erbishop
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by erbishop
-
-
Redirect still active in Firefox browser please advise.
-
cnet_myibay-setup_exe.exe;C:\Documents and Settings\Reception\My Documents;Adware.InstallCore.2;;
dds.scr;C:\Documents and Settings\Reception\My Documents\Downloads;Trojan.MulDrop3.6866;Incurable.Moved.;
What is the OTL log?
-
I see your response now...thread was not showing properly for some reason.
-
I don't see my post about not wanting to use ie. Anyway, i posted earlier about being hesitant to use ie for anything. I actually had deleted it, but it reappeared at some point during our fixes; i would prefer to just delete it again.
Anything else besides a program that users ie?
-
i would prefer not to use internet explorer. Seems like something bad happens every time its open. I had deleted it, but during the course of some of these repairs it appears to be back (an old version). I would rather delete the program then use it again. Anything else we can do instead.
Have a good weekend
-
everything seems to be in order. Do i need to perform any additional diagnostics on the computer? thanks so much for your help.
-
Awesome! How come we couldn't find these to begin with?
-
Status: Deleted (events: 2)
11/30/2011 4:18:26 PM Deleted Trojan program Trojan.Win32.Searches.adj C:\System Volume Information\_restore{796C785C-9BA7-4A7A-9E47-006AAD54BD0A}\RP316\A0042053.dll High
11/30/2011 4:18:26 PM Deleted Trojan program Trojan.Win32.Searches.adj C:\System Volume Information\_restore{796C785C-9BA7-4A7A-9E47-006AAD54BD0A}\RP316\A0042053.dll//DoomPack High
-
after the last combofix i haven't been able to reproduce the redirect problem
-
aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-29 16:30:10
-----------------------------
16:30:10.625 OS Version: Windows 5.1.2600 Service Pack 3
16:30:10.625 Number of processors: 2 586 0x403
16:30:10.625 ComputerName: FRONT-DESK-PC UserName: Reception
16:30:11.781 Initialize success
16:30:15.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
16:30:15.468 Disk 0 Vendor: ST380819AS 8.03 Size: 76293MB BusType: 3
16:30:17.500 Disk 0 MBR read successfully
16:30:17.500 Disk 0 MBR scan
16:30:17.500 Disk 0 Windows XP default MBR code
16:30:17.500 Disk 0 scanning sectors +156232125
16:30:17.578 Disk 0 scanning C:\WINDOWS\system32\drivers
16:30:22.000 Service scanning
16:30:23.000 Modules scanning
16:30:25.718 Disk 0 trace - called modules:
16:30:25.734 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
16:30:25.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86560ab8]
16:30:25.750 3 CLASSPNP.SYS[f75fefd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x865e7590]
16:30:25.750 Scan finished successfully
16:30:43.484 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Reception\Desktop\MBR.dat"
16:30:43.484 The log file has been saved successfully to "C:\Documents and Settings\Reception\Desktop\aswMBR.txt"
-
ComboFix 11-11-29.04 - Reception 11/29/2011 16:13:40.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.582 [GMT -5:00]
Running from: c:\documents and settings\Reception\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Reception\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Reception\Application Data\Azureus
c:\documents and settings\Reception\Application Data\Azureus\.certs
c:\documents and settings\Reception\Application Data\Azureus\.keystore
c:\documents and settings\Reception\Application Data\Azureus\.lock
c:\documents and settings\Reception\Application Data\Azureus\active\cache.dat
c:\documents and settings\Reception\Application Data\Azureus\azureus.config
c:\documents and settings\Reception\Application Data\Azureus\azureus.config.bak
c:\documents and settings\Reception\Application Data\Azureus\azureus.statistics
c:\documents and settings\Reception\Application Data\Azureus\azureus.statistics.bak
c:\documents and settings\Reception\Application Data\Azureus\devices.config
c:\documents and settings\Reception\Application Data\Azureus\devices.config.bak
c:\documents and settings\Reception\Application Data\Azureus\dht\addresses.dat
c:\documents and settings\Reception\Application Data\Azureus\dht\contacts.dat
c:\documents and settings\Reception\Application Data\Azureus\dht\diverse.dat
c:\documents and settings\Reception\Application Data\Azureus\dht\general.dat
c:\documents and settings\Reception\Application Data\Azureus\downloads.config
c:\documents and settings\Reception\Application Data\Azureus\downloads.config.bak
c:\documents and settings\Reception\Application Data\Azureus\ipfilter.cache
c:\documents and settings\Reception\Application Data\Azureus\logs\debug_1.log
c:\documents and settings\Reception\Application Data\Azureus\logs\Plugin Update_1.log
c:\documents and settings\Reception\Application Data\Azureus\logs\UPnP_1.log
c:\documents and settings\Reception\Application Data\Azureus\metasearch.config
c:\documents and settings\Reception\Application Data\Azureus\metasearch.config.bak
c:\documents and settings\Reception\Application Data\Azureus\net\pm_22773.dat
c:\documents and settings\Reception\Application Data\Azureus\net\pm_default.dat
c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\aefeatman_v_1.2.jar
c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\aefeatman_v_1.2.zip
c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\plugin.properties
c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\plugin.properties_1.2
c:\documents and settings\Reception\Application Data\Azureus\plugins\azupnpav\cd.dat
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.8.jar
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.8.zip
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.9.jar
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.9.zip
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin.properties
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin.properties_0.2.9
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin_install.properties
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin_install.properties_0.2.9
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\LICENSE
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\LICENSE.bak
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\msvcr100.dll
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\msvcr100.dll.bak
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\utp.dll
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\utp.dll.bak
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\LICENSE
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\LICENSE.bak
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\msvcr100.dll
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\msvcr100.dll.bak
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\utp.dll
c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\utp.dll.bak
c:\documents and settings\Reception\Application Data\Azureus\sidebarauto.config
c:\documents and settings\Reception\Application Data\Azureus\sidebarauto.config.bak
c:\documents and settings\Reception\Application Data\Azureus\tables.config
c:\documents and settings\Reception\Application Data\Azureus\tables.config.bak
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU3267646735246781106.tmp
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU4518990992366965161.tmp
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU5247856705134621498.tmp
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU6821208663899404670.tmp
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU8263234504057347564.tmp
c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU979599444215951439.tmp
c:\documents and settings\Reception\Application Data\Azureus\VuzeActivities.config
c:\documents and settings\Reception\Application Data\Azureus\VuzeActivities.config.bak
c:\documents and settings\Reception\Local Settings\Application Data\Conduit
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_897164_892962_US.xml
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_US.xml
c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml
c:\windows\system32\usmt\migwiz_a.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-29 )))))))))))))))))))))))))))))))
.
