steve jones
-
Posts
120 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by steve jones
-
Amazon password change request
steve jones replied to steve jones's topic in General Windows PC Help
Update...I was in the process of doing as suggested and telling my wife that she should keep a close eye on her bank account for a few weeks. (I had previously told her that we had received a suspicious email and I was coming to this site for advice). Her reply..."could it be anything to do with the password request I did the other day? I couldn't remember our Amazon password." Arrghhh!! Women!!!! You've got to love 'em... Sorry guys! -
Amazon password change request
steve jones replied to steve jones's topic in General Windows PC Help
Thanks all - will act on that tonite. Just thought it strange that it said I could ignore the email - if it was a nasty surely it would have asked me to click a link? -
Received an email from Amazon saying they had received a request from me to change a password, but if we hadn't sent such a request we should ignore the email. We hadn't, so we did. But should I be worried - had someone else tried to access my account? Is anyone more knowledgable about how/why this happened?
-
Funny funny guy. RIP
-
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Hi again - I saved Combofix as a renamed file on the infected HDD and tried to run it normally and in safe mode. It failed at 'checking for infected files' stage. Whilst I could access the disc using Explorer I searched for vbmaf096 and it wasn't ther. To be honest I'm at the stage of throwing in the towel and formatting the disc. This thing responds so slowly I'm spending hours each day on it, and to no avail. So please accept my thanks for your tenacity and your support over these long weeks - hopefully you can understand. Besides which, I'll bet you are sick to the back teeth of this one!! Thanks again. Steve :-) -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
To be honest I must have run TDSS and rebooted at least 6 times? I was thinking if I downloaded Combofix onto my good laptop, renamed it, and copied it to the Desktop folder of the infected drive, assumedly I could then run Combofix on the infected HDD? The infected OS won't be running but does this matter? Should I try this? -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Just finished an online Eset scan and that came up clean also? Confusing... -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Thanks for the encouragement Rand I've attached the latest TDSSKiller log below. My external caddy arrived so I put the infected drive in it and ran some scans from a good laptop - both MBAM and AVG came up clean. I don'tknow if Combofix can be run from my laptop and be 'aimed' at the infected external drive? Also I've noticed that the User folder containing important pics that I wanted to save is not accesible - can't remember the message but I wondered if that's something fixable? Last question - if I decided to format and reload XP on the infected drive, could I do this by running the Windows CD in my good laptop and loading the OS on the infected USB drive? I would then put the drive back in it's proper laptop, but would XP then have a problem because the hardware would have all changed? 2010/11/24 14:26:12.0616 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/24 14:26:12.0616 ================================================================================ 2010/11/24 14:26:12.0616 SystemInfo: 2010/11/24 14:26:12.0616 2010/11/24 14:26:12.0616 OS Version: 5.1.2600 ServicePack: 3.0 2010/11/24 14:26:12.0646 Product type: Workstation 2010/11/24 14:26:12.0646 ComputerName: WILL-88D4C38501 2010/11/24 14:26:12.0646 UserName: user 2010/11/24 14:26:12.0646 Windows directory: C:\WINDOWS 2010/11/24 14:26:12.0646 System windows directory: C:\WINDOWS 2010/11/24 14:26:12.0646 Processor architecture: Intel x86 2010/11/24 14:26:12.0646 Number of processors: 1 2010/11/24 14:26:12.0646 Page size: 0x1000 2010/11/24 14:26:12.0646 Boot type: Normal boot 2010/11/24 14:26:12.0646 ================================================================================ 2010/11/24 14:26:13.0157 Initialize success 2010/11/24 14:26:18.0074 ================================================================================ 2010/11/24 14:26:18.0074 Scan started 2010/11/24 14:26:18.0074 Mode: Manual; 2010/11/24 14:26:18.0074 ================================================================================ 2010/11/24 14:26:20.0707 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2010/11/24 14:26:20.0908 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/11/24 14:26:21.0098 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/11/24 14:26:21.0378 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/11/24 14:26:21.0579 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/11/24 14:26:22.0049 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 2010/11/24 14:26:22.0300 ALCXWDM (098a05b3dafb1244ada120b80758bda5) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2010/11/24 14:26:22.0540 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys 2010/11/24 14:26:22.0760 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/11/24 14:26:23.0141 ApfiltrService (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/11/24 14:26:23.0311 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2010/11/24 14:26:23.0772 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys 2010/11/24 14:26:24.0002 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/11/24 14:26:24.0162 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/11/24 14:26:24.0433 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2010/11/24 14:26:24.0653 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/11/24 14:26:24.0873 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/11/24 14:26:25.0204 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2010/11/24 14:26:25.0514 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys 2010/11/24 14:26:25.0755 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2010/11/24 14:26:26.0025 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys 2010/11/24 14:26:26.0215 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/11/24 14:26:26.0356 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2010/11/24 14:26:26.0556 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 2010/11/24 14:26:26.0756 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2010/11/24 14:26:27.0097 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys 2010/11/24 14:26:27.0287 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2010/11/24 14:26:27.0387 caboagp (10d5fb74ee18ea49c30daaa203c0e0ec) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys 2010/11/24 14:26:27.0657 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys 2010/11/24 14:26:27.0888 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/11/24 14:26:28.0088 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/11/24 14:26:28.0328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/11/24 14:26:28.0509 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/11/24 14:26:28.0719 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/11/24 14:26:29.0009 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/11/24 14:26:29.0240 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/11/24 14:26:29.0630 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/11/24 14:26:29.0971 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2010/11/24 14:26:30.0161 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys 2010/11/24 14:26:30.0291 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2010/11/24 14:26:30.0491 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/11/24 14:26:30.0612 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/11/24 14:26:30.0902 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/11/24 14:26:31.0192 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/11/24 14:26:31.0393 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/11/24 14:26:31.0663 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2010/11/24 14:26:31.0873 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/11/24 14:26:32.0194 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/11/24 14:26:32.0404 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/11/24 14:26:32.0524 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/11/24 14:26:32.0695 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/11/24 14:26:32.0975 HidBth (7bd2de4c85eb4241eed57672b16a7d8d) C:\WINDOWS\system32\DRIVERS\hidbth.sys 2010/11/24 14:26:33.0195 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/11/24 14:26:33.0436 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2010/11/24 14:26:33.0596 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2010/11/24 14:26:33.0666 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2010/11/24 14:26:33.0916 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/11/24 14:26:34.0217 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/11/24 14:26:34.0427 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/11/24 14:26:34.0657 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/11/24 14:26:34.0848 