NwlnkIpx - ok
09:23:46.0726 15668 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:23:46.0726 15668 NwlnkNb - ok
09:23:47.0086 15668 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:23:47.0086 15668 NwlnkSpx - ok
09:23:47.0430 15668 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
09:23:47.0430 15668 NWRDR - ok
09:23:47.0805 15668 odysseyIM3 (dd03bdd1459d1966ee640f63221c175a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
09:23:47.0805 15668 odysseyIM3 - ok
09:23:48.0133 15668 ohci1394 (8b61e22e07eeb703e2168fbfe1073545) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:23:48.0148 15668 ohci1394 - ok
09:23:48.0492 15668 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
09:23:48.0492 15668 P3 - ok
09:23:48.0836 15668 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:23:48.0836 15668 Parport - ok
09:23:49.0273 15668 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:23:49.0273 15668 PartMgr - ok
09:23:49.0633 15668 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:23:49.0633 15668 ParVdm - ok
09:23:49.0976 15668 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:23:49.0976 15668 pccsmcfd - ok
09:23:50.0320 15668 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:23:50.0320 15668 PCI - ok
09:23:50.0648 15668 PCIDump - ok
09:23:51.0008 15668 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:23:51.0008 15668 PCIIde - ok
09:23:51.0351 15668 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:23:51.0351 15668 Pcmcia - ok
09:23:51.0632 15668 PDCOMP - ok
09:23:51.0945 15668 PDFRAME - ok
09:23:52.0257 15668 PDRELI - ok
09:23:52.0570 15668 PDRFRAME - ok
09:23:52.0929 15668 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:23:52.0929 15668 perc2 - ok
09:23:53.0289 15668 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:23:53.0289 15668 perc2hib - ok
09:23:53.0664 15668 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
09:23:53.0664 15668 pfc - ok
09:23:53.0960 15668 pifcwnbm - ok
09:23:54.0320 15668 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:23:54.0335 15668 PptpMiniport - ok
09:23:54.0695 15668 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
09:23:54.0695 15668 Processor - ok
09:23:55.0054 15668 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:23:55.0054 15668 PSched - ok
09:23:55.0429 15668 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:23:55.0429 15668 Ptilink - ok
09:23:55.0773 15668 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:23:55.0773 15668 PxHelp20 - ok
09:23:56.0117 15668 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:23:56.0117 15668 ql1080 - ok
09:23:56.0476 15668 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:23:56.0476 15668 Ql10wnt - ok
09:23:56.0820 15668 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:23:56.0820 15668 ql12160 - ok
09:23:57.0179 15668 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:23:57.0179 15668 ql1240 - ok
09:23:57.0523 15668 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:23:57.0538 15668 ql1280 - ok
09:23:57.0898 15668 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:23:57.0898 15668 RasAcd - ok
09:23:58.0257 15668 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:23:58.0257 15668 Rasl2tp - ok
09:23:58.0601 15668 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:23:58.0601 15668 RasPppoe - ok
09:23:58.0960 15668 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:23:58.0976 15668 Raspti - ok
09:23:59.0366 15668 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:23:59.0366 15668 Rdbss - ok
09:23:59.0726 15668 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:23:59.0726 15668 RDPCDD - ok
09:24:00.0085 15668 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:24:00.0085 15668 rdpdr - ok
09:24:00.0476 15668 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:24:00.0476 15668 RDPWD - ok
09:24:00.0820 15668 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:24:00.0820 15668 redbook - ok
09:24:01.0163 15668 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:24:01.0163 15668 RimUsb - ok
09:24:01.0507 15668 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
09:24:01.0507 15668 ROOTMODEM - ok
09:24:01.0851 15668 RT73 (bf4709c002d632170dc15a282813d6b3) C:\WINDOWS\system32\DRIVERS\rt73.sys
09:24:01.0851 15668 RT73 - ok
09:24:02.0210 15668 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
09:24:02.0210 15668 RTL8023xp - ok
09:24:02.0585 15668 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:24:02.0585 15668 Secdrv - ok
09:24:02.0944 15668 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
09:24:02.0944 15668 Serial - ok
09:24:03.0351 15668 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:24:03.0351 15668 Sfloppy - ok
09:24:03.0663 15668 Simbad - ok
09:24:04.0022 15668 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:24:04.0022 15668 sisagp - ok
09:24:04.0397 15668 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:24:04.0397 15668 Sparrow - ok
09:24:04.0757 15668 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:24:04.0757 15668 splitter - ok
09:24:05.0101 15668 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:24:05.0116 15668 sr - ok
09:24:05.0507 15668 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:24:05.0522 15668 Srv - ok
09:24:05.0882 15668 SunkFilt (86ca1a5c15a5a98d5533945fb1120b05) C:\WINDOWS\System32\Drivers\sunkfilt.sys
09:24:05.0882 15668 SunkFilt - ok
09:24:06.0225 15668 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:24:06.0225 15668 swenum - ok
09:24:06.0585 15668 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:24:06.0585 15668 swmidi - ok
09:24:06.0913 15668 SWMX00 - ok
09:24:07.0210 15668 SWNC5E00 - ok
09:24:07.0569 15668 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:24:07.0569 15668 symc810 - ok
09:24:07.0913 15668 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:24:07.0913 15668 symc8xx - ok
09:24:08.0272 15668 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:24:08.0272 15668 sym_hi - ok
09:24:08.0632 15668 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:24:08.0632 15668 sym_u3 - ok
09:24:08.0960 15668 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:24:08.0975 15668 sysaudio - ok
09:24:09.0350 15668 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:24:09.0366 15668 Tcpip - ok
09:24:09.0710 15668 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
09:24:09.0710 15668 Tcpip6 - ok
09:24:10.0038 15668 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:24:10.0038 15668 TDPIPE - ok
09:24:10.0366 15668 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:24:10.0366 15668 TDTCP - ok
09:24:10.0741 15668 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:24:10.0741 15668 TermDD - ok
09:24:11.0100 15668 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:24:11.0100 15668 TosIde - ok
09:24:11.0475 15668 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
09:24:11.0475 15668 tunmp - ok
09:24:11.0491 15668 Suspicious service (Hidden): UACd.sys
09:24:11.0803 15668 UACd.sys (ffd7cfafe1ffdc032087a7a6636b99a2) C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys
09:24:11.0803 15668 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
09:24:11.0803 15668 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
09:24:11.0803 15668 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - infected
09:24:11.0803 15668 UACd.sys - detected Rootkit.Win32.TDSS.tdl2 (0)
09:24:12.0147 15668 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:24:12.0147 15668 Udfs - ok
09:24:12.0491 15668 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:24:12.0491 15668 ultra - ok
09:24:12.0866 15668 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:24:12.0881 15668 Update - ok
09:24:13.0241 15668 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:24:13.0241 15668 USBAAPL - ok
09:24:13.0553 15668 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:24:13.0569 15668 usbccgp - ok
09:24:13.0913 15668 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:24:13.0913 15668 usbehci - ok
09:24:14.0288 15668 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:24:14.0288 15668 usbhub - ok