.
2011-11-17 22:45 . 2011-11-17 22:47 -------- d-----w- c:\documents and settings\Reception\Application Data\DivX
2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\program files\DivX
2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2011-11-11 19:33 . 2011-11-16 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!
2011-11-11 19:33 . 2011-11-11 19:33 -------- d-----w- c:\program files\Common Files\iS3
2011-11-11 16:53 . 2011-11-16 15:59 -------- d-----w- c:\program files\Free Internet Window Washer
2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-11-08 13:17 . 2011-11-08 13:17 -------- d-----w- c:\program files\Starpoint Software
2011-11-01 18:26 . 2011-04-29 19:07 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll
2011-10-31 20:53 . 2011-10-31 20:53 -------- d-----w- c:\documents and settings\Reception\.swt
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-10-10 14:22 . 2007-07-30 19:32 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 20:09 . 2011-09-01 13:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20 . 2004-08-04 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:56 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 12:35 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec
2011-11-11 13:03 . 2011-10-31 21:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-20 149280]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\documents and settings\Reception\Start Menu\Programs\Startup\
Launch Utility Application.lnk - c:\documents and settings\Reception\Application Data\Verizon\UA_ar\UtilityApplication.exe [2011-3-22 547840]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-03-24 03:13 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-03-24 03:17 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-03-24 03:17 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-14 21:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Google\\Google Earth Pro\\googleearth.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 FMAuditOnsite;FMAudit Onsite;c:\program files\FMAuditOnsite\fmaonsite.exe [11/16/2011 5:56 PM 54864]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [7/5/2011 7:21 AM 91456]
S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys [?]
S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys [?]
S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys [?]
S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys [?]
S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe [3/9/2011 5:02 PM 212352]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [8/24/2011 10:17 AM 30312]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [8/24/2011 10:17 AM 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [8/24/2011 10:17 AM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [8/24/2011 10:17 AM 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [8/24/2011 10:18 AM 114152]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc24512fa0e2d6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc24513002a340.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
FF - ProfilePath - c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-29 16:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\0a\01\1f\145\1bT"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(652)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-11-29 16:20:34
ComboFix-quarantined-files.txt 2011-11-29 21:20
ComboFix2.txt 2011-11-28 20:18
.
Pre-Run: 47,273,504,768 bytes free
Post-Run: 47,258,046,464 bytes free
.
- - End Of File - - 655829EE6978CDE66586CCD1EE8E86B4
-
ComboFix 11-11-28.02 - Reception 11/28/2011 15:12:44.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.512 [GMT -5:00]
Running from: c:\documents and settings\Reception\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\accounting\Application Data\alot
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\chrome.manifest
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\chrome\xulcache.jar
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\defaults\preferences\xulcache.js
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\install.rdf
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\chrome.manifest
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\chrome\xulcache.jar
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\defaults\preferences\xulcache.js
c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\install.rdf
c:\documents and settings\Reception\jiwyjmgobz.tmp
c:\windows\iun6002.exe
c:\windows\system32\spool\prtprocs\w32x86\xpdpp.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 )))))))))))))))))))))))))))))))
.
.
2011-11-17 22:45 . 2011-11-17 22:47 -------- d-----w- c:\documents and settings\Reception\Application Data\DivX
2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\program files\DivX
2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2011-11-11 19:33 . 2011-11-16 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!
2011-11-11 19:33 . 2011-11-11 19:33 -------- d-----w- c:\program files\Common Files\iS3
2011-11-11 16:53 . 2011-11-16 15:59 -------- d-----w- c:\program files\Free Internet Window Washer
2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-11-08 13:17 . 2011-11-08 13:17 -------- d-----w- c:\program files\Starpoint Software
2011-11-01 18:26 . 2011-04-29 19:07 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll
2011-10-31 20:53 . 2011-10-31 20:53 -------- d-----w- c:\documents and settings\Reception\.swt
2011-10-31 20:53 . 2011-11-17 22:02 -------- d-----w- c:\documents and settings\Reception\Application Data\Azureus
2011-10-31 20:52 . 2011-10-31 21:31 -------- d-----w- c:\documents and settings\Reception\Local Settings\Application Data\Conduit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-10-10 14:22 . 2007-07-30 19:32 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 20:09 . 2011-09-01 13:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20 . 2004-08-04 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:56 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 12:35 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec
2011-08-31 21:00 . 2011-03-12 15:40 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-11 13:03 . 2011-10-31 21:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-20 149280]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\documents and settings\Reception\Start Menu\Programs\Startup\
Launch Utility Application.lnk - c:\documents and settings\Reception\Application Data\Verizon\UA_ar\UtilityApplication.exe [2011-3-22 547840]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-03-24 03:13 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-03-24 03:17 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-03-24 03:17 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-14 21:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Google\\Google Earth Pro\\googleearth.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 FMAuditOnsite;FMAudit Onsite;c:\program files\FMAuditOnsite\fmaonsite.exe [11/16/2011 5:56 PM 54864]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [7/5/2011 7:21 AM 91456]
S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys [?]
S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys [?]
S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys [?]
S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys [?]
S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe [3/9/2011 5:02 PM 212352]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [8/24/2011 10:17 AM 30312]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [8/24/2011 10:17 AM 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [8/24/2011 10:17 AM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [8/24/2011 10:17 AM 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [8/24/2011 10:18 AM 114152]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc24512fa0e2d6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]
.
2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc24513002a340.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
FF - ProfilePath - c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
Notify-TPSvc - TPSvc.dll
AddRemove-Speccy - E:\uninst.exe
AddRemove-Starpoint Software Super Slug 3.1 ANSI Full Version - c:\windows\iun6002.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-28 15:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\0a\01\1f\145\1bT"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(652)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-11-28 15:18:19
ComboFix-quarantined-files.txt 2011-11-28 20:18
.
Pre-Run: 47,147,696,128 bytes free
Post-Run: 47,325,085,696 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BB81C7FBDA7D533B17FAA7AC4D820568
-
Here is the combo fix log. Thanks for your help.
