Jump to content

psa188

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by psa188

  1. Did it. Here's the new TDSSKiller log: 18:53:19.0125 1456 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43 18:53:20.0000 1456 ============================================================ 18:53:20.0000 1456 Current date / time: 2011/09/29 18:53:20.0000 18:53:20.0000 1456 SystemInfo: 18:53:20.0000 1456 18:53:20.0000 1456 OS Version: 5.1.2600 ServicePack: 3.0 18:53:20.0000 1456 Product type: Workstation 18:53:20.0000 1456 ComputerName: LAPTOP 18:53:20.0000 1456 UserName: Thanh 'Vivien' 18:53:20.0000 1456 Windows directory: C:\WINDOWS 18:53:20.0000 1456 System windows directory: C:\WINDOWS 18:53:20.0000 1456 Processor architecture: Intel x86 18:53:20.0000 1456 Number of processors: 1 18:53:20.0000 1456 Page size: 0x1000 18:53:20.0000 1456 Boot type: Safe boot with network 18:53:20.0000 1456 ============================================================ 18:53:21.0593 1456 Initialize success 18:53:24.0968 1768 ============================================================ 18:53:24.0968 1768 Scan started 18:53:24.0968 1768 Mode: Manual; 18:53:24.0968 1768 ============================================================ 18:53:26.0468 1768 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe 18:53:27.0437 1768 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b 18:53:27.0437 1768 1cf6efbe ( HiddenFile.Multi.Generic ) - warning 18:53:27.0437 1768 1cf6efbe - detected HiddenFile.Multi.Generic (1) 18:53:27.0593 1768 Abiosdsk - ok 18:53:27.0656 1768 abp480n5 - ok 18:53:27.0781 1768 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 18:53:27.0781 1768 ACPI - ok 18:53:27.0859 1768 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 18:53:27.0875 1768 ACPIEC - ok 18:53:27.0921 1768 adpu160m - ok 18:53:28.0015 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 18:53:28.0015 1768 aec - ok 18:53:28.0218 1768 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 18:53:28.0218 1768 AFD - ok 18:53:28.0281 1768 Aha154x - ok 18:53:28.0375 1768 aic78u2 - ok 18:53:28.0437 1768 aic78xx - ok 18:53:28.0546 1768 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 18:53:28.0546 1768 AliIde - ok 18:53:28.0609 1768 amsint - ok 18:53:28.0828 1768 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 18:53:28.0828 1768 Arp1394 - ok 18:53:28.0890 1768 asc - ok 18:53:28.0953 1768 asc3350p - ok 18:53:29.0031 1768 asc3550 - ok 18:53:29.0156 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 18:53:29.0156 1768 AsyncMac - ok 18:53:29.0234 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 18:53:29.0234 1768 atapi - ok 18:53:29.0390 1768 Atdisk - ok 18:53:29.0500 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 18:53:29.0515 1768 Atmarpc - ok 18:53:29.0625 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 18:53:29.0625 1768 audstub - ok 18:53:29.0734 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 18:53:29.0750 1768 Beep - ok 18:53:29.0843 1768 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys 18:53:29.0859 1768 CAMCAUD - ok 18:53:30.0062 1768 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys 18:53:30.0078 1768 CAMCHALA - ok 18:53:30.0171 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 18:53:30.0187 1768 cbidf2k - ok 18:53:30.0250 1768 cd20xrnt - ok 18:53:30.0359 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 18:53:30.0359 1768 Cdaudio - ok 18:53:30.0468 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 18:53:30.0468 1768 Cdfs - ok 18:53:30.0515 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 18:53:30.0515 1768 Cdrom - ok 18:53:30.0703 1768 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys 18:53:30.0703 1768 cfwids - ok 18:53:30.0765 1768 Changer - ok 18:53:30.0875 1768 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 18:53:30.0875 1768 CmBatt - ok 18:53:30.0921 1768 CmdIde - ok 18:53:31.0046 1768 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 18:53:31.0046 1768 Compbatt - ok 18:53:31.0140 1768 Cpqarray - ok 18:53:31.0281 1768 dac2w2k - ok 18:53:31.0359 1768 dac960nt - ok 18:53:31.0437 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 18:53:31.0437 1768 Disk - ok 18:53:31.0546 1768 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 18:53:31.0546 1768 dmboot - ok 18:53:31.0640 1768 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 18:53:31.0640 1768 dmio - ok 18:53:31.0765 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 18:53:31.0765 1768 dmload - ok 18:53:31.0937 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 18:53:31.0937 1768 DMusic - ok 18:53:32.0015 1768 dpti2o - ok 18:53:32.0125 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 18:53:32.0125 1768 drmkaud - ok 18:53:32.0234 1768 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys 18:53:32.0234 1768 eabfiltr - ok 18:53:32.0343 1768 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys 18:53:32.0359 1768 eabusb - ok 18:53:32.0484 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 18:53:32.0500 1768 Fastfat - ok 18:53:32.0687 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 18:53:32.0687 1768 Fdc - ok 18:53:32.0875 1768 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys 18:53:32.0875 1768 FileMonitor - ok 18:53:33.0015 1768 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 18:53:33.0015 1768 Fips - ok 18:53:33.0093 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 18:53:33.0093 1768 Flpydisk - ok 18:53:33.0171 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 18:53:33.0187 1768 FltMgr - ok 18:53:33.0390 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 18:53:33.0390 1768 Fs_Rec - ok 18:53:33.0468 1768 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 18:53:33.0468 1768 Ftdisk - ok 18:53:33.0562 1768 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys 18:53:33.0578 1768 ggflt - ok 18:53:33.0687 1768 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys 18:53:33.0687 1768 ggsemc - ok 18:53:33.0796 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 18:53:33.0796 1768 Gpc - ok 18:53:33.0906 1768 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 18:53:33.0906 1768 HidUsb - ok 18:53:34.0046 1768 hpn - ok 18:53:34.0187 1768 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 18:53:34.0187 1768 HSFHWICH - ok 18:53:34.0343 1768 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 18:53:34.0359 1768 HSF_DP - ok 18:53:34.0468 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 18:53:34.0484 1768 HTTP - ok 18:53:34.0562 1768 i2omgmt - ok 18:53:34.0703 1768 i2omp - ok 18:53:34.0781 1768 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 18:53:34.0781 1768 i8042prt - ok 18:53:34.0921 1768 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 18:53:34.0937 1768 ialm - ok 18:53:35.0000 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 18:53:35.0015 1768 Imapi - ok 18:53:35.0140 1768 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys 18:53:35.0140 1768 InCDfs - ok 18:53:35.0203 1768 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys 18:53:35.0203 1768 InCDPass - ok 18:53:35.0375 