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/11/24 14:26:35.0048 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/11/24 14:26:35.0148 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/11/24 14:26:35.0338 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/11/24 14:26:35.0529 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/11/24 14:26:35.0709 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/11/24 14:26:35.0799 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/11/24 14:26:36.0069 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/11/24 14:26:36.0120 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/11/24 14:26:36.0250 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/11/24 14:26:36.0460 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/11/24 14:26:36.0821 LEX_AS_NIC_SERVICE_YNOS (dd8bcb380aa2a8bca9fd613e3e2c23c0) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 2010/11/24 14:26:37.0111 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2010/11/24 14:26:37.0361 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/11/24 14:26:37.0471 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2010/11/24 14:26:37.0642 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/11/24 14:26:37.0732 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/11/24 14:26:37.0972 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/11/24 14:26:38.0223 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/11/24 14:26:38.0443 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/11/24 14:26:38.0673 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2010/11/24 14:26:38.0753 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/11/24 14:26:38.0994 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/11/24 14:26:39.0054 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/11/24 14:26:39.0224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/11/24 14:26:39.0324 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/11/24 14:26:39.0524 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/11/24 14:26:39.0605 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/11/24 14:26:39.0835 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/11/24 14:26:40.0055 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/11/24 14:26:40.0145 ndiscm (b797ee2ef919c95561dee78b72b33e5b) C:\WINDOWS\system32\DRIVERS\NetMotCM.sys 2010/11/24 14:26:40.0356 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/11/24 14:26:40.0406 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/11/24 14:26:40.0476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/11/24 14:26:40.0676 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/11/24 14:26:40.0736 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/11/24 14:26:40.0987 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/11/24 14:26:41.0057 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/11/24 14:26:41.0297 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2010/11/24 14:26:41.0497 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/11/24 14:26:41.0597 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/11/24 14:26:41.0828 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/11/24 14:26:41.0938 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/11/24 14:26:42.0238 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/11/24 14:26:42.0429 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 2010/11/24 14:26:42.0629 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 2010/11/24 14:26:42.0779 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 2010/11/24 14:26:43.0220 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys 2010/11/24 14:26:43.0450 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2010/11/24 14:26:43.0650 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/11/24 14:26:43.0720 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/11/24 14:26:43.0921 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/11/24 14:26:44.0031 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/11/24 14:26:44.0341 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/11/24 14:26:45.0002 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/11/24 14:26:45.0223 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/11/24 14:26:45.0323 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/11/24 14:26:45.0713 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/11/24 14:26:45.0824 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/11/24 14:26:46.0024 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/11/24 14:26:46.0214 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/11/24 14:26:46.0324 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/11/24 14:26:46.0515 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/11/24 14:26:46.0645 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/11/24 14:26:46.0835 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/11/24 14:26:47.0035 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/11/24 14:26:47.0246 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2010/11/24 14:26:47.0356 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2010/11/24 14:26:47.0606 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys 2010/11/24 14:26:47.0816 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys 2010/11/24 14:26:47.0937 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys 2010/11/24 14:26:48.0157 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/11/24 14:26:48.0347 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 2010/11/24 14:26:48.0457 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/11/24 14:26:48.0708 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/11/24 14:26:48.0948 SNC (1a992c8136c015453e82041c35b299da) C:\WINDOWS\system32\DRIVERS\SonyNC.sys 2010/11/24 14:26:49.0178 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/11/24 14:26:49.0389 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/11/24 14:26:49.0619 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/11/24 14:26:49.0889 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/11/24 14:26:50.0130 STVqx3 (65ba7d9daca76f67bb5a62f3570c5fe5) C:\WINDOWS\system32\drivers\STVqx3.sys 2010/11/24 14:26:50.0330 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/11/24 14:26:50.0510 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/11/24 14:26:50.0921 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/11/24 14:26:51.0161 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/11/24 14:26:51.0382 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/11/24 14:26:51.0532 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/11/24 14:26:51.0622 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/11/24 14:26:51.0822 tifmsony (1a406b0a846fe7250e16e05813aef849) C:\WINDOWS\system32\drivers\tifmsony.sys 2010/11/24 14:26:51.0992 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/11/24 14:26:52.0323 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/11/24 14:26:52.0563 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2010/11/24 14:26:52.0763 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/11/24 14:26:52.0874 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/11/24 14:26:53.0074 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/11/24 14:26:53.0264 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2010/11/24 14:26:53.0364 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/11/24 14:26:53.0555 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/11/24 14:26:53.0725 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/11/24 14:26:53.0835 Suspicious service (NoAccess): vbmaf096 2010/11/24 14:26:53.0995 vbmaf096 - detected Locked service (1) 2010/11/24 14:26:54.0085 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/11/24 14:26:54.0326 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/11/24 14:26:54.0546 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/11/24 14:26:54.0786 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/11/24 14:26:55.0127 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/11/24 14:26:55.0247 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/11/24 14:26:55.0437 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/11/24 14:26:55.0638 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/11/24 14:26:56.0168 ================================================================================ 2010/11/24 14:26:56.0168 Scan finished 2010/11/24 14:26:56.0168 ================================================================================ 2010/11/24 14:26:56.0208 Detected object count: 1 2010/11/24 14:27:13.0623 HKLM\SYSTEM\ControlSet003\services\vbmaf096 - will be deleted after reboot 2010/11/24 14:27:13.0633 C:\WINDOWS\system32\drivers\vbmaf096.sys - will be deleted after reboot 2010/11/24 14:27:13.0633 Locked service(vbmaf096) - User select action: Delete -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