09:24:14.0647 15668 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:24:14.0647 15668 usbohci - ok
09:24:14.0991 15668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:24:14.0991 15668 usbprint - ok
09:24:15.0319 15668 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:24:15.0319 15668 usbscan - ok
09:24:15.0694 15668 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:24:15.0694 15668 USBSTOR - ok
09:24:16.0006 15668 VComm - ok
09:24:16.0319 15668 VcommMgr - ok
09:24:16.0662 15668 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:24:16.0662 15668 VgaSave - ok
09:24:17.0022 15668 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:24:17.0022 15668 viaagp - ok
09:24:17.0366 15668 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:24:17.0366 15668 ViaIde - ok
09:24:17.0725 15668 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:24:17.0725 15668 VolSnap - ok
09:24:18.0084 15668 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:24:18.0084 15668 Wanarp - ok
09:24:18.0397 15668 wanatw - ok
09:24:18.0756 15668 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:24:18.0772 15668 Wdf01000 - ok
09:24:19.0069 15668 WDICA - ok
09:24:19.0475 15668 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:24:19.0475 15668 wdmaud - ok
09:24:19.0850 15668 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:24:19.0881 15668 winachsf - ok
09:24:20.0287 15668 WpdUsb (d87ea9f191df6731818ffd93659badf4) C:\WINDOWS\system32\Drivers\wpdusb.sys
09:24:20.0287 15668 WpdUsb - ok
09:24:20.0647 15668 zabslmsf - ok
09:24:20.0959 15668 zvuueeds - ok
09:24:21.0037 15668 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
09:24:21.0053 15668 \Device\Harddisk0\DR0 - ok
09:24:21.0084 15668 Boot (0x1200) (4d98067400fe9c2200a8bda154034897) \Device\Harddisk0\DR0\Partition0
09:24:21.0084 15668 \Device\Harddisk0\DR0\Partition0 - ok
09:24:21.0084 15668 ============================================================
09:24:21.0084 15668 Scan finished
09:24:21.0084 15668 ============================================================
09:24:21.0115 7512 Detected object count: 1
09:24:21.0115 7512 Actual detected object count: 1
09:25:17.0316 7512 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - skipped by user
09:25:17.0316 7512 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - User select action: Skip
09:26:33.0530 12964 ============================================================
09:26:33.0530 12964 Scan started
09:26:33.0530 12964 Mode: Manual;
09:26:33.0530 12964 ============================================================
09:26:34.0046 12964 Abiosdsk - ok
09:26:34.0359 12964 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:26:34.0359 12964 abp480n5 - ok
09:26:34.0718 12964 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:26:34.0718 12964 ACPI - ok
09:26:35.0046 12964 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:26:35.0046 12964 ACPIEC - ok
09:26:35.0358 12964 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:26:35.0358 12964 adpu160m - ok
09:26:35.0718 12964 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:26:35.0718 12964 aec - ok
09:26:36.0077 12964 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:26:36.0077 12964 AFD - ok
09:26:36.0421 12964 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:26:36.0421 12964 agp440 - ok
09:26:36.0765 12964 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:26:36.0765 12964 agpCPQ - ok
09:26:37.0062 12964 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:26:37.0062 12964 Aha154x - ok
09:26:37.0390 12964 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:26:37.0390 12964 aic78u2 - ok
09:26:37.0702 12964 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:26:37.0702 12964 aic78xx - ok
09:26:38.0140 12964 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
09:26:38.0155 12964 ALCXWDM - ok
09:26:38.0483 12964 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:26:38.0483 12964 AliIde - ok
09:26:38.0843 12964 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:26:38.0843 12964 alim1541 - ok
09:26:39.0186 12964 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:26:39.0186 12964 amdagp - ok
09:26:39.0515 12964 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:26:39.0515 12964 amsint - ok
09:26:39.0874 12964 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:26:39.0874 12964 Arp1394 - ok
09:26:40.0218 12964 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:26:40.0218 12964 asc - ok
09:26:40.0546 12964 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:26:40.0546 12964 asc3350p - ok
09:26:40.0858 12964 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:26:40.0858 12964 asc3550 - ok
09:26:41.0233 12964 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:26:41.0233 12964 AsyncMac - ok
09:26:41.0593 12964 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:26:41.0593 12964 atapi - ok
09:26:41.0905 12964 Atdisk - ok
09:26:42.0264 12964 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:26:42.0280 12964 ati2mtag - ok
09:26:42.0639 12964 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:26:42.0639 12964 Atmarpc - ok
09:26:42.0952 12964 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:26:42.0952 12964 audstub - ok
09:26:43.0296 12964 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:26:43.0296 12964 Beep - ok
09:26:43.0608 12964 BT - ok
09:26:43.0936 12964 Btcsrusb - ok
09:26:44.0264 12964 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
09:26:44.0264 12964 BtHidBus - ok
09:26:44.0608 12964 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
09:26:44.0608 12964 btnetBUs - ok
09:26:44.0905 12964 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:26:44.0905 12964 BVRPMPR5 - ok
09:26:45.0202 12964 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:26:45.0202 12964 cbidf - ok
09:26:45.0514 12964 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:26:45.0514 12964 cbidf2k - ok
09:26:45.0827 12964 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:26:45.0827 12964 cd20xrnt - ok
09:26:46.0186 12964 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
09:26:46.0186 12964 CdaD10BA - ok
09:26:46.0530 12964 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:26:46.0545 12964 Cdaudio - ok
09:26:46.0889 12964 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:26:46.0889 12964 Cdfs - ok
09:26:47.0217 12964 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:26:47.0217 12964 Cdr4_xp - ok
09:26:47.0545 12964 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:26:47.0545 12964 Cdralw2k - ok
09:26:47.0873 12964 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:26:47.0873 12964 Cdrom - ok
09:26:48.0170 12964 Changer - ok
09:26:48.0561 12964 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:26:48.0561 12964 CmdIde - ok
09:26:48.0905 12964 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:26:48.0905 12964 Cpqarray - ok
09:26:49.0264 12964 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:26:49.0264 12964 dac2w2k - ok
09:26:49.0623 12964 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:26:49.0623 12964 dac960nt - ok
09:26:49.0998 12964 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:26:49.0998 12964 Disk - ok
09:26:50.0373 12964 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:26:50.0389 12964 dmboot - ok
09:26:50.0780 12964 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:26:50.0780 12964 dmio - ok
09:26:51.0139 12964 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:26:51.0139 12964 dmload - ok
09:26:51.0498 12964 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:26:51.0498 12964 DMusic - ok
09:26:51.0873 12964 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
09:26:51.0873 12964 dot4 - ok
09:26:52.0217 12964 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
09:26:52.0217 12964 Dot4Print - ok
09:26:52.0576 12964 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:26:52.0576 12964 Dot4Scan - ok
09:26:52.0592 12964 Scan interrupted by user!
09:26:52.0592 12964 Scan interrupted by user!
09:26:52.0592 12964 Scan interrupted by user!