1768 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys 18:53:35.0375 1768 InCDrec - ok 18:53:35.0453 1768 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys 18:53:35.0453 1768 incdrm - ok 18:53:35.0546 1768 ini910u - ok 18:53:35.0640 1768 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 18:53:35.0640 1768 IntelIde - ok 18:53:35.0718 1768 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 18:53:35.0718 1768 intelppm - ok 18:53:35.0812 1768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 18:53:35.0812 1768 Ip6Fw - ok 18:53:35.0921 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 18:53:35.0921 1768 IpFilterDriver - ok 18:53:36.0046 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 18:53:36.0046 1768 IpInIp - ok 18:53:36.0140 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 18:53:36.0140 1768 IpNat - ok 18:53:36.0250 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 18:53:36.0250 1768 IPSec - ok 18:53:36.0390 1768 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys 18:53:36.0390 1768 IPVNMon - ok 18:53:36.0484 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 18:53:36.0484 1768 IRENUM - ok 18:53:36.0609 1768 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 18:53:36.0609 1768 isapnp - ok 18:53:36.0750 1768 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys 18:53:36.0765 1768 Iviaspi - ok 18:53:36.0859 1768 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 18:53:36.0859 1768 Kbdclass - ok 18:53:36.0921 1768 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 18:53:36.0921 1768 kbdhid - ok 18:53:37.0031 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 18:53:37.0046 1768 kmixer - ok 18:53:37.0140 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 18:53:37.0140 1768 KSecDD - ok 18:53:37.0312 1768 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys 18:53:37.0312 1768 Lbd - ok 18:53:37.0406 1768 lbrtfdc - ok 18:53:37.0640 1768 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys 18:53:37.0640 1768 MDC8021X - ok 18:53:37.0734 1768 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 18:53:37.0734 1768 mdmxsdk - ok 18:53:37.0843 1768 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys 18:53:37.0843 1768 mfeapfk - ok 18:53:37.0953 1768 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys 18:53:37.0953 1768 mfeavfk - ok 18:53:38.0031 1768 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys 18:53:38.0031 1768 mfebopk - ok 18:53:38.0203 1768 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys 18:53:38.0203 1768 mfefirek - ok 18:53:38.0281 1768 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys 18:53:38.0296 1768 mfehidk - ok 18:53:38.0453 1768 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 18:53:38.0453 1768 mfendisk - ok 18:53:38.0468 1768 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 18:53:38.0468 1768 mfendiskmp - ok 18:53:38.0609 1768 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys 18:53:38.0609 1768 mferkdet - ok 18:53:38.0703 1768 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 18:53:38.0703 1768 mferkdk - ok 18:53:38.0890 1768 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 18:53:38.0890 1768 mfesmfk - ok 18:53:38.0984 1768 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys 18:53:38.0984 1768 mfetdi2k - ok 18:53:39.0156 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 18:53:39.0156 1768 mnmdd - ok 18:53:39.0265 1768 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 18:53:39.0265 1768 Modem - ok 18:53:39.0375 1768 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 18:53:39.0375 1768 Mouclass - ok 18:53:39.0515 1768 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 18:53:39.0515 1768 mouhid - ok 18:53:39.0593 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 18:53:39.0593 1768 MountMgr - ok 18:53:39.0656 1768 mraid35x - ok 18:53:39.0734 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 18:53:39.0734 1768 MRxDAV - ok 18:53:39.0875 1768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 18:53:39.0890 1768 MRxSmb - ok 18:53:40.0031 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 18:53:40.0046 1768 Msfs - ok 18:53:40.0203 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 18:53:40.0203 1768 MSKSSRV - ok 18:53:40.0312 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 18:53:40.0312 1768 MSPCLOCK - ok 18:53:40.0406 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 18:53:40.0406 1768 MSPQM - ok 18:53:40.0484 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 18:53:40.0484 1768 mssmbios - ok 18:53:40.0593 1768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 18:53:40.0609 1768 Mup - ok 18:53:40.0671 1768 NAVAP - ok 18:53:40.0687 1768 NAVAPEL - ok 18:53:40.0781 1768 NAVENG - ok 18:53:40.0796 1768 NAVEX15 - ok 18:53:40.0984 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 18:53:40.0984 1768 NDIS - ok 18:53:41.0109 1768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 18:53:41.0109 1768 NdisTapi - ok 18:53:41.0156 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 18:53:41.0156 1768 Ndisuio - ok 18:53:41.0234 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:53:41.0234 1768 NdisWan - ok 18:53:41.0375 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 18:53:41.0375 1768 NDProxy - ok 18:53:41.0437 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 18:53:41.0437 1768 NetBIOS - ok 18:53:41.0640 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 18:53:41.0640 1768 NetBT - ok 18:53:41.0750 1768 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 18:53:41.0750 1768 NIC1394 - ok 18:53:41.0843 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 18:53:41.0843 1768 Npfs - ok 18:53:41.0921 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 18:53:41.0937 1768 Ntfs - ok 18:53:42.0046 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 18:53:42.0062 1768 Null - ok 18:53:42.0156 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 18:53:42.0156 1768 NwlnkFlt - ok 18:53:42.0343 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 18:53:42.0359 1768 NwlnkFwd - ok 18:53:42.0468 1768 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 18:53:42.0468 1768 ohci1394 - ok 18:53:42.0578 1768 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 18:53:42.0593 1768 Parport - ok 18:53:42.0671 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 18:53:42.0671 1768 PartMgr - ok 18:53:42.0765 1768 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 18:53:42.0765 1768 ParVdm - ok 18:53:42.0828 1768 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 18:53:42.0828 1768 PCI - ok 18:53:42.0984 1768 PCIDump - ok 18:53:43.0078 1768 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 18:53:43.0078 1768 PCIIde - ok 18:53:43.0187 1768 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 18:53:43.0187 1768 Pcmcia - ok 18:53:43.0250 1768 PDCOMP - ok 18:53:43.0359 1768 PDFRAME - ok 18:53:43.0421 1768 PDRELI - ok 18:53:43.0500 1768 PDRFRAME - ok 18:53:43.0640 1768 perc2 - ok 18:53:43.0718 1768 perc2hib - ok 18:53:43.0859 1768 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 18:53:43.0859 