OTL ran the fix succesfully, and it moved some files onto my memory stick. Sadly no change in laptop's situation as far as I can tell. OTL report below; All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully. Starting removal of ActiveX control {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} C:\WINDOWS\Downloaded Program Files\QTPlugin.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found. Starting removal of ActiveX control {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} C:\WINDOWS\Downloaded Program Files\Mnviewer.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1239CC52-59EF-4DFA-8C61-90FFA846DF7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1239CC52-59EF-4DFA-8C61-90FFA846DF7E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1239CC52-59EF-4DFA-8C61-90FFA846DF7E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1239CC52-59EF-4DFA-8C61-90FFA846DF7E}\ not found. Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000} C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found. Starting removal of ActiveX control {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} C:\WINDOWS\Downloaded Program Files\cabfile.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1}\ not found. Starting removal of ActiveX control {4F1E5B1A-2A80-42CA-8532-2D05CB959537} C:\WINDOWS\Downloaded Program Files\MsnPUpld.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Starting removal of ActiveX control {A8F2B9BD-A6A0-486A-9744-18920D898429} C:\WINDOWS\Downloaded Program Files\SETUP.INF moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A8F2B9BD-A6A0-486A-9744-18920D898429}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F2B9BD-A6A0-486A-9744-18920D898429}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A8F2B9BD-A6A0-486A-9744-18920D898429}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F2B9BD-A6A0-486A-9744-18920D898429}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000} C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Starting removal of ActiveX control {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} C:\WINDOWS\Downloaded Program Files\download_xp.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{224658a0-4b53-11dc-87f2-000e9b5869cb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{224658a0-4b53-11dc-87f2-000e9b5869cb}\ not found. File G:\GizmoSecure\Windows\GizmoSecure30.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fa24260-b965-11de-a3db-000e9b5869cb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3fa24260-b965-11de-a3db-000e9b5869cb}\ not found. File D:\setupSNK.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86550b0-1641-11de-91d7-000e9b5869cb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86550b0-1641-11de-91d7-000e9b5869cb}\ not found. File F:\Everymanracing.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcd9e5f0-d33d-11dd-905f-000e9b5869cb}\ not found. C:\WINDOWS\system32\shell32.dll moved successfully. ========== FILES ========== File\Folder C:\Program Files\ConduitEngine\ConduitEngine.dll not found. C:\Program Files\ConduitEngine folder moved successfully. C:\Program Files\Conduit\Community Alerts folder moved successfully. C:\Program Files\Conduit folder moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User User: LocalService User: NetworkService User: user ->Flash cache emptied: 45876 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 1243268 bytes ->Temporary Internet Files folder emptied: 1154847 bytes User: user ->Temp folder emptied: 637698522 bytes ->Temporary Internet Files folder emptied: 131631037 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2176856 bytes %systemroot%\System32 .tmp files removed: 17512465 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 134 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13496916 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 293298 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 768.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.16.0 log created on 11222010_162604 Files\Folders moved on Reboot... Registry entries deleted on Reboot... -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
As an aside, the HDD external enclusure I mentioned in earlier posts is on order. If it arrives I was planning on trying to get a Combofix log done for you to review. Do you think I will be safe to plug the infected drive into the USB of my clean laptop? -
Hi Amethyst - I'm no electronics expert, but if you DO decide to buy a non-Sony charger, just be sure that the jack that plugs into your eReader is wired the right way round. Somewhere on your eReader (near the charger socket) will be a little diagram which I don't have the knowledge to reproduce here, but it represents an end-on view of your charger's jack plug. It will either show the centre pin as being +ve or -ve, and any charger you plug in should have a jack wired this way around. I'm the same as you though - always nervous of plugging in a 'non standard' charger! Good luck.
-
Hi Bugsy - I've probably done 100+ posts and had 3 (I think) viruses in as many years, but you'll always find the experts on here very helpful and patient! And I still count myself as a newbie so you are not alone! Enjoy...
-
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Hi LDTate - just posting to apologise for not getting back sooner - I've been away for the weekend and will try to run the latest fixes this evening. Thanks again. -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Thanks LDTate! I'll try it but I don't think I have a copy/paste function on the infected machine... -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
I was just having a look through the expanded OTL log and I don't recognise the Conduit Engine?? It seems to be a toolbar 'helper' that doesn't get a good press on forums - perhaps the kids have clicked on it but it shouldn't be there! Don't know if that's relevant. -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
OTL reports were too long to copy/paste so attched below OTL.Txt Extras.Txt -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
The registry fix ran ok and attached is the TDSS Killer log. I am now rebooting the PC and will re-run TDSSKiller to see if the files have been deleted. THhe laptop is running exactly as before - very very slowly, no taskbar, no copy/paste. 2010/11/17 16:02:26.0509 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/17 16:02:26.0509 ================================================================================ 2010/11/17 16:02:26.0509 SystemInfo: 2010/11/17 16:02:26.0509 2010/11/17 16:02:26.0509 OS Version: 5.1.2600 ServicePack: 3.0 2010/11/17 16:02:26.0509 Product type: Workstation 2010/11/17 16:02:26.0509 ComputerName: WILL-88D4C38501 2010/11/17 16:02:26.0509 UserName: user 2010/11/17 16:02:26.0509 Windows directory: C:\WINDOWS 2010/11/17 16:02:26.0509 System windows directory: C:\WINDOWS 2010/11/17 16:02:26.0509 Processor architecture: Intel x86 2010/11/17 16:02:26.0509 Number of processors: 1 2010/11/17 16:02:26.0509 Page size: 0x1000 2010/11/17 16:02:26.0509 Boot type: Normal boot 2010/11/17 16:02:26.0509 ================================================================================ 2010/11/17 16:02:27.0110 Initialize success 2010/11/17 16:02:33.0309 ================================================================================ 2010/11/17 16:02:33.0309 Scan started 2010/11/17 16:02:33.0309 Mode: Manual; 2010/11/17 16:02:33.0309 ================================================================================ 2010/11/17 16:02:35.0612 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2010/11/17 16:02:35.0902 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/11/17 16:02:36.0083 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/11/17 16:02:36.0373 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/11/17 16:02:36.0553 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/11/17 16:02:36.0954 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 2010/11/17 16:02:37.0204 ALCXWDM (098a05b3dafb1244ada120b80758bda5) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2010/11/17 16:02:37.0425 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys 2010/11/17 16:02:37.0635 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/11/17 16:02:37.0765 ApfiltrService (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/11/17 16:02:37.0985 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2010/11/17 16:02:38.0446 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys 2010/11/17 16:02:38.0646 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/11/17 16:02:38.0757 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/11/17 16:02:39.0067 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2010/11/17 16:02:39.0277 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/11/17 16:02:39.0478 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/11/17 16:02:39.0658 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2010/11/17 16:02:39.0998 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys 2010/11/17 16:02:40.0259 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2010/11/17 16:02:40.0329 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys 2010/11/17 16:02:40.0519 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/11/17 16:02:40.0659 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2010/11/17 16:02:40.0880 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 2010/11/17 16:02:41.0070 