09:26:52.0592 12964 ============================================================
09:26:52.0592 12964 Scan finished
09:26:52.0592 12964 ============================================================
09:26:52.0608 10016 Detected object count: 0
09:26:52.0608 10016 Actual detected object count: 0
09:26:59.0935 4724 ============================================================
09:26:59.0935 4724 Scan started
09:26:59.0935 4724 Mode: Manual;
09:26:59.0935 4724 ============================================================
09:27:00.0310 4724 Abiosdsk - ok
09:27:00.0607 4724 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:27:00.0607 4724 abp480n5 - ok
09:27:01.0013 4724 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:27:01.0013 4724 ACPI - ok
09:27:01.0342 4724 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:27:01.0342 4724 ACPIEC - ok
09:27:01.0623 4724 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:27:01.0623 4724 adpu160m - ok
09:27:01.0982 4724 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:27:01.0982 4724 aec - ok
09:27:02.0326 4724 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:27:02.0326 4724 AFD - ok
09:27:02.0670 4724 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:27:02.0670 4724 agp440 - ok
09:27:02.0998 4724 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:27:02.0998 4724 agpCPQ - ok
09:27:03.0341 4724 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:27:03.0341 4724 Aha154x - ok
09:27:03.0670 4724 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:27:03.0670 4724 aic78u2 - ok
09:27:03.0998 4724 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:27:03.0998 4724 aic78xx - ok
09:27:04.0419 4724 ALCXWDM (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
09:27:04.0435 4724 ALCXWDM - ok
09:27:04.0748 4724 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:27:04.0748 4724 AliIde - ok
09:27:05.0107 4724 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:27:05.0107 4724 alim1541 - ok
09:27:05.0466 4724 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:27:05.0466 4724 amdagp - ok
09:27:05.0763 4724 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:27:05.0763 4724 amsint - ok
09:27:06.0123 4724 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:27:06.0123 4724 Arp1394 - ok
09:27:06.0435 4724 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:27:06.0451 4724 asc - ok
09:27:06.0747 4724 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:27:06.0747 4724 asc3350p - ok
09:27:07.0060 4724 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:27:07.0060 4724 asc3550 - ok
09:27:07.0435 4724 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:27:07.0435 4724 AsyncMac - ok
09:27:07.0794 4724 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:27:07.0794 4724 atapi - ok
09:27:08.0107 4724 Atdisk - ok
09:27:08.0497 4724 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:27:08.0513 4724 ati2mtag - ok
09:27:08.0857 4724 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:27:08.0857 4724 Atmarpc - ok
09:27:09.0169 4724 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:27:09.0169 4724 audstub - ok
09:27:09.0482 4724 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:27:09.0482 4724 Beep - ok
09:27:09.0810 4724 BT - ok
09:27:10.0122 4724 Btcsrusb - ok
09:27:10.0450 4724 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
09:27:10.0450 4724 BtHidBus - ok
09:27:10.0779 4724 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
09:27:10.0779 4724 btnetBUs - ok
09:27:11.0122 4724 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:27:11.0122 4724 BVRPMPR5 - ok
09:27:11.0419 4724 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:27:11.0419 4724 cbidf - ok
09:27:11.0732 4724 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:27:11.0732 4724 cbidf2k - ok
09:27:12.0091 4724 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:27:12.0091 4724 cd20xrnt - ok
09:27:12.0450 4724 CdaD10BA (841cefab8228ee691705d059e7f21c47) C:\WINDOWS\system32\drivers\CdaD10BA.SYS
09:27:12.0450 4724 CdaD10BA - ok
09:27:12.0794 4724 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:27:12.0794 4724 Cdaudio - ok
09:27:13.0153 4724 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:27:13.0153 4724 Cdfs - ok
09:27:13.0497 4724 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:27:13.0497 4724 Cdr4_xp - ok
09:27:13.0810 4724 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:27:13.0810 4724 Cdralw2k - ok
09:27:14.0153 4724 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:27:14.0153 4724 Cdrom - ok
09:27:14.0435 4724 Changer - ok
09:27:14.0794 4724 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:27:14.0794 4724 CmdIde - ok
09:27:15.0169 4724 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:27:15.0169 4724 Cpqarray - ok
09:27:15.0528 4724 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:27:15.0528 4724 dac2w2k - ok
09:27:15.0888 4724 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:27:15.0888 4724 dac960nt - ok
09:27:16.0263 4724 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:27:16.0263 4724 Disk - ok
09:27:16.0638 4724 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:27:16.0638 4724 dmboot - ok
09:27:16.0997 4724 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:27:16.0997 4724 dmio - ok
09:27:17.0341 4724 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:27:17.0341 4724 dmload - ok
09:27:17.0747 4724 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:27:17.0747 4724 DMusic - ok
09:27:18.0106 4724 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
09:27:18.0106 4724 dot4 - ok
09:27:18.0497 4724 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
09:27:18.0497 4724 Dot4Print - ok
09:27:18.0856 4724 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:27:18.0856 4724 Dot4Scan - ok
09:27:19.0216 4724 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
09:27:19.0216 4724 dot4usb - ok
09:27:19.0528 4724 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:27:19.0544 4724 dpti2o - ok
09:27:19.0887 4724 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:27:19.0887 4724 drmkaud - ok
09:27:20.0262 4724 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:27:20.0262 4724 Fastfat - ok
09:27:20.0622 4724 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:27:20.0622 4724 Fdc - ok
09:27:20.0981 4724 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:27:20.0981 4724 Fips - ok
09:27:21.0356 4724 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:27:21.0356 4724 Flpydisk - ok
09:27:21.0715 4724 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:27:21.0715 4724 FltMgr - ok
09:27:22.0075 4724 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:27:22.0075 4724 Fs_Rec - ok
09:27:22.0434 4724 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:27:22.0434 4724 Ftdisk - ok
09:27:22.0731 4724 gdiw2k - ok
09:27:23.0075 4724 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
09:27:23.0090 4724 GEARAspiWDM - ok
09:27:23.0450 4724 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:27:23.0450 4724 Gpc - ok
09:27:23.0762 4724 hoiqslbv - ok
09:27:24.0137 4724 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:27:24.0137 4724 hpn - ok
09:27:24.0497 4724 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:27:24.0497 4724 HPZid412 - ok
09:27:24.0856 4724 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:27:24.0856 4724 HPZipr12 - ok
09:27:25.0200 4724 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:27:25.0200 4724 HPZius12 - ok
09:27:25.0559 4724 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:27:25.0559 4724 HSFHWBS2 - ok
09:27:25.0950 4724 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
09:27:25.0950 4724 HSF_DP - ok
09:27:26.0293 4724 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:27:26.0309 4724 HTTP - ok
09:27:26.0653 4724 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:27:26.0653 4724 i2omgmt - ok
09:27:27.0012 4724 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:27:27.0012 4724 i2omp - ok
09:27:27.0356 4724 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:27:27.0371 4724 i8042prt - ok
09:27:27.0715 4724 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:27:27.0715 4724 Imapi - ok
09:27:28.0090 4724 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:27:28.0090 4724 ini910u - ok
09:27:28.0465 4724 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:27:28.0465 4724 IntelIde - ok
09:27:28.0824 4724 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:27:28.0824 4724 Ip6Fw - ok
09:27:29.0168 4724 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:27:29.0168 4724 IpFilterDriver - ok
09:27:29.0528 4724 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:27:29.0528 4724 IpInIp - ok
09:27:29.0871 4724 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:27:29.0887 4724 IpNat - ok
09:27:30.0246 4724 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:27:30.0246 4724 IPSec - ok
09:27:30.0590 4724 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:27:30.0590 4724 IRENUM - ok
09:27:30.0965 4724 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:27:30.0965 4724 isapnp - ok
09:27:31.0340 4724 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
09:27:31.0340 4724 IvtBtBUs - ok
09:27:31.0668 4724 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:27:31.0668 4724 Kbdclass - ok
09:27:32.0027 4724 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:27:32.0027 4724 kmixer - ok
09:27:32.0371 4724 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:27:32.0371 4724 KSecDD - ok
09:27:32.0684 4724 lbrtfdc - ok