1768 Pfc - ok 18:53:43.0968 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 18:53:43.0968 1768 PptpMiniport - ok 18:53:44.0062 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 18:53:44.0062 1768 PSched - ok 18:53:44.0203 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 18:53:44.0203 1768 Ptilink - ok 18:53:44.0406 1768 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys 18:53:44.0406 1768 PxHelp20 - ok 18:53:44.0468 1768 ql1080 - ok 18:53:44.0531 1768 Ql10wnt - ok 18:53:44.0593 1768 ql12160 - ok 18:53:44.0656 1768 ql1240 - ok 18:53:44.0734 1768 ql1280 - ok 18:53:44.0828 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 18:53:44.0828 1768 RasAcd - ok 18:53:44.0984 1768 Rasirda - ok 18:53:45.0093 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 18:53:45.0093 1768 Rasl2tp - ok 18:53:45.0171 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 18:53:45.0171 1768 RasPppoe - ok 18:53:45.0250 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 18:53:45.0250 1768 Raspti - ok 18:53:45.0343 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 18:53:45.0359 1768 Rdbss - ok 18:53:45.0468 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 18:53:45.0468 1768 RDPCDD - ok 18:53:45.0671 1768 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 18:53:45.0687 1768 RDPWD - ok 18:53:45.0812 1768 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 18:53:45.0812 1768 redbook - ok 18:53:46.0000 1768 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys 18:53:46.0000 1768 RegFilter - ok 18:53:46.0156 1768 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 18:53:46.0171 1768 RTL8023xp - ok 18:53:46.0296 1768 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 18:53:46.0296 1768 sdbus - ok 18:53:46.0390 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 18:53:46.0390 1768 Secdrv - ok 18:53:46.0546 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 18:53:46.0562 1768 serenum - ok 18:53:46.0671 1768 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 18:53:46.0671 1768 Serial - ok 18:53:46.0812 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 18:53:46.0812 1768 Sfloppy - ok 18:53:46.0890 1768 Simbad - ok 18:53:46.0984 1768 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys 18:53:47.0000 1768 SMCIRDA - ok 18:53:47.0093 1768 Sparrow - ok 18:53:47.0265 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 18:53:47.0265 1768 splitter - ok 18:53:47.0406 1768 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 18:53:47.0406 1768 sr - ok 18:53:47.0531 1768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 18:53:47.0531 1768 Srv - ok 18:53:47.0609 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 18:53:47.0609 1768 swenum - ok 18:53:47.0671 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 18:53:47.0671 1768 swmidi - ok 18:53:47.0781 1768 symc810 - ok 18:53:47.0921 1768 symc8xx - ok 18:53:48.0046 1768 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys 18:53:48.0046 1768 symlcbrd - ok 18:53:48.0109 1768 sym_hi - ok 18:53:48.0171 1768 sym_u3 - ok 18:53:48.0296 1768 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys 18:53:48.0296 1768 SynTP - ok 18:53:48.0421 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 18:53:48.0421 1768 sysaudio - ok 18:53:48.0625 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 18:53:48.0625 1768 Tcpip - ok 18:53:48.0718 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 18:53:48.0718 1768 TDPIPE - ok 18:53:48.0812 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 18:53:48.0812 1768 TDTCP - ok 18:53:48.0875 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 18:53:48.0890 1768 TermDD - ok 18:53:49.0000 1768 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys 18:53:49.0000 1768 tifm21 - ok 18:53:49.0078 1768 TosIde - ok 18:53:49.0281 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 18:53:49.0296 1768 Udfs - ok 18:53:49.0375 1768 ultra - ok 18:53:49.0468 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 18:53:49.0484 1768 Update - ok 18:53:49.0687 1768 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys 18:53:49.0687 1768 UrlFilter - ok 18:53:49.0765 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 18:53:49.0781 1768 usbccgp - ok 18:53:49.0859 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 18:53:49.0859 1768 usbehci - ok 18:53:50.0046 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 18:53:50.0046 1768 usbhub - ok 18:53:50.0093 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 18:53:50.0093 1768 usbprint - ok 18:53:50.0171 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 18:53:50.0171 1768 usbscan - ok 18:53:50.0250 1768 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 18:53:50.0250 1768 USBSTOR - ok 18:53:50.0359 1768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 18:53:50.0359 1768 usbuhci - ok 18:53:50.0421 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 18:53:50.0437 1768 VgaSave - ok 18:53:50.0609 1768 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 18:53:50.0609 1768 ViaIde - ok 18:53:50.0687 1768 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 18:53:50.0687 1768 VolSnap - ok 18:53:50.0890 1768 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys 18:53:50.0953 1768 w29n51 - ok 18:53:51.0031 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:53:51.0031 1768 Wanarp - ok 18:53:51.0125 1768 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 18:53:51.0140 1768 Wdf01000 - ok 18:53:51.0281 1768 WDICA - ok 18:53:51.0421 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 18:53:51.0421 1768 wdmaud - ok 18:53:51.0562 1768 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 18:53:51.0578 1768 winachsf - ok 18:53:51.0765 1768 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 18:53:51.0765 1768 WmiAcpi - ok 18:53:51.0906 1768 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 18:53:51.0906 1768 WS2IFSL - ok 18:53:52.0109 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 18:53:52.0109 1768 WudfPf - ok 18:53:52.0203 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 18:53:52.0203 1768 WudfRd - ok 18:53:52.0296 1768 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0 18:53:52.0406 1768 \Device\Harddisk0\DR0 - ok 18:53:52.0421 1768 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0 18:53:52.0421 1768 \Device\Harddisk0\DR0\Partition0 - ok 18:53:52.0437 1768 ============================================================ 18:53:52.0437 1768 Scan finished 18:53:52.0437 1768 ============================================================ 18:53:52.0453 0252 Detected object count: 1 18:53:52.0453 0252 Actual detected object count: 1 18:54:06.0984 0252 HKLM\SYSTEM\ControlSet002\services\1cf6efbe - will be deleted on reboot 18:54:07.0015 0252 HKLM\SYSTEM\ControlSet003\services\1cf6efbe - will be deleted on reboot 18:54:07.0031 0252 C:\WINDOWS\3203397148:3809022017.exe - will be deleted on reboot 18:54:07.0031 0252 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Delete 18:54:10.0687 1280 Deinitialize success Unfortunately, dds.scr continutes 18:53:19.0125 1456 