-
I still have redirect virus
-
-
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8256
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
11/28/2011 8:56:29 AM
mbam-log-2011-11-28 (08-56-29).txt
Scan type: Quick scan
Objects scanned: 220330
Time elapsed: 13 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
09:00:10.0312 2688 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
09:00:10.0562 2688 ============================================================
09:00:10.0562 2688 Current date / time: 2011/11/28 09:00:10.0562
09:00:10.0562 2688 SystemInfo:
09:00:10.0562 2688
09:00:10.0562 2688 OS Version: 5.1.2600 ServicePack: 3.0
09:00:10.0562 2688 Product type: Workstation
09:00:10.0562 2688 ComputerName: FRONT-DESK-PC
09:00:10.0562 2688 UserName: Reception
09:00:10.0562 2688 Windows directory: C:\WINDOWS
09:00:10.0562 2688 System windows directory: C:\WINDOWS
09:00:10.0562 2688 Processor architecture: Intel x86
09:00:10.0562 2688 Number of processors: 2
09:00:10.0562 2688 Page size: 0x1000
09:00:10.0562 2688 Boot type: Normal boot
09:00:10.0562 2688 ============================================================
09:00:11.0171 2688 Initialize success
09:00:14.0406 2236 ============================================================
09:00:14.0406 2236 Scan started
09:00:14.0421 2236 Mode: Manual;
09:00:14.0421 2236 ============================================================
09:00:15.0765 2236 Abiosdsk - ok
09:00:15.0796 2236 abp480n5 - ok
09:00:15.0843 2236 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:00:15.0843 2236 ACPI - ok
09:00:15.0890 2236 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:00:15.0890 2236 ACPIEC - ok
09:00:15.0890 2236 adpu160m - ok
09:00:15.0921 2236 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:00:15.0921 2236 aec - ok
09:00:15.0968 2236 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:00:15.0968 2236 AFD - ok
09:00:15.0984 2236 Aha154x - ok
09:00:16.0015 2236 aic78u2 - ok
09:00:16.0328 2236 aic78xx - ok
09:00:16.0500 2236 AliIde - ok
09:00:16.0500 2236 amsint - ok
09:00:16.0546 2236 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
09:00:16.0546 2236 androidusb - ok
09:00:16.0562 2236 asc - ok
09:00:16.0562 2236 asc3350p - ok
09:00:16.0578 2236 asc3550 - ok
09:00:16.0593 2236 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:00:16.0593 2236 AsyncMac - ok
09:00:16.0625 2236 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:00:16.0625 2236 atapi - ok
09:00:16.0640 2236 Atdisk - ok
09:00:16.0734 2236 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:00:16.0781 2236 ati2mtag - ok
09:00:16.0796 2236 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:00:16.0796 2236 Atmarpc - ok
09:00:16.0843 2236 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:00:16.0843 2236 audstub - ok
09:00:16.0890 2236 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:00:16.0906 2236 b57w2k - ok
09:00:16.0953 2236 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:00:16.0953 2236 Beep - ok
09:00:17.0000 2236 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:00:17.0000 2236 cbidf2k - ok
09:00:17.0015 2236 cd20xrnt - ok
09:00:17.0031 2236 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:00:17.0031 2236 Cdaudio - ok
09:00:17.0078 2236 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:00:17.0078 2236 Cdfs - ok
09:00:17.0093 2236 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:00:17.0093 2236 Cdrom - ok
09:00:17.0125 2236 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
09:00:17.0125 2236 cercsr6 - ok
09:00:17.0140 2236 Changer - ok
09:00:17.0156 2236 CmdIde - ok
09:00:17.0203 2236 Cpqarray - ok
09:00:17.0203 2236 dac2w2k - ok
09:00:17.0218 2236 dac960nt - ok
09:00:17.0234 2236 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:00:17.0234 2236 Disk - ok
09:00:17.0281 2236 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:00:17.0312 2236 dmboot - ok
09:00:17.0312 2236 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:00:17.0312 2236 dmio - ok
09:00:17.0343 2236 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:00:17.0343 2236 dmload - ok
09:00:17.0375 2236 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:00:17.0375 2236 DMusic - ok
09:00:17.0390 2236 dpti2o - ok
09:00:17.0406 2236 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:00:17.0406 2236 drmkaud - ok
09:00:17.0437 2236 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:00:17.0437 2236 Fastfat - ok
09:00:17.0453 2236 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:00:17.0453 2236 Fdc - ok
09:00:17.0468 2236 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:00:17.0468 2236 Fips - ok
09:00:17.0500 2236 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:00:17.0500 2236 Flpydisk - ok
09:00:17.0546 2236 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:00:17.0546 2236 FltMgr - ok
09:00:17.0593 2236 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:00:17.0593 2236 Fs_Rec - ok
09:00:17.0609 2236 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:00:17.0609 2236 Ftdisk - ok
09:00:17.0609 2236 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:00:17.0609 2236 Gpc - ok
09:00:17.0656 2236 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:00:17.0656 2236 hidusb - ok
09:00:17.0671 2236 hpn - ok
09:00:17.0718 2236 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:00:17.0734 2236 HTTP - ok
09:00:17.0734 2236 i2omgmt - ok
09:00:17.0750 2236 i2omp - ok
09:00:17.0781 2236 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:00:17.0781 2236 i8042prt - ok
09:00:17.0859 2236 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
09:00:17.0890 2236 ialm - ok
09:00:17.0953 2236 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:00:17.0953 2236 Imapi - ok
09:00:17.0968 2236 ini910u - ok
09:00:17.0984 2236 IntelIde - ok
09:00:18.0015 2236 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:00:18.0015 2236 intelppm - ok
09:00:18.0046 2236 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:00:18.0046 2236 Ip6Fw - ok
09:00:18.0062 2236 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:00:18.0062 2236 IpFilterDriver - ok
09:00:18.0078 2236 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:00:18.0078 2236 IpInIp - ok
09:00:18.0109 2236 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:00:18.0109 2236 IpNat - ok
09:00:18.0125 2236 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:00:18.0125 2236 IPSec - ok
09:00:18.0140 2236 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:00:18.0140 2236 IRENUM - ok
09:00:18.0171 2236 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:00:18.0171 2236 isapnp - ok
09:00:18.0187 2236 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:00:18.0187 2236 Kbdclass - ok
09:00:18.0203 2236 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:00:18.0203 2236 kbdhid - ok
09:00:18.0218 2236 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:00:18.0218 2236 kmixer - ok
09:00:18.0265 2236 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:00:18.0265 2236 KSecDD - ok
09:00:18.0281 2236 lbrtfdc - ok
09:00:18.0343 2236 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:00:18.0343 2236 mnmdd - ok