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2010/11/17 16:02:41.0280 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys 2010/11/17 16:02:41.0471 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2010/11/17 16:02:41.0561 caboagp (10d5fb74ee18ea49c30daaa203c0e0ec) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys 2010/11/17 16:02:41.0891 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys 2010/11/17 16:02:42.0071 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/11/17 16:02:42.0272 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/11/17 16:02:42.0482 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/11/17 16:02:42.0672 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/11/17 16:02:42.0883 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/11/17 16:02:43.0223 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/11/17 16:02:43.0343 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/11/17 16:02:43.0734 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/11/17 16:02:44.0034 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2010/11/17 16:02:44.0244 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys 2010/11/17 16:02:44.0345 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2010/11/17 16:02:44.0545 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/11/17 16:02:44.0665 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/11/17 16:02:44.0966 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/11/17 16:02:45.0266 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/11/17 16:02:45.0456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/11/17 16:02:45.0757 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2010/11/17 16:02:45.0957 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/11/17 16:02:46.0137 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/11/17 16:02:46.0327 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/11/17 16:02:46.0438 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/11/17 16:02:46.0618 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/11/17 16:02:46.0898 HidBth (7bd2de4c85eb4241eed57672b16a7d8d) C:\WINDOWS\system32\DRIVERS\hidbth.sys 2010/11/17 16:02:47.0139 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/11/17 16:02:47.0399 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2010/11/17 16:02:47.0559 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2010/11/17 16:02:47.0629 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2010/11/17 16:02:47.0860 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/11/17 16:02:48.0190 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/11/17 16:02:48.0390 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/11/17 16:02:48.0621 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/11/17 16:02:48.0861 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/11/17 16:02:49.0021 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/11/17 16:02:49.0111 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/11/17 16:02:49.0302 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/11/17 16:02:49.0502 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/11/17 16:02:49.0692 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/11/17 16:02:49.0893 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/11/17 16:02:50.0153 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/11/17 16:02:50.0333 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/11/17 16:02:50.0473 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/11/17 16:02:50.0674 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/11/17 16:02:51.0054 LEX_AS_NIC_SERVICE_YNOS (dd8bcb380aa2a8bca9fd613e3e2c23c0) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 2010/11/17 16:02:51.0285 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2010/11/17 16:02:51.0515 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/11/17 16:02:51.0625 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2010/11/17 16:02:51.0855 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/11/17 16:02:51.0936 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/11/17 16:02:52.0136 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/11/17 16:02:52.0276 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/11/17 16:02:52.0486 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/11/17 16:02:52.0737 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2010/11/17 16:02:52.0817 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/11/17 16:02:53.0027 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/11/17 16:02:53.0087 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/11/17 16:02:53.0267 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/11/17 16:02:53.0358 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/11/17 16:02:53.0538 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/11/17 16:02:53.0628 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/11/17 16:02:53.0848 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/11/17 16:02:54.0089 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/11/17 16:02:54.0259 ndiscm (b797ee2ef919c95561dee78b72b33e5b) C:\WINDOWS\system32\DRIVERS\NetMotCM.sys 2010/11/17 16:02:54.0469 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/11/17 16:02:54.0529 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/11/17 16:02:54.0609 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/11/17 16:02:55.0010 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/11/17 16:02:55.0260 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/11/17 16:02:55.0441 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/11/17 16:02:55.0521 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/11/17 16:02:55.0771 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2010/11/17 16:02:55.0951 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/11/17 16:02:56.0061 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/11/17 16:02:56.0302 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/11/17 16:02:56.0422 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/11/17 16:02:56.0592 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/11/17 16:02:56.0712 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 2010/11/17 16:02:56.0923 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 2010/11/17 16:02:57.0113 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 2010/11/17 16:02:57.0243 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys 2010/11/17 16:02:57.0443 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2010/11/17 16:02:57.0514 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/11/17 16:02:57.0714 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/11/17 16:02:57.0804 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/11/17 16:02:57.0994 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/11/17 16:02:58.0175 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/11/17 16:02:58.0835 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/11/17 16:02:59.0046 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/11/17 16:02:59.0146 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/11/17 16:02:59.0536 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/11/17 16:02:59.0637 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/11/17 16:02:59.0927 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/11/17 16:03:00.0107 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/11/17 16:03:00.0237 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/11/17 16:03:00.0418 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/11/17 16:03:00.0548 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/11/17 16:03:00.0768 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/11/17 16:03:00.0969 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/11/17 16:03:01.0169 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2010/11/17 16:03:01.0359 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2010/11/17 16:03:01.0609 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys 2010/11/17 16:03:01.0890 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys 2010/11/17 16:03:02.0080 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys 2010/11/17 16:03:02.0320 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/11/17 16:03:02.0511 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 2010/11/17 16:03:02.0611 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/11/17 16:03:02.0921 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/11/17 16:03:03.0142 SNC (1a992c8136c015453e82041c35b299da) C:\WINDOWS\system32\DRIVERS\SonyNC.sys 2010/11/17 16:03:03.0292 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/11/17 16:03:03.0502 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/11/17 16:03:03.0702 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/11/17 16:03:04.0013 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/11/17 16:03:04.0253 STVqx3 (65ba7d9daca76f67bb5a62f3570c5fe5) C:\WINDOWS\system32\drivers\STVqx3.sys 2010/11/17 16:03:04.0444 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/11/17 16:03:04.0634 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/11/17 16:03:05.0044 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/11/17 16:03:05.0365 