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43 18:53:20.0000 1456 ============================================================ 18:53:20.0000 1456 Current date / time: 2011/09/29 18:53:20.0000 18:53:20.0000 1456 SystemInfo: 18:53:20.0000 1456 18:53:20.0000 1456 OS Version: 5.1.2600 ServicePack: 3.0 18:53:20.0000 1456 Product type: Workstation 18:53:20.0000 1456 ComputerName: LAPTOP 18:53:20.0000 1456 UserName: Thanh 'Vivien' 18:53:20.0000 1456 Windows directory: C:\WINDOWS 18:53:20.0000 1456 System windows directory: C:\WINDOWS 18:53:20.0000 1456 Processor architecture: Intel x86 18:53:20.0000 1456 Number of processors: 1 18:53:20.0000 1456 Page size: 0x1000 18:53:20.0000 1456 Boot type: Safe boot with network 18:53:20.0000 1456 ============================================================ 18:53:21.0593 1456 Initialize success 18:53:24.0968 1768 ============================================================ 18:53:24.0968 1768 Scan started 18:53:24.0968 1768 Mode: Manual; 18:53:24.0968 1768 ============================================================ 18:53:26.0468 1768 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe 18:53:27.0437 1768 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b 18:53:27.0437 1768 1cf6efbe ( HiddenFile.Multi.Generic ) - warning 18:53:27.0437 1768 1cf6efbe - detected HiddenFile.Multi.Generic (1) 18:53:27.0593 1768 Abiosdsk - ok 18:53:27.0656 1768 abp480n5 - ok 18:53:27.0781 1768 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 18:53:27.0781 1768 ACPI - ok 18:53:27.0859 1768 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 18:53:27.0875 1768 ACPIEC - ok 18:53:27.0921 1768 adpu160m - ok 18:53:28.0015 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 18:53:28.0015 1768 aec - ok 18:53:28.0218 1768 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 18:53:28.0218 1768 AFD - ok 18:53:28.0281 1768 Aha154x - ok 18:53:28.0375 1768 aic78u2 - ok 18:53:28.0437 1768 aic78xx - ok 18:53:28.0546 1768 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 18:53:28.0546 1768 AliIde - ok 18:53:28.0609 1768 amsint - ok 18:53:28.0828 1768 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 18:53:28.0828 1768 Arp1394 - ok 18:53:28.0890 1768 asc - ok 18:53:28.0953 1768 asc3350p - ok 18:53:29.0031 1768 asc3550 - ok 18:53:29.0156 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 18:53:29.0156 1768 AsyncMac - ok 18:53:29.0234 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 18:53:29.0234 1768 atapi - ok 18:53:29.0390 1768 Atdisk - ok 18:53:29.0500 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 18:53:29.0515 1768 Atmarpc - ok 18:53:29.0625 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 18:53:29.0625 1768 audstub - ok 18:53:29.0734 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 18:53:29.0750 1768 Beep - ok 18:53:29.0843 1768 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys 18:53:29.0859 1768 CAMCAUD - ok 18:53:30.0062 1768 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys 18:53:30.0078 1768 CAMCHALA - ok 18:53:30.0171 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 18:53:30.0187 1768 cbidf2k - ok 18:53:30.0250 1768 cd20xrnt - ok 18:53:30.0359 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 18:53:30.0359 1768 Cdaudio - ok 18:53:30.0468 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 18:53:30.0468 1768 Cdfs - ok 18:53:30.0515 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 18:53:30.0515 1768 Cdrom - ok 18:53:30.0703 1768 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys 18:53:30.0703 1768 cfwids - ok 18:53:30.0765 1768 Changer - ok 18:53:30.0875 1768 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 18:53:30.0875 1768 CmBatt - ok 18:53:30.0921 1768 CmdIde - ok 18:53:31.0046 1768 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 18:53:31.0046 1768 Compbatt - ok 18:53:31.0140 1768 Cpqarray - ok 18:53:31.0281 1768 dac2w2k - ok 18:53:31.0359 1768 dac960nt - ok 18:53:31.0437 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 18:53:31.0437 1768 Disk - ok 18:53:31.0546 1768 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 18:53:31.0546 1768 dmboot - ok 18:53:31.0640 1768 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 18:53:31.0640 1768 dmio - ok 18:53:31.0765 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 18:53:31.0765 1768 dmload - ok 18:53:31.0937 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 18:53:31.0937 1768 DMusic - ok 18:53:32.0015 1768 dpti2o - ok 18:53:32.0125 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 18:53:32.0125 1768 drmkaud - ok 18:53:32.0234 1768 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys 18:53:32.0234 1768 eabfiltr - ok 18:53:32.0343 1768 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys 18:53:32.0359 1768 eabusb - ok 18:53:32.0484 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 18:53:32.0500 1768 Fastfat - ok 18:53:32.0687 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 18:53:32.0687 1768 Fdc - ok 18:53:32.0875 1768 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys 18:53:32.0875 1768 FileMonitor - ok 18:53:33.0015 1768 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 18:53:33.0015 1768 Fips - ok 18:53:33.0093 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 18:53:33.0093 1768 Flpydisk - ok 18:53:33.0171 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 18:53:33.0187 1768 FltMgr - ok 18:53:33.0390 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 18:53:33.0390 1768 Fs_Rec - ok 18:53:33.0468 1768 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 18:53:33.0468 1768 Ftdisk - ok 18:53:33.0562 1768 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys 18:53:33.0578 1768 ggflt - ok 18:53:33.0687 1768 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys 18:53:33.0687 1768 ggsemc - ok 18:53:33.0796 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 18:53:33.0796 1768 Gpc - ok 18:53:33.0906 1768 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 18:53:33.0906 1768 HidUsb - ok 18:53:34.0046 1768 hpn - ok 18:53:34.0187 1768 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 18:53:34.0187 1768 HSFHWICH - ok 18:53:34.0343 1768 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 18:53:34.0359 1768 HSF_DP - ok 18:53:34.0468 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 18:53:34.0484 1768 HTTP - ok 18:53:34.0562 1768 i2omgmt - ok 18:53:34.0703 1768 i2omp - ok 18:53:34.0781 1768 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 18:53:34.0781 1768 i8042prt - ok 18:53:34.0921 1768 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 18:53:34.0937 1768 ialm - ok 18:53:35.0000 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 18:53:35.0015 1768 Imapi - ok 18:53:35.0140 1768 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys 18:53:35.0140 1768 InCDfs - ok 18:53:35.0203 1768 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys 18:53:35.0203 1768 InCDPass - ok 18:53:35.0375 1768 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys 18:53:35.0375 1768 InCDrec - ok 18:53:35.0453 1768 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys 18:53:35.0453 1768 incdrm - ok 18:53:35.0546 1768 ini910u - ok 18:53:35.0640 1768 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 18:53:35.0640 1768 IntelIde - ok 18:53:35.0718 1768 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 18:53:35.0718 1768 intelppm - ok 18:53:35.0812 1768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 18:53:35.0812 1768 Ip6Fw - ok 18:53:35.0921 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 18:53:35.0921 1768 IpFilterDriver - ok 18:53:36.0046 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 18:53:36.0046 1768 IpInIp - ok 18:53:36.0140 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 18:53:36.0140 1768 IpNat - ok 18:53:36.0250 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 18:53:36.0250 1768 IPSec - ok 18:53:36.0390 1768 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys 18:53:36.0390 1768 IPVNMon - ok 18:53:36.0484 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 18:53:36.0484 1768 IRENUM - ok 18:53:36.0609 1768 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 18:53:36.0609 1768 isapnp - ok 18:53:36.0750 1768 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys 18:53:36.0765 1768 Iviaspi - ok 18:53:36.0859 1768 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 18:53:36.0859 1768 Kbdclass - ok 18:53:36.0921 1768 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 18:53:36.0921 1768 kbdhid - ok 18:53:37.0031 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 18:53:37.0046 1768 kmixer - ok 18:53:37.0140 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 18:53:37.0140 1768 KSecDD - ok 18:53:37.0312 1768 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys 18:53:37.0312 1768 Lbd - ok 18:53:37.0406 1768 lbrtfdc - ok 18:53:37.0640 1768 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys 18:53:37.0640 1768 MDC8021X - ok 18:53:37.0734 1768 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 18:53:37.0734 1768 mdmxsdk - ok 18:53:37.0843 1768 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys 18:53:37.0843 1768 mfeapfk - ok 18:53:37.0953 1768 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys 18:53:37.0953 1768 mfeavfk - ok 18:53:38.0031 1768 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys 18:53:38.0031 1768 mfebopk - ok 18:53:38.0203 1768 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys 18:53:38.0203 1768 mfefirek - ok 18:53:38.0281 1768 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys 18:53:38.0296 1768 mfehidk - ok 18:53:38.0453 1768 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 18:53:38.0453 1768 mfendisk - ok 18:53:38.0468 1768 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 18:53:38.0468 1768 mfendiskmp - ok 18:53:38.0609 1768 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys 18:53:38.0609 1768 mferkdet - ok 18:53:38.0703 1768 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 18:53:38.0703 1768 mferkdk - ok 18:53:38.0890 1768 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 18:53:38.0890 1768 mfesmfk - ok 18:53:38.0984 1768 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys 18:53:38.0984 1768 mfetdi2k - ok 18:53:39.0156 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 18:53:39.0156 1768 mnmdd - ok 18:53:39.0265 1768 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 18:53:39.0265 1768 Modem - ok 18:53:39.0375 1768 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 18:53:39.0375 1768 Mouclass - ok 18:53:39.0515 1768 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 18:53:39.0515 1768 mouhid - ok 18:53:39.0593 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 18:53:39.0593 1768 MountMgr - ok 18:53:39.0656 1768 mraid35x - ok 18:53:39.0734 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 18:53:39.0734 1768 MRxDAV - ok 18:53:39.0875 1768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 18:53:39.0890 1768 MRxSmb - ok 18:53:40.0031 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 18:53:40.0046 1768 Msfs - ok 18:53:40.0203 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 18:53:40.0203 1768 MSKSSRV - ok 18:53:40.0312 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 18:53:40.0312 1768 MSPCLOCK - ok 18:53:40.0406 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 18:53:40.0406 1768 MSPQM - ok 18:53:40.0484 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 18:53:40.0484 1768 mssmbios - ok 18:53:40.0593 1768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 18:53:40.0609 1768 Mup - ok 18:53:40.0671 1768 NAVAP - ok 18:53:40.0687 1768 NAVAPEL - ok 18:53:40.0781 1768 NAVENG - ok 18:53:40.0796 1768 NAVEX15 - ok 18:53:40.0984 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 18:53:40.0984 1768 NDIS - ok 18:53:41.0109 1768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 18:53:41.0109 1768 NdisTapi - ok 18:53:41.0156 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 18:53:41.0156 1768 Ndisuio - ok 18:53:41.0234 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:53:41.0234 1768 NdisWan - ok 18:53:41.0375 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 18:53:41.0375 1768 NDProxy - ok 18:53:41.0437 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 18:53:41.0437 1768 NetBIOS - ok 18:53:41.0640 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 18:53:41.0640 1768 NetBT - ok 18:53:41.0750 1768 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 18:53:41.0750 1768 NIC1394 - ok 18:53:41.0843 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 18:53:41.0843 1768 Npfs - ok 18:53:41.0921 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 18:53:41.0937 1768 Ntfs - ok 18:53:42.0046 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 18:53:42.0062 1768 Null - ok 18:53:42.0156 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 18:53:42.0156 1768 NwlnkFlt - ok 18:53:42.0343 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 18:53:42.0359 1768 NwlnkFwd - ok 18:53:42.0468 1768 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 18:53:42.0468 1768 ohci1394 - ok 18:53:42.0578 1768 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 18:53:42.0593 1768 Parport - ok 18:53:42.0671 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 18:53:42.0671 1768 PartMgr - ok 18:53:42.0765 1768 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 18:53:42.0765 1768 ParVdm - ok 18:53:42.0828 1768 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 18:53:42.0828 1768 PCI - ok 18:53:42.0984 1768 PCIDump - ok 18:53:43.0078 1768 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 18:53:43.0078 1768 PCIIde - ok 18:53:43.0187 1768 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 18:53:43.0187 1768 Pcmcia - ok 18:53:43.0250 1768 PDCOMP - ok 18:53:43.0359 1768 PDFRAME - ok 18:53:43.0421 1768 PDRELI - ok 18:53:43.0500 1768 PDRFRAME - ok 18:53:43.0640 1768 perc2 - ok 18:53:43.0718 1768 perc2hib - ok 18:53:43.0859 1768 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 18:53:43.0859 1768 Pfc - ok 18:53:43.0968 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 18:53:43.0968 1768 PptpMiniport - ok 18:53:44.0062 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 