09:00:18.0390 2236 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:00:18.0390 2236 Modem - ok
09:00:18.0421 2236 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:00:18.0421 2236 Mouclass - ok
09:00:18.0437 2236 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:00:18.0437 2236 mouhid - ok
09:00:18.0453 2236 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:00:18.0453 2236 MountMgr - ok
09:00:18.0500 2236 MpKsl4379156b - ok
09:00:18.0500 2236 MpKsl59b9c265 - ok
09:00:18.0515 2236 MpKsl7f95f8f5 - ok
09:00:18.0515 2236 MpKsla16c7311 - ok
09:00:18.0531 2236 mraid35x - ok
09:00:18.0546 2236 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:00:18.0546 2236 MRxDAV - ok
09:00:18.0578 2236 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:00:18.0578 2236 MRxSmb - ok
09:00:18.0609 2236 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:00:18.0609 2236 Msfs - ok
09:00:18.0625 2236 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:00:18.0625 2236 MSKSSRV - ok
09:00:18.0625 2236 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:00:18.0625 2236 MSPCLOCK - ok
09:00:18.0640 2236 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:00:18.0640 2236 MSPQM - ok
09:00:18.0687 2236 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:00:18.0687 2236 mssmbios - ok
09:00:18.0718 2236 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:00:18.0718 2236 Mup - ok
09:00:18.0734 2236 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:00:18.0734 2236 NDIS - ok
09:00:18.0781 2236 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:00:18.0781 2236 NdisTapi - ok
09:00:18.0796 2236 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:00:18.0796 2236 Ndisuio - ok
09:00:18.0812 2236 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:00:18.0812 2236 NdisWan - ok
09:00:18.0859 2236 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:00:18.0859 2236 NDProxy - ok
09:00:18.0875 2236 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:00:18.0875 2236 NetBIOS - ok
09:00:18.0890 2236 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:00:18.0890 2236 NetBT - ok
09:00:18.0921 2236 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:00:18.0921 2236 Npfs - ok
09:00:18.0953 2236 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:00:18.0968 2236 Ntfs - ok
09:00:19.0015 2236 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:00:19.0015 2236 Null - ok
09:00:19.0062 2236 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:00:19.0062 2236 NwlnkFlt - ok
09:00:19.0062 2236 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:00:19.0062 2236 NwlnkFwd - ok
09:00:19.0109 2236 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:00:19.0109 2236 Parport - ok
09:00:19.0125 2236 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:00:19.0125 2236 PartMgr - ok
09:00:19.0140 2236 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:00:19.0140 2236 ParVdm - ok
09:00:19.0140 2236 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:00:19.0156 2236 PCI - ok
09:00:19.0156 2236 PCIDump - ok
09:00:19.0187 2236 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:00:19.0187 2236 PCIIde - ok
09:00:19.0218 2236 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:00:19.0218 2236 Pcmcia - ok
09:00:19.0234 2236 PDCOMP - ok
09:00:19.0234 2236 PDFRAME - ok
09:00:19.0250 2236 PDRELI - ok
09:00:19.0265 2236 PDRFRAME - ok
09:00:19.0265 2236 perc2 - ok
09:00:19.0281 2236 perc2hib - ok
09:00:19.0328 2236 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:00:19.0328 2236 PptpMiniport - ok
09:00:19.0343 2236 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:00:19.0343 2236 PSched - ok
09:00:19.0390 2236 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:00:19.0390 2236 Ptilink - ok
09:00:19.0421 2236 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:00:19.0437 2236 PxHelp20 - ok
09:00:19.0437 2236 ql1080 - ok
09:00:19.0453 2236 Ql10wnt - ok
09:00:19.0453 2236 ql12160 - ok
09:00:19.0468 2236 ql1240 - ok
09:00:19.0484 2236 ql1280 - ok
09:00:19.0500 2236 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:00:19.0500 2236 RasAcd - ok
09:00:19.0531 2236 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:00:19.0531 2236 Rasl2tp - ok
09:00:19.0546 2236 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:00:19.0546 2236 RasPppoe - ok
09:00:19.0562 2236 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:00:19.0562 2236 Raspti - ok
09:00:19.0578 2236 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:00:19.0578 2236 Rdbss - ok
09:00:19.0593 2236 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:00:19.0593 2236 RDPCDD - ok
09:00:19.0609 2236 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:00:19.0609 2236 rdpdr - ok
09:00:19.0656 2236 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:00:19.0656 2236 RDPWD - ok
09:00:19.0671 2236 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:00:19.0671 2236 redbook - ok
09:00:19.0718 2236 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:00:19.0718 2236 RimUsb - ok
09:00:19.0796 2236 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:00:19.0796 2236 SASDIFSV - ok
09:00:19.0812 2236 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:00:19.0812 2236 SASKUTIL - ok
09:00:19.0859 2236 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:00:19.0875 2236 Secdrv - ok
09:00:19.0953 2236 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:00:19.0953 2236 senfilt - ok
09:00:19.0968 2236 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:00:19.0968 2236 serenum - ok
09:00:19.0984 2236 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:00:19.0984 2236 Serial - ok
09:00:20.0015 2236 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:00:20.0015 2236 Sfloppy - ok
09:00:20.0031 2236 Simbad - ok
09:00:20.0062 2236 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
09:00:20.0062 2236 smwdm - ok
09:00:20.0062 2236 Sparrow - ok
09:00:20.0093 2236 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:00:20.0093 2236 splitter - ok
09:00:20.0109 2236 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:00:20.0109 2236 sr - ok
09:00:20.0156 2236 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:00:20.0156 2236 Srv - ok
09:00:20.0171 2236 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
09:00:20.0187 2236 ssadbus - ok
09:00:20.0203 2236 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
09:00:20.0203 2236 ssadmdfl - ok
09:00:20.0234 2236 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
09:00:20.0234 2236 ssadmdm - ok
09:00:20.0265 2236 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
09:00:20.0265 2236 ssadserd - ok
09:00:20.0312 2236 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:00:20.0312 2236 swenum - ok
09:00:20.0328 2236 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:00:20.0328 2236 swmidi - ok
09:00:20.0343 2236 symc810 - ok
09:00:20.0359 2236 symc8xx - ok
09:00:20.0359 2236 sym_hi - ok
09:00:20.0375 2236 sym_u3 - ok
09:00:20.0390 2236 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:00:20.0390 2236 sysaudio - ok
09:00:20.0453 2236 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:00:20.0453 2236 Tcpip - ok
09:00:20.0468 2236 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:00:20.0468 2236 TDPIPE - ok