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/11/17 16:03:05.0595 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/11/17 16:03:05.0765 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/11/17 16:03:05.0946 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/11/17 16:03:06.0146 tifmsony (1a406b0a846fe7250e16e05813aef849) C:\WINDOWS\system32\drivers\tifmsony.sys 2010/11/17 16:03:06.0296 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/11/17 16:03:06.0567 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/11/17 16:03:06.0887 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2010/11/17 16:03:07.0077 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/11/17 16:03:07.0177 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/11/17 16:03:07.0358 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/11/17 16:03:07.0568 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2010/11/17 16:03:07.0668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/11/17 16:03:07.0909 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/11/17 16:03:08.0089 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/11/17 16:03:08.0199 Suspicious service (NoAccess): vbmaf096 2010/11/17 16:03:08.0349 vbmaf096 - detected Locked service (1) 2010/11/17 16:03:08.0429 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/11/17 16:03:08.0660 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/11/17 16:03:08.0890 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/11/17 16:03:09.0130 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/11/17 16:03:09.0441 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/11/17 16:03:09.0561 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/11/17 16:03:09.0761 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/11/17 16:03:09.0961 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/11/17 16:03:10.0452 ================================================================================ 2010/11/17 16:03:10.0452 Scan finished 2010/11/17 16:03:10.0452 ================================================================================ 2010/11/17 16:03:10.0482 Detected object count: 1 2010/11/17 16:03:45.0843 HKLM\SYSTEM\ControlSet003\services\vbmaf096 - will be deleted after reboot 2010/11/17 16:03:45.0873 C:\WINDOWS\system32\drivers\vbmaf096.sys - will be deleted after reboot 2010/11/17 16:03:45.0873 Locked service(vbmaf096) - User select action: Delete -
I've always been a bit 'off the wall' so I took the first 5 letters of my Christian name and added them to the first 5 letters of my surname...
-
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Sadly the CD writer has never worked since we got the laptop - we use a USB external writer. The only CD I have is for XP Home - not XP Pro, but assumedly that would have worked if I could run it? Also there is no BIOS option to boot from a USB device - so I can't start Recovery console. I think the USB HDD caddy is the only option to allow me to make progress? -
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
New TDSSKiller log below - note this was produced before reboot, because I don't seem to get a proper reboot and no option to produce a log after reboot. TDSSKiller doesn't appear to be deleting the suspicious object though because it's been run at least 3 times and rebooted... 2010/11/16 04:01:26.0790 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/16 04:01:26.0790 ================================================================================ 2010/11/16 04:01:26.0790 SystemInfo: 2010/11/16 04:01:26.0790 2010/11/16 04:01:26.0790 OS Version: 5.1.2600 ServicePack: 3.0 2010/11/16 04:01:26.0790 Product type: Workstation 2010/11/16 04:01:26.0790 ComputerName: WILL-88D4C38501 2010/11/16 04:01:26.0790 UserName: user 2010/11/16 04:01:26.0790 Windows directory: C:\WINDOWS 2010/11/16 04:01:26.0790 System windows directory: C:\WINDOWS 2010/11/16 04:01:26.0790 Processor architecture: Intel x86 2010/11/16 04:01:26.0790 Number of processors: 1 2010/11/16 04:01:26.0790 Page size: 0x1000 2010/11/16 04:01:26.0790 Boot type: Normal boot 2010/11/16 04:01:26.0790 ================================================================================ 2010/11/16 04:01:27.0311 Initialize success 2010/11/16 04:01:49.0343 ================================================================================ 2010/11/16 04:01:49.0343 Scan started 2010/11/16 04:01:49.0343 Mode: Manual; 2010/11/16 04:01:49.0343 ================================================================================ 2010/11/16 04:01:51.0526 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2010/11/16 04:01:51.0837 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/11/16 04:01:52.0027 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/11/16 04:01:52.0377 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/11/16 04:01:52.0568 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/11/16 04:01:52.0968 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 2010/11/16 04:01:53.0259 ALCXWDM (098a05b3dafb1244ada120b80758bda5) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2010/11/16 04:01:53.0499 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys 2010/11/16 04:01:53.0709 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/11/16 04:01:53.0869 ApfiltrService (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/11/16 04:01:54.0140 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2010/11/16 04:01:54.0611 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys 2010/11/16 04:01:54.0831 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/11/16 04:01:54.0911 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/11/16 04:01:55.0281 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2010/11/16 04:01:55.0482 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/11/16 04:01:55.0702 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/11/16 04:01:55.0902 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2010/11/16 04:01:56.0253 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys 2010/11/16 04:01:56.0473 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2010/11/16 04:01:56.0683 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys 2010/11/16 04:01:56.0904 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/11/16 04:01:57.0054 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2010/11/16 04:01:57.0294 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 2010/11/16 04:01:57.0495 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2010/11/16 04:01:57.0705 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys 2010/11/16 04:01:57.0895 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2010/11/16 04:01:57.0985 caboagp (10d5fb74ee18ea49c30daaa203c0e0ec) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys 2010/11/16 04:01:58.0306 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys 2010/11/16 04:01:58.0526 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/11/16 04:01:58.0736 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/11/16 04:01:58.0967 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/11/16 04:01:59.0197 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/11/16 04:01:59.0397 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/11/16 04:01:59.0778 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/11/16 04:01:59.0908 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/11/16 04:02:00.0379 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/11/16 04:02:00.0619 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2010/11/16 04:02:00.0809 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys 2010/11/16 04:02:00.0930 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2010/11/16 04:02:01.0170 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/11/16 04:02:01.0360 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/11/16 04:02:01.0651 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/11/16 04:02:01.0901 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/11/16 04:02:02.0211 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/11/16 04:02:02.0482 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2010/11/16 04:02:02.0682 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/11/16 04:02:02.0872 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/11/16 04:02:02.0993 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/11/16 04:02:03.0193 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/11/16 04:02:03.0373 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/11/16 04:02:03.0623 HidBth (7bd2de4c85eb4241eed57672b16a7d8d) C:\WINDOWS\system32\DRIVERS\hidbth.sys 2010/11/16 04:02:03.0864 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/11/16 04:02:04.0114 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2010/11/16 04:02:04.0284 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2010/11/16 04:02:04.0475 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2010/11/16 04:02:04.0675 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/11/16 04:02:04.0985 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/11/16 04:02:05.0216 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/11/16 04:02:05.0476 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/11/16 