18:53:44.0062 1768 PSched - ok 18:53:44.0203 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 18:53:44.0203 1768 Ptilink - ok 18:53:44.0406 1768 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys 18:53:44.0406 1768 PxHelp20 - ok 18:53:44.0468 1768 ql1080 - ok 18:53:44.0531 1768 Ql10wnt - ok 18:53:44.0593 1768 ql12160 - ok 18:53:44.0656 1768 ql1240 - ok 18:53:44.0734 1768 ql1280 - ok 18:53:44.0828 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 18:53:44.0828 1768 RasAcd - ok 18:53:44.0984 1768 Rasirda - ok 18:53:45.0093 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 18:53:45.0093 1768 Rasl2tp - ok 18:53:45.0171 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 18:53:45.0171 1768 RasPppoe - ok 18:53:45.0250 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 18:53:45.0250 1768 Raspti - ok 18:53:45.0343 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 18:53:45.0359 1768 Rdbss - ok 18:53:45.0468 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 18:53:45.0468 1768 RDPCDD - ok 18:53:45.0671 1768 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 18:53:45.0687 1768 RDPWD - ok 18:53:45.0812 1768 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 18:53:45.0812 1768 redbook - ok 18:53:46.0000 1768 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys 18:53:46.0000 1768 RegFilter - ok 18:53:46.0156 1768 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 18:53:46.0171 1768 RTL8023xp - ok 18:53:46.0296 1768 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 18:53:46.0296 1768 sdbus - ok 18:53:46.0390 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 18:53:46.0390 1768 Secdrv - ok 18:53:46.0546 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 18:53:46.0562 1768 serenum - ok 18:53:46.0671 1768 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 18:53:46.0671 1768 Serial - ok 18:53:46.0812 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 18:53:46.0812 1768 Sfloppy - ok 18:53:46.0890 1768 Simbad - ok 18:53:46.0984 1768 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys 18:53:47.0000 1768 SMCIRDA - ok 18:53:47.0093 1768 Sparrow - ok 18:53:47.0265 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 18:53:47.0265 1768 splitter - ok 18:53:47.0406 1768 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 18:53:47.0406 1768 sr - ok 18:53:47.0531 1768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 18:53:47.0531 1768 Srv - ok 18:53:47.0609 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 18:53:47.0609 1768 swenum - ok 18:53:47.0671 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 18:53:47.0671 1768 swmidi - ok 18:53:47.0781 1768 symc810 - ok 18:53:47.0921 1768 symc8xx - ok 18:53:48.0046 1768 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys 18:53:48.0046 1768 symlcbrd - ok 18:53:48.0109 1768 sym_hi - ok 18:53:48.0171 1768 sym_u3 - ok 18:53:48.0296 1768 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys 18:53:48.0296 1768 SynTP - ok 18:53:48.0421 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 18:53:48.0421 1768 sysaudio - ok 18:53:48.0625 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 18:53:48.0625 1768 Tcpip - ok 18:53:48.0718 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 18:53:48.0718 1768 TDPIPE - ok 18:53:48.0812 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 18:53:48.0812 1768 TDTCP - ok 18:53:48.0875 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 18:53:48.0890 1768 TermDD - ok 18:53:49.0000 1768 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys 18:53:49.0000 1768 tifm21 - ok 18:53:49.0078 1768 TosIde - ok 18:53:49.0281 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 18:53:49.0296 1768 Udfs - ok 18:53:49.0375 1768 ultra - ok 18:53:49.0468 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 18:53:49.0484 1768 Update - ok 18:53:49.0687 1768 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys 18:53:49.0687 1768 UrlFilter - ok 18:53:49.0765 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 18:53:49.0781 1768 usbccgp - ok 18:53:49.0859 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 18:53:49.0859 1768 usbehci - ok 18:53:50.0046 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 18:53:50.0046 1768 usbhub - ok 18:53:50.0093 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 18:53:50.0093 1768 usbprint - ok 18:53:50.0171 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 18:53:50.0171 1768 usbscan - ok 18:53:50.0250 1768 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 18:53:50.0250 1768 USBSTOR - ok 18:53:50.0359 1768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 18:53:50.0359 1768 usbuhci - ok 18:53:50.0421 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 18:53:50.0437 1768 VgaSave - ok 18:53:50.0609 1768 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 18:53:50.0609 1768 ViaIde - ok 18:53:50.0687 1768 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 18:53:50.0687 1768 VolSnap - ok 18:53:50.0890 1768 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys 18:53:50.0953 1768 w29n51 - ok 18:53:51.0031 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:53:51.0031 1768 Wanarp - ok 18:53:51.0125 1768 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 18:53:51.0140 1768 Wdf01000 - ok 18:53:51.0281 1768 WDICA - ok 18:53:51.0421 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 18:53:51.0421 1768 wdmaud - ok 18:53:51.0562 1768 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 18:53:51.0578 1768 winachsf - ok 18:53:51.0765 1768 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 18:53:51.0765 1768 WmiAcpi - ok 18:53:51.0906 1768 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 18:53:51.0906 1768 WS2IFSL - ok 18:53:52.0109 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 18:53:52.0109 1768 WudfPf - ok 18:53:52.0203 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 18:53:52.0203 1768 WudfRd - ok 18:53:52.0296 1768 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0 18:53:52.0406 1768 \Device\Harddisk0\DR0 - ok 18:53:52.0421 1768 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0 18:53:52.0421 1768 \Device\Harddisk0\DR0\Partition0 - ok 18:53:52.0437 1768 ============================================================ 18:53:52.0437 1768 Scan finished 18:53:52.0437 1768 ============================================================ 18:53:52.0453 0252 Detected object count: 1 18:53:52.0453 0252 Actual detected object count: 1 18:54:06.0984 0252 HKLM\SYSTEM\ControlSet002\services\1cf6efbe - will be deleted on reboot 18:54:07.0015 0252 HKLM\SYSTEM\ControlSet003\services\1cf6efbe - will be deleted on reboot 18:54:07.0031 0252 C:\WINDOWS\3203397148:3809022017.exe - will be deleted on reboot 18:54:07.0031 0252 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Delete 18:54:10.0687 1280 Deinitialize success Unfortunately, the dds.scr continues to freeze my machine, requiring a power-off restart.
  2. Following up, my computer keeps freezing during the DDS scan. I get a row of around 54 "#s" then it freezes. I'm in safe mode with networking as well.