09:27:33.0043 4724 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
09:27:33.0043 4724 MBAMProtector - ok
09:27:33.0355 4724 MBAMSwissArmy - ok
09:27:33.0699 4724 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:27:33.0699 4724 mdmxsdk - ok
09:27:34.0059 4724 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
09:27:34.0059 4724 MHNDRV - ok
09:27:34.0418 4724 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:27:34.0418 4724 mnmdd - ok
09:27:34.0777 4724 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:27:34.0777 4724 Modem - ok
09:27:35.0121 4724 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
09:27:35.0121 4724 motmodem - ok
09:27:35.0465 4724 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:27:35.0465 4724 Mouclass - ok
09:27:35.0824 4724 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:27:35.0824 4724 MountMgr - ok
09:27:36.0152 4724 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:27:36.0152 4724 MpFilter - ok
09:27:36.0293 4724 MpKsl1053e1c2 - ok
09:27:36.0308 4724 MpKsl128603ce - ok
09:27:36.0324 4724 MpKsl18edb515 - ok
09:27:36.0340 4724 MpKsl193d2b14 - ok
09:27:36.0355 4724 MpKsl1ba45776 - ok
09:27:36.0371 4724 MpKsl1c44341c - ok
09:27:36.0387 4724 MpKsl1e518544 - ok
09:27:36.0402 4724 MpKsl225d22a0 - ok
09:27:36.0418 4724 MpKsl26734daa - ok
09:27:36.0433 4724 MpKsl27dfd542 - ok
09:27:36.0449 4724 MpKsl2aa06fd3 - ok
09:27:36.0465 4724 MpKsl395783ad - ok
09:27:36.0496 4724 MpKsl461ab117 - ok
09:27:36.0496 4724 MpKsl4d39c53c - ok
09:27:36.0512 4724 MpKsl568fd414 - ok
09:27:36.0527 4724 MpKsl68117935 - ok
09:27:36.0543 4724 MpKsl6dc75969 - ok
09:27:36.0590 4724 MpKsl7a65edff (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{23DAE217-F878-437E-8974-7462E982B2FC}\MpKsl7a65edff.sys
09:27:36.0590 4724 MpKsl7a65edff - ok
09:27:36.0605 4724 MpKsl8804e3c8 - ok
09:27:36.0621 4724 MpKsl8e5aeb5b - ok
09:27:36.0637 4724 MpKsl91b90cc1 - ok
09:27:36.0652 4724 MpKsl9c78c2b4 - ok
09:27:36.0668 4724 MpKsl9d14898e - ok
09:27:36.0683 4724 MpKsl9d44a0f9 - ok
09:27:36.0699 4724 MpKsla1335bc1 - ok
09:27:36.0715 4724 MpKsla9238964 - ok
09:27:36.0730 4724 MpKslabd28ac4 - ok
09:27:36.0746 4724 MpKslad7d60bc - ok
09:27:36.0762 4724 MpKslb1b803d0 - ok
09:27:36.0777 4724 MpKslb320f895 - ok
09:27:36.0793 4724 MpKslb907d62f - ok
09:27:36.0824 4724 MpKslbc933e7f - ok
09:27:36.0840 4724 MpKslbe40c4b0 - ok
09:27:36.0855 4724 MpKslcb5a29e0 - ok
09:27:36.0871 4724 MpKsld616c37b - ok
09:27:36.0887 4724 MpKsld7ca0242 - ok
09:27:36.0902 4724 MpKsld99e6c53 - ok
09:27:36.0918 4724 MpKsle3de4626 - ok
09:27:36.0933 4724 MpKslf22068e3 - ok
09:27:36.0949 4724 MpKslf8f79d2e - ok
09:27:36.0965 4724 MpKslfbe4fd56 - ok
09:27:37.0277 4724 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:27:37.0277 4724 mraid35x - ok
09:27:37.0637 4724 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:27:37.0637 4724 MRxDAV - ok
09:27:38.0215 4724 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:27:38.0230 4724 MRxSmb - ok
09:27:38.0621 4724 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:27:38.0621 4724 Msfs - ok
09:27:38.0965 4724 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:27:38.0965 4724 MSKSSRV - ok
09:27:39.0308 4724 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:27:39.0308 4724 MSPCLOCK - ok
09:27:39.0652 4724 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:27:39.0652 4724 MSPQM - ok
09:27:39.0996 4724 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:27:39.0996 4724 mssmbios - ok
09:27:40.0324 4724 MSW_USB (b648018aabe80d62a099e105f4164596) C:\WINDOWS\system32\DRIVERS\MN510-51.sys
09:27:40.0324 4724 MSW_USB - ok
09:27:40.0668 4724 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:27:40.0668 4724 Mup - ok
09:27:40.0996 4724 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
09:27:41.0011 4724 mxnic - ok
09:27:41.0386 4724 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:27:41.0386 4724 NDIS - ok
09:27:41.0714 4724 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:27:41.0714 4724 NdisTapi - ok
09:27:42.0058 4724 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:27:42.0058 4724 Ndisuio - ok
09:27:42.0418 4724 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:27:42.0418 4724 NdisWan - ok
09:27:42.0761 4724 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:27:42.0761 4724 NDProxy - ok
09:27:43.0105 4724 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:27:43.0105 4724 NetBIOS - ok
09:27:43.0480 4724 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:27:43.0480 4724 NetBT - ok
09:27:43.0871 4724 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:27:43.0871 4724 NIC1394 - ok
09:27:44.0230 4724 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
09:27:44.0230 4724 nm - ok
09:27:44.0574 4724 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
09:27:44.0574 4724 NPF - ok
09:27:44.0902 4724 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:27:44.0902 4724 Npfs - ok
09:27:45.0277 4724 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:27:45.0277 4724 Ntfs - ok
09:27:45.0636 4724 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:27:45.0636 4724 Null - ok
09:27:46.0027 4724 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:27:46.0042 4724 nv - ok
09:27:46.0370 4724 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:27:46.0386 4724 NwlnkFlt - ok
09:27:46.0714 4724 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:27:46.0714 4724 NwlnkFwd - ok
09:27:47.0058 4724 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:27:47.0058 4724 NwlnkIpx - ok
09:27:47.0417 4724 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:27:47.0417 4724 NwlnkNb - ok
09:27:47.0777 4724 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:27:47.0777 4724 NwlnkSpx - ok
09:27:48.0136 4724 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
09:27:48.0136 4724 NWRDR - ok
09:27:48.0511 4724 odysseyIM3 (dd03bdd1459d1966ee640f63221c175a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
09:27:48.0511 4724 odysseyIM3 - ok
09:27:48.0855 4724 ohci1394 (8b61e22e07eeb703e2168fbfe1073545) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:27:48.0855 4724 ohci1394 - ok
09:27:49.0214 4724 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
09:27:49.0214 4724 P3 - ok
09:27:49.0558 4724 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:27:49.0558 4724 Parport - ok
09:27:49.0902 4724 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:27:49.0917 4724 PartMgr - ok
09:27:50.0261 4724 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:27:50.0277 4724 ParVdm - ok
09:27:50.0620 4724 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:27:50.0620 4724 pccsmcfd - ok
09:27:50.0964 4724 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:27:50.0964 4724 PCI - ok
09:27:51.0276 4724 PCIDump - ok
09:27:51.0636 4724 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:27:51.0636 4724 PCIIde - ok
09:27:51.0980 4724 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:27:51.0980 4724 Pcmcia - ok
09:27:52.0261 4724 PDCOMP - ok
09:27:52.0573 4724 PDFRAME - ok
09:27:52.0870 4724 PDRELI - ok
09:27:53.0183 4724 PDRFRAME - ok
09:27:53.0589 4724 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:27:53.0589 4724 perc2 - ok
09:27:53.0964 4724 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:27:53.0964 4724 perc2hib - ok
09:27:54.0339 4724 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
09:27:54.0339 4724 pfc - ok
09:27:54.0651 4724 pifcwnbm - ok
09:27:55.0011 4724 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:27:55.0011 4724 PptpMiniport - ok
09:27:55.0401 4724 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
09:27:55.0401 4724 Processor - ok
09:27:55.0745 4724 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:27:55.0745 4724 PSched - ok
09:27:56.0104 4724 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:27:56.0104 4724 Ptilink - ok
09:27:56.0448 4724 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:27:56.0448 4724 PxHelp20 - ok
09:27:56.0792 4724 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:27:56.0792 4724 ql1080 - ok
09:27:57.0151 4724 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:27:57.0151 4724 Ql10wnt - ok
09:27:57.0511 4724 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:27:57.0511 4724 ql12160 - ok
09:27:57.0854 4724 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:27:57.0854 4724 ql1240 - ok
09:27:58.0214 4724 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:27:58.0214 4724 ql1280 - ok
09:27:58.0573 4724 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:27:58.0573 4724 RasAcd - ok
09:27:58.0948 4724 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:27:58.0948 4724 Rasl2tp - ok
09:27:59.0323 4724 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:27:59.0323 4724 RasPppoe - ok
09:27:59.0667 4724 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:27:59.0667 4724 Raspti - ok
09:28:00.0026 4724 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:28:00.0026 4724 Rdbss - ok
09:28:00.0370 4724 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:28:00.0370 4724 RDPCDD - ok
09:28:00.0745 4724 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:28:00.0745 4724 rdpdr - ok
09:28:01.0104 4724 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:28:01.0104 4724 RDPWD - ok
09:28:01.0479 4724 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:28:01.0479 4724 redbook - ok
09:28:01.0885 4724 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:28:01.0885 4724 RimUsb - ok
09:28:02.0198 4724 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