09:00:20.0484 2236 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:00:20.0484 2236 TDTCP - ok
09:00:20.0500 2236 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:00:20.0515 2236 TermDD - ok
09:00:20.0531 2236 TosIde - ok
09:00:20.0546 2236 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:00:20.0546 2236 Udfs - ok
09:00:20.0562 2236 ultra - ok
09:00:20.0625 2236 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:00:20.0625 2236 Update - ok
09:00:20.0656 2236 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:00:20.0656 2236 usbccgp - ok
09:00:20.0687 2236 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:00:20.0687 2236 usbehci - ok
09:00:20.0703 2236 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:00:20.0703 2236 usbhub - ok
09:00:20.0734 2236 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:00:20.0734 2236 usbprint - ok
09:00:20.0765 2236 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:00:20.0765 2236 USBSTOR - ok
09:00:20.0781 2236 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:00:20.0781 2236 usbuhci - ok
09:00:20.0796 2236 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:00:20.0796 2236 VgaSave - ok
09:00:20.0812 2236 ViaIde - ok
09:00:20.0828 2236 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:00:20.0828 2236 VolSnap - ok
09:00:20.0859 2236 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:00:20.0859 2236 Wanarp - ok
09:00:20.0921 2236 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:00:20.0921 2236 Wdf01000 - ok
09:00:20.0937 2236 WDICA - ok
09:00:20.0953 2236 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:00:20.0968 2236 wdmaud - ok
09:00:21.0031 2236 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:00:21.0031 2236 WS2IFSL - ok
09:00:21.0078 2236 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:00:21.0203 2236 \Device\Harddisk0\DR0 - ok
09:00:21.0203 2236 Boot (0x1200) (2c5b67dae903c794fc8e4a70224f5b5c) \Device\Harddisk0\DR0\Partition0
09:00:21.0203 2236 \Device\Harddisk0\DR0\Partition0 - ok
09:00:21.0203 2236 ============================================================
09:00:21.0203 2236 Scan finished
09:00:21.0203 2236 ============================================================
09:00:21.0218 2616 Detected object count: 0
09:00:21.0218 2616 Actual detected object count: 0
09:01:17.0250 0380 ============================================================
09:01:17.0250 0380 Scan started
09:01:17.0250 0380 Mode: Manual; SigCheck; TDLFS;
09:01:17.0250 0380 ============================================================
09:01:17.0625 0380 Abiosdsk - ok
09:01:17.0640 0380 abp480n5 - ok
09:01:17.0687 0380 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:01:19.0125 0380 ACPI - ok
09:01:19.0250 0380 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:01:19.0390 0380 ACPIEC - ok
09:01:19.0421 0380 adpu160m - ok
09:01:19.0468 0380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:01:19.0593 0380 aec - ok
09:01:19.0640 0380 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:01:19.0687 0380 AFD - ok
09:01:19.0703 0380 Aha154x - ok
09:01:19.0718 0380 aic78u2 - ok
09:01:19.0718 0380 aic78xx - ok
09:01:19.0734 0380 AliIde - ok
09:01:19.0750 0380 amsint - ok
09:01:19.0781 0380 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
09:01:20.0015 0380 androidusb - ok
09:01:20.0031 0380 asc - ok
09:01:20.0031 0380 asc3350p - ok
09:01:20.0046 0380 asc3550 - ok
09:01:20.0109 0380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:01:20.0234 0380 AsyncMac - ok
09:01:20.0265 0380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:01:20.0390 0380 atapi - ok
09:01:20.0406 0380 Atdisk - ok
09:01:20.0500 0380 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:01:20.0593 0380 ati2mtag - ok
09:01:20.0671 0380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:01:20.0796 0380 Atmarpc - ok
09:01:20.0843 0380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:01:20.0968 0380 audstub - ok
09:01:21.0000 0380 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:01:21.0046 0380 b57w2k - ok
09:01:21.0109 0380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:01:21.0234 0380 Beep - ok
09:01:21.0281 0380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:01:21.0421 0380 cbidf2k - ok
09:01:21.0421 0380 cd20xrnt - ok
09:01:21.0468 0380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:01:21.0578 0380 Cdaudio - ok
09:01:21.0609 0380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:01:21.0734 0380 Cdfs - ok
09:01:21.0765 0380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:01:21.0890 0380 Cdrom - ok
09:01:21.0921 0380 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
09:01:21.0953 0380 cercsr6 ( UnsignedFile.Multi.Generic ) - warning
09:01:21.0953 0380 cercsr6 - detected UnsignedFile.Multi.Generic (1)
09:01:21.0968 0380 Changer - ok
09:01:21.0984 0380 CmdIde - ok
09:01:22.0000 0380 Cpqarray - ok
09:01:22.0015 0380 dac2w2k - ok
09:01:22.0015 0380 dac960nt - ok
09:01:22.0062 0380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:01:22.0187 0380 Disk - ok
09:01:22.0250 0380 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:01:22.0390 0380 dmboot - ok
09:01:22.0421 0380 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:01:22.0562 0380 dmio - ok
09:01:22.0578 0380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:01:22.0687 0380 dmload - ok
09:01:22.0718 0380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:01:22.0859 0380 DMusic - ok
09:01:22.0875 0380 dpti2o - ok
09:01:22.0906 0380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:01:23.0031 0380 drmkaud - ok
09:01:23.0078 0380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:01:23.0203 0380 Fastfat - ok
09:01:23.0218 0380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:01:23.0359 0380 Fdc - ok
09:01:23.0390 0380 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:01:23.0515 0380 Fips - ok
09:01:23.0546 0380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:01:23.0671 0380 Flpydisk - ok
09:01:23.0703 0380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:01:23.0828 0380 FltMgr - ok
09:01:23.0875 0380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:01:24.0000 0380 Fs_Rec - ok
09:01:24.0015 0380 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:01:24.0140 0380 Ftdisk - ok
09:01:24.0171 0380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:01:24.0281 0380 Gpc - ok
09:01:24.0312 0380 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:01:24.0437 0380 hidusb - ok
09:01:24.0453 0380 hpn - ok
09:01:24.0500 0380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:01:24.0546 0380 HTTP - ok
09:01:24.0562 0380 i2omgmt - ok
09:01:24.0562 0380 i2omp - ok
09:01:24.0593 0380 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:01:24.0718 0380 i8042prt - ok
09:01:24.0796 0380 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
09:01:24.0890 0380 ialm - ok
09:01:24.0968 0380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:01:25.0109 0380 Imapi - ok
09:01:25.0125 0380 ini910u - ok
09:01:25.0125 0380 IntelIde - ok
09:01:25.0156 0380 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:01:25.0281 0380 intelppm - ok