04:02:05.0676 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/11/16 04:02:05.0867 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/11/16 04:02:05.0947 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/11/16 04:02:06.0227 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/11/16 04:02:06.0427 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/11/16 04:02:06.0618 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/11/16 04:02:06.0818 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/11/16 04:02:07.0078 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/11/16 04:02:07.0159 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/11/16 04:02:07.0309 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/11/16 04:02:07.0529 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/11/16 04:02:07.0890 LEX_AS_NIC_SERVICE_YNOS (dd8bcb380aa2a8bca9fd613e3e2c23c0) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 2010/11/16 04:02:08.0180 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2010/11/16 04:02:08.0420 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/11/16 04:02:08.0521 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2010/11/16 04:02:08.0691 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/11/16 04:02:08.0791 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/11/16 04:02:09.0011 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/11/16 04:02:09.0171 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/11/16 04:02:09.0402 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/11/16 04:02:09.0642 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2010/11/16 04:02:09.0732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/11/16 04:02:09.0953 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/11/16 04:02:10.0033 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/11/16 04:02:10.0263 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/11/16 04:02:10.0353 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/11/16 04:02:10.0553 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/11/16 04:02:10.0634 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/11/16 04:02:10.0864 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/11/16 04:02:11.0114 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/11/16 04:02:11.0325 ndiscm (b797ee2ef919c95561dee78b72b33e5b) C:\WINDOWS\system32\DRIVERS\NetMotCM.sys 2010/11/16 04:02:11.0545 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/11/16 04:02:11.0595 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/11/16 04:02:11.0685 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/11/16 04:02:11.0855 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/11/16 04:02:11.0925 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/11/16 04:02:12.0176 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/11/16 04:02:12.0276 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/11/16 04:02:12.0516 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2010/11/16 04:02:12.0606 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/11/16 04:02:12.0847 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/11/16 04:02:13.0117 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/11/16 04:02:13.0438 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/11/16 04:02:13.0598 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/11/16 04:02:13.0708 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 2010/11/16 04:02:13.0888 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 2010/11/16 04:02:13.0958 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 2010/11/16 04:02:14.0209 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys 2010/11/16 04:02:14.0409 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2010/11/16 04:02:14.0479 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/11/16 04:02:14.0689 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/11/16 04:02:14.0800 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/11/16 04:02:14.0990 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/11/16 04:02:15.0180 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/11/16 04:02:15.0791 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/11/16 04:02:16.0011 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/11/16 04:02:16.0111 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/11/16 04:02:16.0542 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/11/16 04:02:16.0662 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/11/16 04:02:16.0883 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/11/16 04:02:17.0093 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/11/16 04:02:17.0243 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/11/16 04:02:17.0433 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/11/16 04:02:17.0574 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/11/16 04:02:17.0794 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/11/16 04:02:17.0994 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/11/16 04:02:18.0104 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2010/11/16 04:02:18.0335 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2010/11/16 04:02:18.0585 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys 2010/11/16 04:02:18.0805 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys 2010/11/16 04:02:19.0016 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys 2010/11/16 04:02:19.0286 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/11/16 04:02:19.0496 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 2010/11/16 04:02:19.0596 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/11/16 04:02:19.0867 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/11/16 04:02:20.0117 SNC (1a992c8136c015453e82041c35b299da) C:\WINDOWS\system32\DRIVERS\SonyNC.sys 2010/11/16 04:02:20.0368 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/11/16 04:02:20.0598 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/11/16 04:02:20.0828 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/11/16 04:02:21.0099 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/11/16 04:02:21.0319 STVqx3 (65ba7d9daca76f67bb5a62f3570c5fe5) C:\WINDOWS\system32\drivers\STVqx3.sys 2010/11/16 04:02:21.0509 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/11/16 04:02:21.0689 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/11/16 04:02:22.0130 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/11/16 04:02:22.0400 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/11/16 04:02:22.0641 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/11/16 04:02:22.0811 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/11/16 04:02:22.0891 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/11/16 04:02:23.0121 tifmsony (1a406b0a846fe7250e16e05813aef849) C:\WINDOWS\system32\drivers\tifmsony.sys 2010/11/16 04:02:23.0412 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/11/16 04:02:23.0682 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/11/16 04:02:23.0923 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2010/11/16 04:02:24.0163 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/11/16 04:02:24.0363 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/11/16 04:02:24.0483 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/11/16 04:02:24.0694 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2010/11/16 04:02:24.0784 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/11/16 04:02:24.0974 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/11/16 04:02:25.0194 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/11/16 04:02:25.0335 Suspicious service (NoAccess): vbmaf096 2010/11/16 04:02:25.0485 vbmaf096 - detected Locked service (1) 2010/11/16 04:02:25.0595 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/11/16 04:02:25.0855 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/11/16 04:02:26.0096 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/11/16 04:02:26.0226 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/11/16 04:02:26.0576 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/11/16 04:02:26.0707 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/11/16 04:02:26.0907 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/11/16 04:02:27.0117 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/11/16 04:02:27.0638 ================================================================================ 2010/11/16 04:02:27.0638 Scan finished 2010/11/16 04:02:27.0638 ================================================================================ 2010/11/16 04:02:27.0678 Detected object count: 1 2010/11/16 04:02:45.0744 HKLM\SYSTEM\ControlSet003\services\vbmaf096 - will be deleted after reboot 2010/11/16 04:02:45.0774 C:\WINDOWS\system32\drivers\vbmaf096.sys - will be deleted after reboot 2010/11/16 04:02:45.0774 Locked service(vbmaf096) - User select action: Delete -
Thanks for all the replies guys! I think it's interesting that no one OS seems to stick out as definitely the one to go for. It just makes the decision to update that much more difficult! As an aside, I was talking to a Mac user this morning who could not understand how anyone suffers ANY Microsoft OS !!