09:28:02.0198 4724 ROOTMODEM - ok
09:28:02.0557 4724 RT73 (bf4709c002d632170dc15a282813d6b3) C:\WINDOWS\system32\DRIVERS\rt73.sys
09:28:02.0573 4724 RT73 - ok
09:28:02.0901 4724 RTL8023xp (e9877aa069dc11b03dbd1d33b8b2a3ca) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
09:28:02.0916 4724 RTL8023xp - ok
09:28:03.0323 4724 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:28:03.0323 4724 Secdrv - ok
09:28:03.0698 4724 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
09:28:03.0698 4724 Serial - ok
09:28:04.0073 4724 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:28:04.0073 4724 Sfloppy - ok
09:28:04.0385 4724 Simbad - ok
09:28:04.0745 4724 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:28:04.0745 4724 sisagp - ok
09:28:05.0104 4724 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:28:05.0104 4724 Sparrow - ok
09:28:05.0463 4724 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:28:05.0463 4724 splitter - ok
09:28:05.0823 4724 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:28:05.0823 4724 sr - ok
09:28:06.0182 4724 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:28:06.0182 4724 Srv - ok
09:28:06.0557 4724 SunkFilt (86ca1a5c15a5a98d5533945fb1120b05) C:\WINDOWS\System32\Drivers\sunkfilt.sys
09:28:06.0557 4724 SunkFilt - ok
09:28:06.0901 4724 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:28:06.0901 4724 swenum - ok
09:28:07.0244 4724 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:28:07.0244 4724 swmidi - ok
09:28:07.0541 4724 SWMX00 - ok
09:28:07.0838 4724 SWNC5E00 - ok
09:28:08.0197 4724 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:28:08.0197 4724 symc810 - ok
09:28:08.0541 4724 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:28:08.0541 4724 symc8xx - ok
09:28:08.0901 4724 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:28:08.0901 4724 sym_hi - ok
09:28:09.0244 4724 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:28:09.0244 4724 sym_u3 - ok
09:28:09.0604 4724 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:28:09.0604 4724 sysaudio - ok
09:28:09.0963 4724 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:28:09.0963 4724 Tcpip - ok
09:28:10.0307 4724 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
09:28:10.0307 4724 Tcpip6 - ok
09:28:10.0635 4724 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:28:10.0635 4724 TDPIPE - ok
09:28:10.0963 4724 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:28:10.0963 4724 TDTCP - ok
09:28:11.0322 4724 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:28:11.0322 4724 TermDD - ok
09:28:11.0744 4724 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:28:11.0744 4724 TosIde - ok
09:28:12.0104 4724 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
09:28:12.0104 4724 tunmp - ok
09:28:12.0104 4724 Suspicious service (Hidden): UACd.sys
09:28:12.0447 4724 UACd.sys (ffd7cfafe1ffdc032087a7a6636b99a2) C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys
09:28:12.0447 4724 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
09:28:12.0447 4724 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\UACyaacntahwdornkuhw.sys. md5: ffd7cfafe1ffdc032087a7a6636b99a2
09:28:12.0447 4724 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - infected
09:28:12.0447 4724 UACd.sys - detected Rootkit.Win32.TDSS.tdl2 (0)
09:28:12.0760 4724 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:28:12.0775 4724 Udfs - ok
09:28:13.0103 4724 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:28:13.0103 4724 ultra - ok
09:28:13.0478 4724 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:28:13.0494 4724 Update - ok
09:28:13.0838 4724 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:28:13.0838 4724 USBAAPL - ok
09:28:14.0182 4724 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:28:14.0182 4724 usbccgp - ok
09:28:14.0541 4724 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:28:14.0541 4724 usbehci - ok
09:28:14.0885 4724 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:28:14.0885 4724 usbhub - ok
09:28:15.0244 4724 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:28:15.0244 4724 usbohci - ok
09:28:15.0588 4724 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:28:15.0588 4724 usbprint - ok
09:28:15.0931 4724 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:28:15.0931 4724 usbscan - ok
09:28:16.0275 4724 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:28:16.0275 4724 USBSTOR - ok
09:28:16.0588 4724 VComm - ok
09:28:16.0900 4724 VcommMgr - ok
09:28:17.0259 4724 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:28:17.0259 4724 VgaSave - ok
09:28:17.0619 4724 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:28:17.0619 4724 viaagp - ok
09:28:17.0978 4724 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:28:17.0978 4724 ViaIde - ok
09:28:18.0338 4724 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:28:18.0338 4724 VolSnap - ok
09:28:18.0697 4724 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:28:18.0697 4724 Wanarp - ok
09:28:19.0009 4724 wanatw - ok
09:28:19.0353 4724 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:28:19.0369 4724 Wdf01000 - ok
09:28:19.0650 4724 WDICA - ok
09:28:20.0009 4724 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:28:20.0009 4724 wdmaud - ok
09:28:20.0384 4724 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:28:20.0400 4724 winachsf - ok
09:28:20.0775 4724 WpdUsb (d87ea9f191df6731818ffd93659badf4) C:\WINDOWS\system32\Drivers\wpdusb.sys
09:28:20.0791 4724 WpdUsb - ok
09:28:21.0134 4724 zabslmsf - ok
09:28:21.0447 4724 zvuueeds - ok
09:28:21.0525 4724 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
09:28:21.0541 4724 \Device\Harddisk0\DR0 - ok
09:28:21.0556 4724 Boot (0x1200) (4d98067400fe9c2200a8bda154034897) \Device\Harddisk0\DR0\Partition0
09:28:21.0556 4724 \Device\Harddisk0\DR0\Partition0 - ok
09:28:21.0572 4724 ============================================================
09:28:21.0572 4724 Scan finished
09:28:21.0572 4724 ============================================================
09:28:21.0587 17072 Detected object count: 1
09:28:21.0587 17072 Actual detected object count: 1
13:44:36.0490 17072 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - skipped by user
13:44:36.0490 17072 UACd.sys ( Rootkit.Win32.TDSS.tdl2 ) - User select action: Skip
-
While running the TDSSKiller, it found a threat, Rootkit.Win32.TDSS.tdl2, but the only options are skip, copy to quarantine, and delete. There is no cure option. Which option do I choose?
-
I ran Malwarebytes and now I am missing a lot of programs and files. I ran DDS as instructions said.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_02
Run by Owner at 21:31:14 on 2011-11-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.281 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Malwarebytes' Anti-Malware\winlogon.exe.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://search.imesh.com/sidebar.html?src=ssb
uSearchMigratedDefaultURL = hxxp://www.Google.com/
uDefault_Search_URL = hxxp://www.Google.com/
mDefault_Search_URL = hxxp://www.Google.com/
mSearch Page = hxxp://www.Google.com/
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.Google.com/
mSearchURL = hxxp://www.Google.com/
mSearchAssistant = hxxp://search.imesh.com/sidebar.html?src=ssb
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {da879c19-9088-418b-a63a-2e6fb294eaf0} - c:\program files\aadvantage eshoppingsm toolbar\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
{19b9cd57-3043-442f-8dff-f9924af056bd}
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AAdvantage eShoppingSM Toolbar BHO: {5712a6bb-b6c8-4e52-a152-1ba741c9a6a2} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
BHO: {cb123249-5059-40db-a51c-728222fccd8e} - No File
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
{fc8c94fa-2bdd-4395-b59d-df429a34eb85}
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
TB: AAdvantage eShoppingSM Toolbar: {85741f1d-ed47-4dcf-9109-07d10213c4d0} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [searchEngineProtection] c:\program files\gamesbar\SearchEngineProtection.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [soundMan] SOUNDMAN.EXE
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [eFax 4.2] "c:\program files\efax messenger 4.2\J2GDllCmd.exe" /R
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: americanexpress.com\www
Trusted Zone: associatedbank.com\www
Trusted Zone: boxtops4education.com\www
Trusted Zone: linksynergy.com
Trusted Zone: pogo.com\www
Trusted Zone: state.wi.us\wiscjobs
Trusted Zone: turbotax.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - hxxp://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxps://www.microsoft.com/resources/virtuallabs/ActiveX/VMRCActiveXClient1.cab
DPF: {93EFDAB8-8800-4896-B428-76F943140E1B} - hxxp://www.consumerinput.com.edgesuite.net/panel/maple/dcainst.cab
DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{8BA4481C-D190-47CA-A479-1DF41738DB49} : DhcpNameServer = 10.0.0.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: gdiwxp - gdiwxp.dll
Notify: pmnOEurp - pmnOEurp.dll
STS: {db763ed8-100a-481b-8913-50a2f41dcdc3}: exegeses
{19b9cd57-3043-442f-8dff-f9924af056bd}
LSA: Authentication Packages = msv1_0 nwprovau c:\windows\system32\ddcBQijK
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-6-17 20744]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R1 MpKsl4d39c53c;MpKsl4d39c53c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\mpksl4d39c53c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl4d39c53c.sys [?]