  3. Thanks. The TDSSKiller log is here: 19:34:27.0906 1400 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43 19:34:29.0921 1400 ============================================================ 19:34:29.0921 1400 Current date / time: 2011/09/28 19:34:29.0921 19:34:29.0921 1400 SystemInfo: 19:34:29.0921 1400 19:34:29.0921 1400 OS Version: 5.1.2600 ServicePack: 3.0 19:34:29.0921 1400 Product type: Workstation 19:34:29.0921 1400 ComputerName: LAPTOP 19:34:29.0921 1400 UserName: Thanh 'Vivien' 19:34:29.0921 1400 Windows directory: C:\WINDOWS 19:34:29.0921 1400 System windows directory: C:\WINDOWS 19:34:29.0921 1400 Processor architecture: Intel x86 19:34:29.0921 1400 Number of processors: 1 19:34:29.0921 1400 Page size: 0x1000 19:34:29.0921 1400 Boot type: Safe boot with network 19:34:29.0921 1400 ============================================================ 19:34:31.0750 1400 Initialize success 19:34:37.0671 0184 ============================================================ 19:34:37.0671 0184 Scan started 19:34:37.0671 0184 Mode: Manual; 19:34:37.0671 0184 ============================================================ 19:34:39.0234 0184 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe 19:34:39.0265 0184 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b 19:34:39.0265 0184 1cf6efbe ( HiddenFile.Multi.Generic ) - warning 19:34:39.0265 0184 1cf6efbe - detected HiddenFile.Multi.Generic (1) 19:34:39.0453 0184 Abiosdsk - ok 19:34:39.0515 0184 abp480n5 - ok 19:34:39.0640 0184 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 19:34:39.0640 0184 ACPI - ok 19:34:39.0718 0184 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 19:34:39.0718 0184 ACPIEC - ok 19:34:39.0796 0184 adpu160m - ok 19:34:39.0921 0184 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 19:34:39.0921 0184 aec - ok 19:34:40.0078 0184 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 19:34:40.0093 0184 AFD - ok 19:34:40.0156 0184 Aha154x - ok 19:34:40.0218 0184 aic78u2 - ok 19:34:40.0281 0184 aic78xx - ok 19:34:40.0390 0184 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 19:34:40.0406 0184 AliIde - ok 19:34:40.0515 0184 amsint - ok 19:34:40.0625 0184 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 19:34:40.0640 0184 Arp1394 - ok 19:34:40.0765 0184 asc - ok 19:34:40.0828 0184 asc3350p - ok 19:34:40.0890 0184 asc3550 - ok 19:34:41.0000 0184 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 19:34:41.0000 0184 AsyncMac - ok 19:34:41.0093 0184 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 19:34:41.0093 0184 atapi - ok 19:34:41.0187 0184 Atdisk - ok 19:34:41.0281 0184 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 19:34:41.0281 0184 Atmarpc - ok 19:34:41.0546 0184 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 19:34:41.0546 0184 audstub - ok 19:34:41.0656 0184 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 19:34:41.0656 0184 Beep - ok 19:34:41.0765 0184 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys 19:34:41.0781 0184 CAMCAUD - ok 19:34:41.0921 0184 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys 19:34:41.0937 0184 CAMCHALA - ok 19:34:42.0031 0184 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 19:34:42.0031 0184 cbidf2k - ok 19:34:42.0171 0184 cd20xrnt - ok 19:34:42.0281 0184 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 19:34:42.0281 0184 Cdaudio - ok 19:34:42.0390 0184 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 19:34:42.0406 0184 Cdfs - ok 19:34:42.0515 0184 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 19:34:42.0515 0184 Cdrom - ok 19:34:42.0609 0184 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys 19:34:42.0609 0184 cfwids - ok 19:34:42.0671 0184 Changer - ok 19:34:42.0843 0184 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 19:34:42.0843 0184 CmBatt - ok 19:34:42.0890 0184 CmdIde - ok 19:34:43.0000 0184 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 19:34:43.0000 0184 Compbatt - ok 19:34:43.0125 0184 Cpqarray - ok 19:34:43.0187 0184 dac2w2k - ok 19:34:43.0250 0184 dac960nt - ok 19:34:43.0328 0184 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 19:34:43.0328 0184 Disk - ok 19:34:43.0578 0184 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 19:34:43.0593 0184 dmboot - ok 19:34:43.0703 0184 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 19:34:43.0703 0184 dmio - ok 19:34:43.0843 0184 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 19:34:43.0843 0184 dmload - ok 19:34:43.0921 0184 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 19:34:43.0921 0184 DMusic - ok 19:34:44.0000 0184 dpti2o - ok 19:34:44.0093 0184 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 19:34:44.0109 0184 drmkaud - ok 19:34:44.0250 0184 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys 19:34:44.0250 0184 eabfiltr - ok 19:34:44.0328 0184 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys 19:34:44.0328 0184 eabusb - ok 19:34:44.0578 0184 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 19:34:44.0578 0184 Fastfat - ok 19:34:44.0656 0184 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 19:34:44.0656 0184 Fdc - ok 19:34:44.0859 0184 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys 19:34:44.0859 0184 FileMonitor - ok 19:34:44.0984 0184 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 19:34:44.0984 0184 Fips - ok 19:34:45.0046 0184 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 19:34:45.0046 0184 Flpydisk - ok 19:34:45.0140 0184 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 19:34:45.0140 0184 FltMgr - ok 19:34:45.0281 0184 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 19:34:45.0281 0184 Fs_Rec - ok 19:34:45.0375 0184 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 19:34:45.0375 0184 Ftdisk - ok 19:34:45.0484 0184 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys 19:34:45.0500 0184 ggflt - ok 19:34:45.0640 0184 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys 19:34:45.0656 0184 ggsemc - ok 19:34:45.0781 0184 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 19:34:45.0781 0184 Gpc - ok 19:34:45.0890 0184 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 19:34:45.0890 0184 HidUsb - ok 19:34:46.0000 0184 hpn - ok 19:34:46.0125 0184 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 19:34:46.0125 0184 HSFHWICH - ok 19:34:46.0234 0184 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 19:34:46.0265 0184 HSF_DP - ok 19:34:46.0421 0184 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 19:34:46.0437 0184 HTTP - ok 19:34:46.0500 0184 i2omgmt - ok 19:34:46.0593 0184 i2omp - ok 19:34:46.0687 0184 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 19:34:46.0687 0184 i8042prt - ok 19:34:46.0828 0184 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 19:34:46.0843 0184 ialm - ok 19:34:46.0921 0184 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 19:34:46.0921 0184 Imapi - ok 19:34:47.0078 0184 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys 19:34:47.0093 0184 InCDfs - ok 19:34:47.0140 0184 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys 19:34:47.0140 0184 InCDPass - ok 19:34:47.0234 0184 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys 19:34:47.0234 0184 InCDrec - ok 19:34:47.0296 0184 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys 19:34:47.0296 0184 incdrm - ok 19:34:47.0406 0184 ini910u - ok 19:34:47.0531 0184 