-
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Hi again - sorry about the delay! Yes please, as soon as I have the caddy which will (hopefully) allow me to run any checks easily, which should be about one week from today, I would appreciate your help. Until then I've attached the TDSSKiller log as requested. As far as I could tell it did delete the file it found. Thanks as always. 2010/11/11 02:55:27.0766 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/11 02:55:27.0766 ================================================================================ 2010/11/11 02:55:27.0766 SystemInfo: 2010/11/11 02:55:27.0766 2010/11/11 02:55:27.0766 OS Version: 5.1.2600 ServicePack: 3.0 2010/11/11 02:55:27.0766 Product type: Workstation 2010/11/11 02:55:27.0766 ComputerName: WILL-88D4C38501 2010/11/11 02:55:27.0766 UserName: user 2010/11/11 02:55:27.0766 Windows directory: C:\WINDOWS 2010/11/11 02:55:27.0766 System windows directory: C:\WINDOWS 2010/11/11 02:55:27.0766 Processor architecture: Intel x86 2010/11/11 02:55:27.0766 Number of processors: 1 2010/11/11 02:55:27.0766 Page size: 0x1000 2010/11/11 02:55:27.0766 Boot type: Normal boot 2010/11/11 02:55:27.0766 ================================================================================ 2010/11/11 02:55:28.0376 Initialize success 2010/11/11 02:55:42.0747 ================================================================================ 2010/11/11 02:55:42.0747 Scan started 2010/11/11 02:55:42.0747 Mode: Manual; 2010/11/11 02:55:42.0747 ================================================================================ 2010/11/11 02:55:45.0491 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 2010/11/11 02:55:45.0821 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/11/11 02:55:46.0142 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/11/11 02:55:46.0412 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/11/11 02:55:46.0613 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/11/11 02:55:47.0013 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS 2010/11/11 02:55:47.0264 ALCXWDM (098a05b3dafb1244ada120b80758bda5) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2010/11/11 02:55:47.0504 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys 2010/11/11 02:55:47.0714 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/11/11 02:55:47.0945 ApfiltrService (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/11/11 02:55:48.0195 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2010/11/11 02:55:48.0646 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys 2010/11/11 02:55:48.0876 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/11/11 02:55:49.0096 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/11/11 02:55:49.0407 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2010/11/11 02:55:49.0617 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/11/11 02:55:49.0747 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/11/11 02:55:49.0987 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 2010/11/11 02:55:50.0288 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys 2010/11/11 02:55:50.0518 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2010/11/11 02:55:50.0729 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys 2010/11/11 02:55:50.0929 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/11/11 02:55:51.0079 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2010/11/11 02:55:51.0279 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 2010/11/11 02:55:51.0470 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2010/11/11 02:55:51.0680 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys 2010/11/11 02:55:51.0870 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2010/11/11 02:55:52.0010 caboagp (10d5fb74ee18ea49c30daaa203c0e0ec) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys 2010/11/11 02:55:52.0271 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys 2010/11/11 02:55:52.0471 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/11/11 02:55:52.0671 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/11/11 02:55:52.0902 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/11/11 02:55:53.0102 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/11/11 02:55:53.0312 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/11/11 02:55:53.0653 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/11/11 02:55:53.0773 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/11/11 02:55:54.0143 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/11/11 02:55:54.0384 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2010/11/11 02:55:54.0574 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys 2010/11/11 02:55:54.0684 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2010/11/11 02:55:54.0885 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/11/11 02:55:55.0055 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/11/11 02:55:55.0355 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/11/11 02:55:55.0626 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/11/11 02:55:55.0816 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/11/11 02:55:56.0146 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2010/11/11 02:55:56.0357 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/11/11 02:55:56.0537 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/11/11 02:55:56.0737 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/11/11 02:55:56.0857 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/11/11 02:55:57.0088 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/11/11 02:55:57.0328 HidBth (7bd2de4c85eb4241eed57672b16a7d8d) C:\WINDOWS\system32\DRIVERS\hidbth.sys 2010/11/11 02:55:57.0558 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/11/11 02:55:57.0799 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2010/11/11 02:55:57.0989 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2010/11/11 02:55:58.0149 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2010/11/11 02:55:58.0249 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/11/11 02:55:58.0550 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/11/11 02:55:58.0750 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/11/11 02:55:58.0990 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/11/11 02:55:59.0161 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/11/11 02:55:59.0241 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/11/11 02:55:59.0431 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/11/11 02:55:59.0631 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/11/11 02:55:59.0822 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/11/11 02:56:00.0032 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/11/11 02:56:00.0112 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/11/11 02:56:00.0342 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/11/11 02:56:00.0392 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/11/11 02:56:00.0533 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/11/11 02:56:00.0733 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/11/11 02:56:01.0093 LEX_AS_NIC_SERVICE_YNOS (dd8bcb380aa2a8bca9fd613e3e2c23c0) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 2010/11/11 02:56:01.0334 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2010/11/11 02:56:01.0584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/11/11 02:56:01.0684 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2010/11/11 02:56:01.0855 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/11/11 02:56:01.0945 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/11/11 02:56:02.0195 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/11/11 02:56:02.0335 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/11/11 02:56:02.0566 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/11/11 02:56:02.0806 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 2010/11/11 02:56:02.0876 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/11/11 02:56:03.0166 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/11/11 02:56:03.0397 