R1 MpKsl6a888f63;MpKsl6a888f63;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{937f8327-5d1a-44f1-82aa-4acea5f71b33}\MpKsl6a888f63.sys [2011-11-19 28752]
R1 MpKslabd28ac4;MpKslabd28ac4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\mpkslabd28ac4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKslabd28ac4.sys [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-5 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-5 22216]
S1 gdiw2k;GDI kernel srvc; [x]
S1 hoiqslbv;hoiqslbv;\??\c:\windows\system32\drivers\hoiqslbv.sys --> c:\windows\system32\drivers\hoiqslbv.sys [?]
S1 MpKsl1053e1c2;MpKsl1053e1c2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\mpksl1053e1c2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\MpKsl1053e1c2.sys [?]
S1 MpKsl128603ce;MpKsl128603ce;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\mpksl128603ce.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\MpKsl128603ce.sys [?]
S1 MpKsl18edb515;MpKsl18edb515;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl18edb515.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl18edb515.sys [?]
S1 MpKsl193d2b14;MpKsl193d2b14;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\mpksl193d2b14.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\MpKsl193d2b14.sys [?]
S1 MpKsl1ba45776;MpKsl1ba45776;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\mpksl1ba45776.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\MpKsl1ba45776.sys [?]
S1 MpKsl1c44341c;MpKsl1c44341c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\mpksl1c44341c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\MpKsl1c44341c.sys [?]
S1 MpKsl1e518544;MpKsl1e518544;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\mpksl1e518544.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\MpKsl1e518544.sys [?]
S1 MpKsl225d22a0;MpKsl225d22a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl225d22a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl225d22a0.sys [?]
S1 MpKsl26734daa;MpKsl26734daa;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\mpksl26734daa.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\MpKsl26734daa.sys [?]
S1 MpKsl27dfd542;MpKsl27dfd542;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\mpksl27dfd542.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\MpKsl27dfd542.sys [?]
S1 MpKsl2aa06fd3;MpKsl2aa06fd3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\mpksl2aa06fd3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\MpKsl2aa06fd3.sys [?]
S1 MpKsl395783ad;MpKsl395783ad;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\mpksl395783ad.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\MpKsl395783ad.sys [?]
S1 MpKsl461ab117;MpKsl461ab117;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl461ab117.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl461ab117.sys [?]
S1 MpKsl568fd414;MpKsl568fd414;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\mpksl568fd414.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\MpKsl568fd414.sys [?]
S1 MpKsl68117935;MpKsl68117935;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\mpksl68117935.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\MpKsl68117935.sys [?]
S1 MpKsl6dc75969;MpKsl6dc75969;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\mpksl6dc75969.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\MpKsl6dc75969.sys [?]
S1 MpKsl8804e3c8;MpKsl8804e3c8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\mpksl8804e3c8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\MpKsl8804e3c8.sys [?]
S1 MpKsl8e5aeb5b;MpKsl8e5aeb5b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl8e5aeb5b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl8e5aeb5b.sys [?]
S1 MpKsl91b90cc1;MpKsl91b90cc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpksl91b90cc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKsl91b90cc1.sys [?]
S1 MpKsl9c78c2b4;MpKsl9c78c2b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\mpksl9c78c2b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\MpKsl9c78c2b4.sys [?]
S1 MpKsl9d14898e;MpKsl9d14898e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\mpksl9d14898e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\MpKsl9d14898e.sys [?]
S1 MpKsl9d44a0f9;MpKsl9d44a0f9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl9d44a0f9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl9d44a0f9.sys [?]
S1 MpKsla1335bc1;MpKsla1335bc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla1335bc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla1335bc1.sys [?]
S1 MpKsla9238964;MpKsla9238964;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla9238964.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla9238964.sys [?]
S1 MpKslad7d60bc;MpKslad7d60bc;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\mpkslad7d60bc.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\MpKslad7d60bc.sys [?]
S1 MpKslb1b803d0;MpKslb1b803d0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\mpkslb1b803d0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\MpKslb1b803d0.sys [?]
S1 MpKslb320f895;MpKslb320f895;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\mpkslb320f895.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\MpKslb320f895.sys [?]
S1 MpKslb907d62f;MpKslb907d62f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\mpkslb907d62f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\MpKslb907d62f.sys [?]
S1 MpKslbc933e7f;MpKslbc933e7f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\mpkslbc933e7f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\MpKslbc933e7f.sys [?]
S1 MpKslbe40c4b0;MpKslbe40c4b0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpkslbe40c4b0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKslbe40c4b0.sys [?]
S1 MpKslcb5a29e0;MpKslcb5a29e0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\mpkslcb5a29e0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\MpKslcb5a29e0.sys [?]
S1 MpKsld616c37b;MpKsld616c37b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\mpksld616c37b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\MpKsld616c37b.sys [?]
S1 MpKsld7ca0242;MpKsld7ca0242;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\mpksld7ca0242.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\MpKsld7ca0242.sys [?]
S1 MpKsld99e6c53;MpKsld99e6c53;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\mpksld99e6c53.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\MpKsld99e6c53.sys [?]
S1 MpKsle3de4626;MpKsle3de4626;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\mpksle3de4626.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\MpKsle3de4626.sys [?]
S1 MpKslf22068e3;MpKslf22068e3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\mpkslf22068e3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\MpKslf22068e3.sys [?]
S1 MpKslf8f79d2e;MpKslf8f79d2e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\mpkslf8f79d2e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\MpKslf8f79d2e.sys [?]
S1 MpKslfbe4fd56;MpKslfbe4fd56;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpkslfbe4fd56.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKslfbe4fd56.sys [?]
S1 pifcwnbm;pifcwnbm;\??\c:\windows\system32\drivers\pifcwnbm.sys --> c:\windows\system32\drivers\pifcwnbm.sys [?]
S1 zabslmsf;zabslmsf;\??\c:\windows\system32\drivers\zabslmsf.sys --> c:\windows\system32\drivers\zabslmsf.sys [?]
S1 zvuueeds;zvuueeds;\??\c:\windows\system32\drivers\zvuueeds.sys --> c:\windows\system32\drivers\zvuueeds.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-6-17 29192]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-19 41272]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2010-10-10 50704]
.
=============== Created Last 30 ================
.
2011-11-20 03:07:47 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-20 02:01:16 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{937f8327-5d1a-44f1-82aa-4acea5f71b33}\MpKsl6a888f63.sys
2011-11-20 02:00:52 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{937f8327-5d1a-44f1-82aa-4acea5f71b33}\offreg.dll
2011-11-20 02:00:43 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{937f8327-5d1a-44f1-82aa-4acea5f71b33}\mpengine.dll
2011-11-11 01:46:01 575520 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\nss\0306000.01F
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\NSS
2011-11-10 06:18:29 -------- d-----w- c:\program files\Norton Security Scan
2011-11-10 06:18:29 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-11-10 06:18:25 -------- d-----w- c:\program files\NortonInstaller
2011-11-10 06:18:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-11-10 04:17:51 -------- d-----w- c:\windows\system32\Adobe
2011-11-07 22:03:27 -------- d-----w- c:\documents and settings\owner\local settings\application data\Yahoo!
2011-11-05 22:39:03 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2011-11-05 21:34:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-05 21:34:17 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 21:34:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2011-10-15 02:38:39 499712 ---ha-w- c:\windows\system32\msvcp71.dll
2011-09-26 16:41:20 611328 ---ha-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ---ha-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ---ha-w- c:\windows\system32\oleaccrc.dll
2011-09-17 22:09:59 404640 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12:13 599040 ---ha-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ---ha-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ---ha-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ---ha-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ---h--w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ---ha-w- c:\windows\system32\html.iec
2008-05-26 02:27:53 262144 ----a-w- c:\program files\Uninstall Ask Toolbar.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The maximum number of secrets that may be stored in a single system has been exceeded.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe >>UNKNOWN [0x856EA8E3]<< >>UNKNOWN [0xF551C466]<<
_asm { JMP 0x6fe31b83; }
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8573AAB8]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5f; }
user != kernel MBR !!!
.
============= FINISH: 21:32:25.56 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/3/2005 5:29:29 PM
System Uptime: 11/17/2011 7:53:52 PM (50 hours ago)
.