09:01:25.0296 0380 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:01:25.0421 0380 Ip6Fw - ok
09:01:25.0437 0380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:01:25.0562 0380 IpFilterDriver - ok
09:01:25.0562 0380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:01:25.0687 0380 IpInIp - ok
09:01:25.0718 0380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:01:25.0843 0380 IpNat - ok
09:01:25.0875 0380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:01:26.0000 0380 IPSec - ok
09:01:26.0015 0380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:01:26.0125 0380 IRENUM - ok
09:01:26.0156 0380 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:01:26.0281 0380 isapnp - ok
09:01:26.0312 0380 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:01:26.0437 0380 Kbdclass - ok
09:01:26.0453 0380 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:01:26.0562 0380 kbdhid - ok
09:01:26.0593 0380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:01:26.0718 0380 kmixer - ok
09:01:26.0750 0380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:01:26.0828 0380 KSecDD - ok
09:01:26.0828 0380 lbrtfdc - ok
09:01:26.0890 0380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:01:27.0015 0380 mnmdd - ok
09:01:27.0062 0380 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:01:27.0171 0380 Modem - ok
09:01:27.0187 0380 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:01:27.0328 0380 Mouclass - ok
09:01:27.0343 0380 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:01:27.0468 0380 mouhid - ok
09:01:27.0484 0380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:01:27.0609 0380 MountMgr - ok
09:01:27.0656 0380 MpKsl4379156b - ok
09:01:27.0656 0380 MpKsl59b9c265 - ok
09:01:27.0671 0380 MpKsl7f95f8f5 - ok
09:01:27.0671 0380 MpKsla16c7311 - ok
09:01:27.0687 0380 mraid35x - ok
09:01:27.0703 0380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:01:27.0828 0380 MRxDAV - ok
09:01:27.0843 0380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:01:27.0890 0380 MRxSmb - ok
09:01:27.0937 0380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:01:28.0078 0380 Msfs - ok
09:01:28.0109 0380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:01:28.0218 0380 MSKSSRV - ok
09:01:28.0234 0380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:01:28.0359 0380 MSPCLOCK - ok
09:01:28.0375 0380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:01:28.0484 0380 MSPQM - ok
09:01:28.0515 0380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:01:28.0640 0380 mssmbios - ok
09:01:28.0687 0380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:01:28.0718 0380 Mup - ok
09:01:28.0781 0380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:01:28.0906 0380 NDIS - ok
09:01:28.0953 0380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:01:29.0015 0380 NdisTapi - ok
09:01:29.0031 0380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:01:29.0156 0380 Ndisuio - ok
09:01:29.0187 0380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:01:29.0312 0380 NdisWan - ok
09:01:29.0343 0380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:01:29.0406 0380 NDProxy - ok
09:01:29.0421 0380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:01:29.0546 0380 NetBIOS - ok
09:01:29.0578 0380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:01:29.0703 0380 NetBT - ok
09:01:29.0734 0380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:01:29.0859 0380 Npfs - ok
09:01:29.0906 0380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:01:30.0031 0380 Ntfs - ok
09:01:30.0093 0380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:01:30.0218 0380 Null - ok
09:01:30.0250 0380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:01:30.0375 0380 NwlnkFlt - ok
09:01:30.0390 0380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:01:30.0500 0380 NwlnkFwd - ok
09:01:30.0531 0380 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:01:30.0656 0380 Parport - ok
09:01:30.0687 0380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:01:30.0796 0380 PartMgr - ok
09:01:30.0859 0380 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:01:30.0984 0380 ParVdm - ok
09:01:31.0000 0380 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:01:31.0125 0380 PCI - ok
09:01:31.0125 0380 PCIDump - ok
09:01:31.0156 0380 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:01:31.0265 0380 PCIIde - ok
09:01:31.0281 0380 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:01:31.0406 0380 Pcmcia - ok
09:01:31.0406 0380 PDCOMP - ok
09:01:31.0421 0380 PDFRAME - ok
09:01:31.0421 0380 PDRELI - ok
09:01:31.0437 0380 PDRFRAME - ok
09:01:31.0453 0380 perc2 - ok
09:01:31.0453 0380 perc2hib - ok
09:01:31.0500 0380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:01:31.0625 0380 PptpMiniport - ok
09:01:31.0640 0380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:01:31.0750 0380 PSched - ok
09:01:31.0796 0380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:01:31.0921 0380 Ptilink - ok
09:01:31.0953 0380 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:01:31.0968 0380 PxHelp20 - ok
09:01:31.0968 0380 ql1080 - ok
09:01:31.0984 0380 Ql10wnt - ok
09:01:32.0000 0380 ql12160 - ok
09:01:32.0000 0380 ql1240 - ok
09:01:32.0015 0380 ql1280 - ok
09:01:32.0046 0380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:01:32.0171 0380 RasAcd - ok
09:01:32.0203 0380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:01:32.0343 0380 Rasl2tp - ok
09:01:32.0343 0380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:01:32.0468 0380 RasPppoe - ok
09:01:32.0500 0380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:01:32.0640 0380 Raspti - ok
09:01:32.0656 0380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:01:32.0796 0380 Rdbss - ok
09:01:32.0812 0380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:01:32.0953 0380 RDPCDD - ok
09:01:32.0984 0380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:01:33.0109 0380 rdpdr - ok
09:01:33.0156 0380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:01:33.0171 0380 RDPWD - ok
09:01:33.0203 0380 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:01:33.0328 0380 redbook - ok
09:01:33.0359 0380 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:01:33.0406 0380 RimUsb - ok
09:01:33.0500 0380 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:01:33.0515 0380 SASDIFSV - ok
09:01:33.0531 0380 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:01:33.0531 0380 SASKUTIL - ok
09:01:33.0593 0380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:01:33.0718 0380 Secdrv - ok
09:01:33.0796 0380 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:01:33.0859 0380 senfilt - ok
09:01:33.0906 0380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:01:34.0031 0380 serenum - ok
09:01:34.0062 0380 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:01:34.0187 0380 Serial - ok
09:01:34.0218 0380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:01:34.0328 0380 Sfloppy - ok
09:01:34.0343 0380 Simbad - ok
09:01:34.0406 0380 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
09:01:34.0437 0380 smwdm - ok
09:01:34.0437 0380 Sparrow - ok
09:01:34.0468 0380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:01:34.0609 0380 splitter - ok