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/11/11 02:56:03.0447 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/11/11 02:56:03.0637 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/11/11 02:56:03.0817 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/11/11 02:56:03.0897 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/11/11 02:56:04.0128 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/11/11 02:56:04.0348 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/11/11 02:56:04.0528 ndiscm (b797ee2ef919c95561dee78b72b33e5b) C:\WINDOWS\system32\DRIVERS\NetMotCM.sys 2010/11/11 02:56:04.0749 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/11/11 02:56:04.0799 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/11/11 02:56:04.0889 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/11/11 02:56:05.0239 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/11/11 02:56:05.0430 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/11/11 02:56:05.0490 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/11/11 02:56:05.0680 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/11/11 02:56:05.0810 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2010/11/11 02:56:06.0101 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/11/11 02:56:06.0211 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/11/11 02:56:06.0451 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/11/11 02:56:06.0551 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/11/11 02:56:06.0712 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/11/11 02:56:06.0802 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 2010/11/11 02:56:07.0022 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 2010/11/11 02:56:07.0202 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 2010/11/11 02:56:07.0312 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys 2010/11/11 02:56:07.0523 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2010/11/11 02:56:07.0593 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/11/11 02:56:07.0783 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/11/11 02:56:07.0893 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/11/11 02:56:08.0154 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/11/11 02:56:08.0484 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/11/11 02:56:09.0145 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/11/11 02:56:09.0345 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/11/11 02:56:09.0445 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/11/11 02:56:09.0836 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/11/11 02:56:09.0936 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/11/11 02:56:10.0227 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/11/11 02:56:10.0427 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/11/11 02:56:10.0537 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/11/11 02:56:10.0707 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/11/11 02:56:10.0827 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/11/11 02:56:11.0058 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/11/11 02:56:11.0258 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/11/11 02:56:11.0348 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2010/11/11 02:56:11.0548 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2010/11/11 02:56:11.0799 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys 2010/11/11 02:56:12.0049 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys 2010/11/11 02:56:12.0260 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys 2010/11/11 02:56:12.0480 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/11/11 02:56:12.0670 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 2010/11/11 02:56:12.0770 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/11/11 02:56:13.0081 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/11/11 02:56:13.0301 SNC (1a992c8136c015453e82041c35b299da) C:\WINDOWS\system32\DRIVERS\SonyNC.sys 2010/11/11 02:56:13.0451 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/11/11 02:56:13.0672 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/11/11 02:56:13.0882 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/11/11 02:56:14.0162 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/11/11 02:56:14.0383 STVqx3 (65ba7d9daca76f67bb5a62f3570c5fe5) C:\WINDOWS\system32\drivers\STVqx3.sys 2010/11/11 02:56:14.0573 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/11/11 02:56:14.0763 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/11/11 02:56:15.0164 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/11/11 02:56:15.0414 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/11/11 02:56:15.0624 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/11/11 02:56:15.0785 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/11/11 02:56:15.0885 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/11/11 02:56:16.0205 tifmsony (1a406b0a846fe7250e16e05813aef849) C:\WINDOWS\system32\drivers\tifmsony.sys 2010/11/11 02:56:16.0425 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/11/11 02:56:16.0716 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/11/11 02:56:16.0956 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2010/11/11 02:56:17.0157 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/11/11 02:56:17.0267 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/11/11 02:56:17.0447 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/11/11 02:56:17.0637 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2010/11/11 02:56:17.0747 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/11/11 02:56:17.0938 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/11/11 02:56:18.0178 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/11/11 02:56:18.0298 Suspicious service (NoAccess): vbmaf096 2010/11/11 02:56:18.0448 vbmaf096 - detected Locked service (1) 2010/11/11 02:56:18.0529 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/11/11 02:56:18.0759 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/11/11 02:56:18.0959 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/11/11 02:56:19.0079 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/11/11 02:56:19.0400 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/11/11 02:56:19.0510 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/11/11 02:56:19.0700 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/11/11 02:56:19.0890 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/11/11 02:56:20.0421 ================================================================================ 2010/11/11 02:56:20.0421 Scan finished 2010/11/11 02:56:20.0421 ================================================================================ 2010/11/11 02:56:20.0451 Detected object count: 1 2010/11/11 02:56:49.0864 HKLM\SYSTEM\ControlSet003\services\vbmaf096 - will be deleted after reboot 2010/11/11 02:56:49.0894 C:\WINDOWS\system32\drivers\vbmaf096.sys - will be deleted after reboot 2010/11/11 02:56:49.0894 Locked service(vbmaf096) - User select action: Delete -
For many years I have stuck with XP and cursed Vista - I even bought a new laptop and immediately converted from Vista to XP (not without a lot of driver hassle!). My father-in-law's new laptop came with Windows 7, and I swore I would hate it. After a couple of hours od messing about, deleting bloatware and installing AVG, I have to admit I was finding my way around easily, and it actually felt quite a positive experience! Am I finally going to convert to a new OS I wonder??
-
MBAM Runtime error 372 - help please
steve jones replied to steve jones's topic in Resolved Malware Removal Logs
Oops - sorry about that! -
Where can I download AVG Free 9.5?
steve jones replied to steve jones's topic in General Windows PC Help
Thanx for the advice Yardbird! As a matter of interest, Filehippo only seemed to offer the 2011 version, so I Googled 'Old AVG files' (I think it was that) and got a site which seemed to have old AVG's going back to AVG 8!. I got 9.0 no problem and it seems to work fine. Thanks again all.