Motherboard: MICRO-STAR | | MS-7145
Processor: AMD Athlon 64 Processor 3400+ | Socket 754 | 2393/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 182 GiB total, 122.862 GiB free.
D: is Removable
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: ATI RADEON Xpress 200 Series
Device ID: PCI\VEN_1002&DEV_5954&SUBSYS_71411462&REV_00\4&D623FAE&0&2808
Manufacturer: ATI Technologies Inc.
Name: ATI RADEON Xpress 200 Series
PNP Device ID: PCI\VEN_1002&DEV_5954&SUBSYS_71411462&REV_00\4&D623FAE&0&2808
Service: ati2mtag
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
AAdvantage eShoppingSM Toolbar
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Ask Toolbar
ATI - Software Uninstall Utility
ATI Display Driver
Bonjour
CCScore
Charting Companion for Family Tree Maker
Compatibility Pack for the 2007 Office system
Digital Media Reader
DirectX Media Runtime 5.1
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
eVoice Player 1.0
Family Tree Maker 2006
fflink
GamesBar 2.0.1.67
GdiplusUpgrade
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Update
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 9
Java 6 Update 2
Java SE Runtime Environment 6 Update 1
kgcbaby
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft MSDN 2005 Express Edition - ENU
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Picture It! Premium 10
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual Web Developer 2005 Express Edition - ENU
Microsoft Visual Web Developer 2005 Express Edition - ENU Service Pack 1 (KB926751)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Move Media Player
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Multimedia Keyboard Driver
Napster Burn Engine
Nero BurnRights
Nero OEM
netbrdg
Nokia Connectivity Cable Driver
Norton Security Scan
OfotoXMI
PC Connectivity Solution
Photosmart 140,240,7200,7600,7700,7900 Series
PS7200
PSShortcutsP
PSUsage
QFolder
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
RealUpgrade 1.1
Recovery Software Suite eMachines
Reporting Add-In for Microsoft Visual Web Developer 2005 Express
RuneScape Launcher 1.0.4
Savings Bond Wizard
Secure Game Player
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SFR
SHASTA
skin0001
SKINXSDK
SoftV92 Data Fax Modem with SmartCP
Sonic Encoders
staticcr
swMSM
The Poppit! Show
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Viewpoint Media Player
VPRINTOL
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WIRELESS
Works Upgrade
World of Warcraft
Yahoo! Browser Services
Yahoo! BrowserPlus 2.9.8
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/16/2011 8:00:49 AM, error: Service Control Manager [7022] - The IPv6 Helper Service service hung on starting.
.
==== End Of File ===========================
-
I ran Malwarebytes and quarrantined a lot of files. I am now missing a lot of things. I posted yesterday, but got no reply.
-
dds.txtattach.zipI ran Malwarebytes and it quarantined a lot of files. Howeve, I seem to be missing a lot of thins like my disk scan and defragmenter. What do I do now?
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_02
Run by Owner at 15:50:24 on 2011-11-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.563 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://search.imesh.com/sidebar.html?src=ssb
uSearchMigratedDefaultURL = hxxp://www.Google.com/
uDefault_Search_URL = hxxp://www.Google.com/
mDefault_Search_URL = hxxp://www.Google.com/
mSearch Page = hxxp://www.Google.com/
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.Google.com/
mSearchURL = hxxp://www.Google.com/
mSearchAssistant = hxxp://search.imesh.com/sidebar.html?src=ssb
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {da879c19-9088-418b-a63a-2e6fb294eaf0} - c:\program files\aadvantage eshoppingsm toolbar\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
{19b9cd57-3043-442f-8dff-f9924af056bd}
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AAdvantage eShoppingSM Toolbar BHO: {5712a6bb-b6c8-4e52-a152-1ba741c9a6a2} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
BHO: {cb123249-5059-40db-a51c-728222fccd8e} - No File
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
{fc8c94fa-2bdd-4395-b59d-df429a34eb85}
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
TB: AAdvantage eShoppingSM Toolbar: {85741f1d-ed47-4dcf-9109-07d10213c4d0} - c:\program files\aadvantage eshoppingsm toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [searchEngineProtection] c:\program files\gamesbar\SearchEngineProtection.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [soundMan] SOUNDMAN.EXE
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [eFax 4.2] "c:\program files\efax messenger 4.2\J2GDllCmd.exe" /R
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\limewire on startup.lnk - c:\program files\limewire\LimeWire.exe
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files\gamesbar\2.0.1.67\oberontb.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: americanexpress.com\www
Trusted Zone: associatedbank.com\www
Trusted Zone: boxtops4education.com\www
Trusted Zone: linksynergy.com
Trusted Zone: pogo.com\www
Trusted Zone: state.wi.us\wiscjobs
Trusted Zone: turbotax.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - hxxp://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxps://www.microsoft.com/resources/virtuallabs/ActiveX/VMRCActiveXClient1.cab
DPF: {93EFDAB8-8800-4896-B428-76F943140E1B} - hxxp://www.consumerinput.com.edgesuite.net/panel/maple/dcainst.cab
DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/Coupons.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{8BA4481C-D190-47CA-A479-1DF41738DB49} : DhcpNameServer = 10.0.0.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: gdiwxp - gdiwxp.dll
Notify: pmnOEurp - pmnOEurp.dll
STS: {db763ed8-100a-481b-8913-50a2f41dcdc3}: exegeses
{19b9cd57-3043-442f-8dff-f9924af056bd}
LSA: Authentication Packages = msv1_0 nwprovau c:\windows\system32\ddcBQijK
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-6-17 20744]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R1 MpKsl46f5b3dd;MpKsl46f5b3dd;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl46f5b3dd.sys [2011-11-17 28752]
R1 MpKsl4d39c53c;MpKsl4d39c53c;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl4d39c53c.sys [2011-11-17 28752]
R1 MpKslabd28ac4;MpKslabd28ac4;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKslabd28ac4.sys [2011-11-17 28752]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-5 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-5 22216]
S1 gdiw2k;GDI kernel srvc; [x]
S1 hoiqslbv;hoiqslbv;\??\c:\windows\system32\drivers\hoiqslbv.sys --> c:\windows\system32\drivers\hoiqslbv.sys [?]
S1 MpKsl1053e1c2;MpKsl1053e1c2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\mpksl1053e1c2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3aefff37-2753-474d-ba06-9019f6ff2da0}\MpKsl1053e1c2.sys [?]
S1 MpKsl128603ce;MpKsl128603ce;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\mpksl128603ce.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a612a94-91a8-46a0-80c4-1c250e6c9306}\MpKsl128603ce.sys [?]
S1 MpKsl18edb515;MpKsl18edb515;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl18edb515.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl18edb515.sys [?]
S1 MpKsl193d2b14;MpKsl193d2b14;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\mpksl193d2b14.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9de97637-e5ff-4862-aaa3-8e0589b88a71}\MpKsl193d2b14.sys [?]
S1 MpKsl1ba45776;MpKsl1ba45776;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\mpksl1ba45776.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{40b5ae33-b5c6-4569-93a0-0526e6381de8}\MpKsl1ba45776.sys [?]
S1 MpKsl1c44341c;MpKsl1c44341c;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\mpksl1c44341c.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96d2a7f3-c8a7-48c1-860f-ed0b547a4e6d}\MpKsl1c44341c.sys [?]
S1 MpKsl1e518544;MpKsl1e518544;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\mpksl1e518544.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03ee36ec-ad29-4a98-b643-1b69a4731a92}\MpKsl1e518544.sys [?]
S1 MpKsl225d22a0;MpKsl225d22a0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl225d22a0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl225d22a0.sys [?]
S1 MpKsl26734daa;MpKsl26734daa;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\mpksl26734daa.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78c6770e-2263-4f47-bd1a-e7dceeb30345}\MpKsl26734daa.sys [?]
S1 MpKsl27dfd542;MpKsl27dfd542;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\mpksl27dfd542.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8255628b-d6af-41d1-a86c-0e62b8f067a9}\MpKsl27dfd542.sys [?]