09:01:34.0640 0380 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:01:34.0765 0380 sr - ok
09:01:34.0812 0380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:01:34.0859 0380 Srv - ok
09:01:34.0906 0380 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
09:01:34.0906 0380 ssadbus - ok
09:01:34.0937 0380 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
09:01:34.0937 0380 ssadmdfl - ok
09:01:34.0968 0380 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
09:01:34.0984 0380 ssadmdm - ok
09:01:35.0015 0380 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
09:01:35.0031 0380 ssadserd - ok
09:01:35.0062 0380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:01:35.0187 0380 swenum - ok
09:01:35.0218 0380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:01:35.0343 0380 swmidi - ok
09:01:35.0359 0380 symc810 - ok
09:01:35.0359 0380 symc8xx - ok
09:01:35.0375 0380 sym_hi - ok
09:01:35.0390 0380 sym_u3 - ok
09:01:35.0406 0380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:01:35.0546 0380 sysaudio - ok
09:01:35.0593 0380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:01:35.0671 0380 Tcpip - ok
09:01:35.0718 0380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:01:35.0843 0380 TDPIPE - ok
09:01:35.0859 0380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:01:35.0984 0380 TDTCP - ok
09:01:36.0000 0380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:01:36.0125 0380 TermDD - ok
09:01:36.0140 0380 TosIde - ok
09:01:36.0171 0380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:01:36.0281 0380 Udfs - ok
09:01:36.0296 0380 ultra - ok
09:01:36.0359 0380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:01:36.0500 0380 Update - ok
09:01:36.0531 0380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:01:36.0640 0380 usbccgp - ok
09:01:36.0671 0380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:01:36.0796 0380 usbehci - ok
09:01:36.0828 0380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:01:36.0968 0380 usbhub - ok
09:01:36.0984 0380 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:01:37.0109 0380 usbprint - ok
09:01:37.0140 0380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:01:37.0265 0380 USBSTOR - ok
09:01:37.0281 0380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:01:37.0406 0380 usbuhci - ok
09:01:37.0437 0380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:01:37.0546 0380 VgaSave - ok
09:01:37.0546 0380 ViaIde - ok
09:01:37.0578 0380 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:01:37.0687 0380 VolSnap - ok
09:01:37.0734 0380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:01:37.0843 0380 Wanarp - ok
09:01:37.0906 0380 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:01:37.0921 0380 Wdf01000 - ok
09:01:37.0937 0380 WDICA - ok
09:01:37.0968 0380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:01:38.0093 0380 wdmaud - ok
09:01:38.0171 0380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:01:38.0312 0380 WS2IFSL - ok
09:01:38.0343 0380 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:01:38.0468 0380 \Device\Harddisk0\DR0 - ok
09:01:38.0484 0380 Boot (0x1200) (2c5b67dae903c794fc8e4a70224f5b5c) \Device\Harddisk0\DR0\Partition0
09:01:38.0484 0380 \Device\Harddisk0\DR0\Partition0 - ok
09:01:38.0484 0380 ============================================================
09:01:38.0484 0380 Scan finished
09:01:38.0484 0380 ============================================================
09:01:38.0593 3376 Detected object count: 1
09:01:38.0593 3376 Actual detected object count: 1
09:03:06.0734 3376 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
09:03:06.0734 3376 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:03:13.0343 2656 Deinitialize success
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by Reception at 9:04:19 on 2011-11-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.402 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe
C:\Program Files\FMAuditOnsite\fmaonsite.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\WinRar\WinRAR.exe
C:\Program Files\WinRar\WinRAR.exe
C:\WINDOWS\system32\notepad.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091
uWindow Title = Windows Internet Explorer provided by MSN & Bing
mDefault_Search_URL = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\launch~1.lnk - c:\documents and settings\reception\application data\verizon\ua_ar\UtilityApplication.exe
StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
-
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by Reception at 15:27:13 on 2011-11-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.424 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe
C:\Program Files\FMAuditOnsite\fmaonsite.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091
uWindow Title = Windows Internet Explorer provided by MSN & Bing
mDefault_Search_URL = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\launch~1.lnk - c:\documents and settings\reception\application data\verizon\ua_ar\UtilityApplication.exe
StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245
TCP: Interfaces\{0854CCB4-BF41-4A0B-BFAA-0AB7758151E1} : DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
Notify: TPSvc - TPSvc.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\reception\application data\mozilla\firefox\profiles\m1s1x1jp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\all users\application data\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352]
R2 FMAuditOnsite;FMAudit Onsite;c:\program files\fmauditonsite\fmaonsite.exe [2011-11-16 54864]
R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2011-7-5 91456]
S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b57ecadf-0654-4bc1-bd0a-53e78d8d2553}\mpksl4379156b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b57ecadf-0654-4bc1-bd0a-53e78d8d2553}\MpKsl4379156b.sys [?]
S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b605622e-1df1-455e-9351-2e1880a224e0}\mpksl59b9c265.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b605622e-1df1-455e-9351-2e1880a224e0}\MpKsl59b9c265.sys [?]
S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ff8fa3bf-18a9-44a0-8c0c-99da5ab21a23}\mpksl7f95f8f5.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ff8fa3bf-18a9-44a0-8c0c-99da5ab21a23}\MpKsl7f95f8f5.sys [?]
S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f4bef5a-c8b3-4a58-828d-ae3473a652c0}\mpksla16c7311.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f4bef5a-c8b3-4a58-828d-ae3473a652c0}\MpKsla16c7311.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-8-24 30312]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-8-24 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-8-24 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-8-24 136680]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-8-24 114152]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2011-11-17 22:43:51 -------- d-----w- c:\program files\DivX
2011-11-17 22:43:36 -------- d-----w- c:\documents and settings\all users\application data\DivX
2011-11-11 19:33:45 -------- d-----w- c:\program files\common files\iS3
2011-11-11 19:33:45 -------- d-----w- c:\documents and settings\all users\application data\STOPzilla!
2011-11-11 16:53:16 -------- d-----w- c:\program files\Free Internet Window Washer
2011-11-11 13:07:41 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-11 13:07:41 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-11-08 13:17:18 720896 ----a-w- c:\windows\iun6002.exe
2011-11-08 13:17:15 -------- d-----w- c:\program files\Starpoint Software
2011-11-01 18:26:15 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll
2011-10-31 22:07:04 -------- d-----w- c:\program files\Vuze
2011-10-31 20:53:49 -------- d-----w- c:\documents and settings\reception\.swt
2011-10-31 20:53:40 -------- d-----w- c:\documents and settings\reception\application data\Azureus
2011-10-31 20:52:05 -------- d-----w- c:\documents and settings\reception\local settings\application data\Conduit
.
==================== Find3M ====================
.
2011-10-20 23:26:22 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 20:09:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:56:22 667136 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56:22 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 12:35:09 369664 ----a-w- c:\windows\system32\html.iec
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 15:27:25.71 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/28/2010 1:49:32 PM
System Uptime: 11/23/2011 2:46:30 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0F8098
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 43.929 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP279: 9/25/2011 6:15:18 PM - System Checkpoint
RP280: 9/26/2011 7:15:20 PM - System Checkpoint
RP281: 9/27/2011 4:12:30 PM - Installed Adobe Reader X (10.1.1).
RP282: 9/28/2011 4:16:08 PM - System Checkpoint
RP283: 9/29/2011 3:00:15 AM - Software Distribution Service 3.0
RP284: 9/29/2011 9:28:39 AM - Installed Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
RP285: 9/30/2011 10:04:53 AM - System Checkpoint
RP286: 10/1/2011 10:16:07 AM - System Checkpoint
RP287: 10/2/2011 11:16:07 AM - System Checkpoint
RP288: 10/3/2011 8:45:41 AM - Printer Driver CutePDF Writer Installed
RP289: 10/4/2011 8:57:56 AM - System Checkpoint
RP290: 10/5/2011 5:27:08 PM - System Checkpoint
RP291: 10/6/2011 5:53:08 PM - System Checkpoint
RP292: 10/7/2011 6:53:09 PM - System Checkpoint
RP293: 10/8/2011 7:53:08 PM - System Checkpoint
RP294: 10/9/2011 8:53:08 PM - System Checkpoint
RP295: 10/10/2011 9:53:07 PM - System Checkpoint
RP296: 10/11/2011 10:53:07 PM - System Checkpoint
RP297: 10/12/2011 3:00:18 AM - Software Distribution Service 3.0
RP298: 10/13/2011 3:20:37 AM - System Checkpoint
RP299: 10/14/2011 3:26:12 AM - System Checkpoint
RP300: 10/15/2011 3:28:22 AM - System Checkpoint
RP301: 10/16/2011 4:28:21 AM - System Checkpoint
RP302: 10/17/2011 5:28:21 AM - System Checkpoint
RP303: 10/18/2011 6:28:23 AM - System Checkpoint
RP304: 10/19/2011 6:31:15 AM - System Checkpoint
RP305: 10/20/2011 7:23:35 AM - System Checkpoint
RP306: 10/21/2011 8:23:22 AM - System Checkpoint
RP307: 10/22/2011 9:23:22 AM - System Checkpoint
RP308: 10/23/2011 10:23:24 AM - System Checkpoint
RP309: 10/24/2011 2:32:09 PM - System Checkpoint
RP310: 10/25/2011 3:06:37 PM - System Checkpoint
RP311: 10/26/2011 4:06:37 PM - System Checkpoint
RP312: 10/27/2011 5:51:12 PM - System Checkpoint
RP313: 10/28/2011 5:57:30 PM - System Checkpoint
RP314: 10/29/2011 6:57:29 PM - System Checkpoint
RP315: 10/30/2011 7:57:29 PM - System Checkpoint
RP316: 10/31/2011 8:40:28 PM - System Checkpoint
RP317: 11/1/2011 9:11:33 PM - System Checkpoint
RP318: 11/2/2011 3:00:15 AM - Software Distribution Service 3.0
RP319: 11/3/2011 3:06:34 AM - System Checkpoint
RP320: 11/4/2011 4:06:34 AM - System Checkpoint
RP321: 11/5/2011 4:45:17 AM - System Checkpoint
RP322: 11/6/2011 4:45:16 AM - System Checkpoint
RP323: 11/7/2011 5:45:16 AM - System Checkpoint
RP324: 11/8/2011 6:45:16 AM - System Checkpoint
RP325: 11/9/2011 7:46:23 AM - System Checkpoint
RP326: 11/10/2011 3:00:15 AM - Software Distribution Service 3.0
RP327: 11/11/2011 3:00:16 AM - Software Distribution Service 3.0
RP328: 11/11/2011 8:03:41 AM - Software Distribution Service 3.0
RP329: 11/11/2011 2:33:34 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP330: 11/12/2011 3:00:15 AM - Software Distribution Service 3.0
RP331: 11/13/2011 3:51:19 AM - System Checkpoint
RP332: 11/14/2011 3:52:42 AM - System Checkpoint
RP333: 11/15/2011 4:40:41 AM - System Checkpoint
RP334: 11/16/2011 6:04:42 AM - System Checkpoint
RP335: 11/16/2011 11:00:38 AM - Removed Motorola Driver Installation 4.6.0
RP336: 11/16/2011 11:01:29 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP337: 11/17/2011 11:35:11 AM - System Checkpoint
RP338: 11/18/2011 4:11:56 PM - System Checkpoint
RP339: 11/19/2011 4:58:56 PM - System Checkpoint
RP340: 11/20/2011 5:58:56 PM - System Checkpoint
RP341: 11/21/2011 8:00:58 PM - System Checkpoint
RP342: 11/22/2011 8:58:56 PM - System Checkpoint
RP343: 11/23/2011 1:25:09 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Color Common Settings
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.1)
Adobe Setup
ATI Display Driver
Autodesk MapGuide® Viewer ActiveX Control Release 6.5
Broadcom Gigabit Integrated Controller
CutePDF Writer 2.8
DivX Setup
FileOpen Client
FMAudit Onsite
Google Earth Pro
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel® Graphics Media Accelerator Driver
Java 6 Update 16
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
MotoConnect
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Myibay Auction bid sniper for eBay 1.0.43
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SoundMAX
Speccy
Spybot - Search & Destroy
Starpoint Software Super Slug 3.1 ANSI Full Version
SUPERAntiSpyware
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
Verizon Wireless Software Utility Application for Android - Samsung
Vuze
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
.
==== End Of File ===========================
Unable to remove redirect virus
in Resolved Malware Removal Logs
Posted
I was able to fix it myself...no worries. Never have revisited thechive.com website where i picked it up both times.
Thanks,