S1 MpKsl2aa06fd3;MpKsl2aa06fd3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\mpksl2aa06fd3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96018d4f-44a2-4e57-9147-e2fb42735a64}\MpKsl2aa06fd3.sys [?]
S1 MpKsl395783ad;MpKsl395783ad;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\mpksl395783ad.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f073ec6-d6f8-47b0-bc57-ca38da2141ab}\MpKsl395783ad.sys [?]
S1 MpKsl461ab117;MpKsl461ab117;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl461ab117.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl461ab117.sys [?]
S1 MpKsl568fd414;MpKsl568fd414;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\mpksl568fd414.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c98713-47c4-4fe4-847f-867782ccb4e3}\MpKsl568fd414.sys [?]
S1 MpKsl68117935;MpKsl68117935;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\mpksl68117935.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df1e6e2a-0fe9-4241-92cb-089994ea3e96}\MpKsl68117935.sys [?]
S1 MpKsl6dc75969;MpKsl6dc75969;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\mpksl6dc75969.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f5921e83-fa82-4d65-86a6-22ccf72e30f1}\MpKsl6dc75969.sys [?]
S1 MpKsl8804e3c8;MpKsl8804e3c8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\mpksl8804e3c8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4b076487-dc76-4c21-9735-77bcfd84535f}\MpKsl8804e3c8.sys [?]
S1 MpKsl8e5aeb5b;MpKsl8e5aeb5b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\mpksl8e5aeb5b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0956a73a-a855-41d9-9d6d-7b644a96ecae}\MpKsl8e5aeb5b.sys [?]
S1 MpKsl91b90cc1;MpKsl91b90cc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpksl91b90cc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKsl91b90cc1.sys [?]
S1 MpKsl9c78c2b4;MpKsl9c78c2b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\mpksl9c78c2b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{02d7820b-f76e-41b6-bdfe-d806ff663b88}\MpKsl9c78c2b4.sys [?]
S1 MpKsl9d14898e;MpKsl9d14898e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\mpksl9d14898e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5dfd3906-f374-4540-a241-e87f3feb4d03}\MpKsl9d14898e.sys [?]
S1 MpKsl9d44a0f9;MpKsl9d44a0f9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\mpksl9d44a0f9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b1e366be-5ef2-4051-b062-7078ba214e62}\MpKsl9d44a0f9.sys [?]
S1 MpKsla1335bc1;MpKsla1335bc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla1335bc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla1335bc1.sys [?]
S1 MpKsla9238964;MpKsla9238964;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpksla9238964.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKsla9238964.sys [?]
S1 MpKslad7d60bc;MpKslad7d60bc;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\mpkslad7d60bc.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{31c1aac8-5c49-4f4f-b300-6b39ec6a0f2c}\MpKslad7d60bc.sys [?]
S1 MpKslb1b803d0;MpKslb1b803d0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\mpkslb1b803d0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e68d0f31-693b-4144-9a7b-acb98ca3f918}\MpKslb1b803d0.sys [?]
S1 MpKslb320f895;MpKslb320f895;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\mpkslb320f895.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a8ddc5b0-264e-435a-99a8-e636c5cfca56}\MpKslb320f895.sys [?]
S1 MpKslb907d62f;MpKslb907d62f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\mpkslb907d62f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8e72f0f0-95fb-4019-a556-5bbabebcc588}\MpKslb907d62f.sys [?]
S1 MpKslbc933e7f;MpKslbc933e7f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\mpkslbc933e7f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0e9c6b73-42ec-4632-8379-a677dd4b5e9f}\MpKslbc933e7f.sys [?]
S1 MpKslbe40c4b0;MpKslbe40c4b0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\mpkslbe40c4b0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{516507bb-90e7-41c2-9c14-25f14430b4b4}\MpKslbe40c4b0.sys [?]
S1 MpKslcb5a29e0;MpKslcb5a29e0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\mpkslcb5a29e0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d024a632-4faa-4163-a8d0-363781ae9318}\MpKslcb5a29e0.sys [?]
S1 MpKsld616c37b;MpKsld616c37b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\mpksld616c37b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c305c6a8-6d21-4f87-bb9d-78ed305c7bce}\MpKsld616c37b.sys [?]
S1 MpKsld7ca0242;MpKsld7ca0242;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\mpksld7ca0242.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2fa158b6-7ce3-4949-833c-ca9d0cd2d5e6}\MpKsld7ca0242.sys [?]
S1 MpKsld99e6c53;MpKsld99e6c53;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\mpksld99e6c53.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1d4a3193-3910-43db-b8b8-8887f5b1bcb4}\MpKsld99e6c53.sys [?]
S1 MpKsle3de4626;MpKsle3de4626;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\mpksle3de4626.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a957e7a0-b016-46c1-b5b7-d8bb862659fe}\MpKsle3de4626.sys [?]
S1 MpKslf22068e3;MpKslf22068e3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\mpkslf22068e3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd5e06d5-d9fd-490a-b155-ec8fc55190d9}\MpKslf22068e3.sys [?]
S1 MpKslf8f79d2e;MpKslf8f79d2e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\mpkslf8f79d2e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db3fef7b-c81e-428a-b7af-d3ebed105f57}\MpKslf8f79d2e.sys [?]
S1 MpKslfbe4fd56;MpKslfbe4fd56;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\mpkslfbe4fd56.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ac31e344-97ec-42f7-b6d0-49fd2622ec4b}\MpKslfbe4fd56.sys [?]
S1 pifcwnbm;pifcwnbm;\??\c:\windows\system32\drivers\pifcwnbm.sys --> c:\windows\system32\drivers\pifcwnbm.sys [?]
S1 zabslmsf;zabslmsf;\??\c:\windows\system32\drivers\zabslmsf.sys --> c:\windows\system32\drivers\zabslmsf.sys [?]
S1 zvuueeds;zvuueeds;\??\c:\windows\system32\drivers\zvuueeds.sys --> c:\windows\system32\drivers\zvuueeds.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-6-17 29192]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2010-10-10 50704]
.
=============== Created Last 30 ================
.
2011-11-18 01:54:52 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl46f5b3dd.sys
2011-11-17 23:49:33 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKsl4d39c53c.sys
2011-11-17 14:07:27 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\MpKslabd28ac4.sys
2011-11-17 14:07:01 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\offreg.dll
2011-11-17 14:06:54 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{da053c66-2d6d-49b6-811a-c858a241f8d6}\mpengine.dll
2011-11-11 01:46:01 575520 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\nss\0306000.01F
2011-11-10 06:18:29 -------- d-----w- c:\windows\system32\drivers\NSS
2011-11-10 06:18:29 -------- d-----w- c:\program files\Norton Security Scan
2011-11-10 06:18:29 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-11-10 06:18:25 -------- d-----w- c:\program files\NortonInstaller
2011-11-10 06:18:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-11-10 04:17:51 -------- d-----w- c:\windows\system32\Adobe
2011-11-07 22:03:27 -------- d-----w- c:\documents and settings\owner\local settings\application data\Yahoo!
2011-11-05 22:39:03 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2011-11-05 21:34:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-05 21:34:17 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 21:34:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2011-10-15 02:38:39 499712 ---ha-w- c:\windows\system32\msvcp71.dll
2011-09-26 16:41:20 611328 ---ha-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ---ha-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ---ha-w- c:\windows\system32\oleaccrc.dll
2011-09-17 22:09:59 404640 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12:13 599040 ---ha-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ---ha-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ---ha-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ---ha-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ---h--w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ---ha-w- c:\windows\system32\html.iec
2008-05-26 02:27:53 262144 ----a-w- c:\program files\Uninstall Ask Toolbar.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The maximum number of secrets that may be stored in a single system has been exceeded.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe >>UNKNOWN [0x856EA8E3]<< >>UNKNOWN [0xF551C466]<<
_asm { JMP 0x6fe31b83; }
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8573AAB8]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5f; }
user != kernel MBR !!!
.
============= FINISH: 15:50:38.64 ===============
What do I have to do to get a reply? It seems like all the other posts have been replies to, but not mine. Did I do something wrong?
still having problems after running Malwarebytes
in Malwarebytes for Windows Support Forum
Posted
All program folders are showing up empty. The computer also just hangs at times.