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 19:34:47.0531 0184 IntelIde - ok 19:34:47.0593 0184 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 19:34:47.0593 0184 intelppm - ok 19:34:47.0718 0184 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 19:34:47.0718 0184 Ip6Fw - ok 19:34:47.0828 0184 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 19:34:47.0828 0184 IpFilterDriver - ok 19:34:47.0937 0184 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 19:34:47.0937 0184 IpInIp - ok 19:34:48.0046 0184 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 19:34:48.0062 0184 IpNat - ok 19:34:48.0156 0184 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 19:34:48.0156 0184 IPSec - ok 19:34:48.0265 0184 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys 19:34:48.0265 0184 IPVNMon - ok 19:34:48.0390 0184 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 19:34:48.0390 0184 IRENUM - ok 19:34:48.0484 0184 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 19:34:48.0500 0184 isapnp - ok 19:34:48.0640 0184 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys 19:34:48.0640 0184 Iviaspi - ok 19:34:48.0734 0184 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 19:34:48.0734 0184 Kbdclass - ok 19:34:48.0796 0184 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 19:34:48.0796 0184 kbdhid - ok 19:34:48.0890 0184 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 19:34:48.0890 0184 kmixer - ok 19:34:49.0015 0184 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 19:34:49.0031 0184 KSecDD - ok 19:34:49.0250 0184 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys 19:34:49.0250 0184 Lbd - ok 19:34:49.0437 0184 lbrtfdc - ok 19:34:49.0656 0184 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys 19:34:49.0656 0184 MDC8021X - ok 19:34:49.0765 0184 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 19:34:49.0765 0184 mdmxsdk - ok 19:34:49.0859 0184 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys 19:34:49.0875 0184 mfeapfk - ok 19:34:49.0953 0184 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys 19:34:49.0953 0184 mfeavfk - ok 19:34:50.0140 0184 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys 19:34:50.0140 0184 mfebopk - ok 19:34:50.0265 0184 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys 19:34:50.0265 0184 mfefirek - ok 19:34:50.0359 0184 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys 19:34:50.0359 0184 mfehidk - ok 19:34:50.0468 0184 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 19:34:50.0468 0184 mfendisk - ok 19:34:50.0484 0184 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 19:34:50.0484 0184 mfendiskmp - ok 19:34:50.0609 0184 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys 19:34:50.0609 0184 mferkdet - ok 19:34:50.0796 0184 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 19:34:50.0796 0184 mferkdk - ok 19:34:50.0921 0184 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys 19:34:50.0921 0184 mfesmfk - ok 19:34:51.0015 0184 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys 19:34:51.0015 0184 mfetdi2k - ok 19:34:51.0125 0184 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 19:34:51.0125 0184 mnmdd - ok 19:34:51.0234 0184 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 19:34:51.0234 0184 Modem - ok 19:34:51.0437 0184 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 19:34:51.0437 0184 Mouclass - ok 19:34:51.0515 0184 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 19:34:51.0515 0184 mouhid - ok 19:34:51.0578 0184 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 19:34:51.0578 0184 MountMgr - ok 19:34:51.0640 0184 mraid35x - ok 19:34:51.0734 0184 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 19:34:51.0750 0184 MRxDAV - ok 19:34:51.0890 0184 MRxSmb (ee34615ff9d99612d41354bedd0ce11e) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 19:34:51.0890 0184 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: ee34615ff9d99612d41354bedd0ce11e, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 19:34:51.0890 0184 MRxSmb ( Rootkit.Win32.ZAccess.e ) - infected 19:34:51.0890 0184 MRxSmb - detected Rootkit.Win32.ZAccess.e (0) 19:34:52.0109 0184 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 19:34:52.0109 0184 Msfs - ok 19:34:52.0203 0184 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 19:34:52.0218 0184 MSKSSRV - ok 19:34:52.0296 0184 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 19:34:52.0296 0184 MSPCLOCK - ok 19:34:52.0375 0184 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 19:34:52.0375 0184 MSPQM - ok 19:34:52.0484 0184 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 19:34:52.0484 0184 mssmbios - ok 19:34:52.0593 0184 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 19:34:52.0593 0184 Mup - ok 19:34:52.0671 0184 NAVAP - ok 19:34:52.0687 0184 NAVAPEL - ok 19:34:52.0781 0184 NAVENG - ok 19:34:52.0796 0184 NAVEX15 - ok 19:34:53.0015 0184 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 19:34:53.0015 0184 NDIS - ok 19:34:53.0125 0184 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 19:34:53.0125 0184 NdisTapi - ok 19:34:53.0187 0184 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 19:34:53.0187 0184 Ndisuio - ok 19:34:53.0265 0184 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 19:34:53.0265 0184 NdisWan - ok 19:34:53.0343 0184 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 19:34:53.0343 0184 NDProxy - ok 19:34:53.0421 0184 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 19:34:53.0421 0184 NetBIOS - ok 19:34:53.0609 0184 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 19:34:53.0609 0184 NetBT - ok 19:34:53.0718 0184 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 19:34:53.0718 0184 NIC1394 - ok 19:34:53.0796 0184 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 19:34:53.0812 0184 Npfs - ok 19:34:53.0906 0184 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 19:34:53.0921 0184 Ntfs - ok 19:34:54.0031 0184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 19:34:54.0031 0184 Null - ok 19:34:54.0125 0184 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 19:34:54.0125 0184 NwlnkFlt - ok 19:34:54.0343 0184 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 19:34:54.0343 0184 NwlnkFwd - ok 19:34:54.0546 0184 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 19:34:54.0546 0184 ohci1394 - ok 19:34:54.0671 0184 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 19:34:54.0671 0184 Parport - ok 19:34:54.0765 0184 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 19:34:54.0765 0184 PartMgr - ok 19:34:54.0859 0184 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 19:34:54.0859 0184 ParVdm - ok 19:34:55.0031 0184 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 19:34:55.0031 0184 PCI - ok 19:34:55.0093 0184 PCIDump - ok 19:34:55.0171 0184 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 19:34:55.0171 0184 PCIIde - ok 19:34:55.0296 0184 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 19:34:55.0296 0184 Pcmcia - ok 19:34:55.0359 0184 PDCOMP - ok 19:34:55.0437 0184 PDFRAME - ok 19:34:55.0500 0184 PDRELI - ok 19:34:55.0671 0184 PDRFRAME - ok 19:34:55.0734 0184 perc2 - ok 19:34:55.0796 0184 perc2hib - ok 19:34:55.0937 0184 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 19:34:55.0937 0184 Pfc - ok 19:34:56.0062 0184 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 19:34:56.0062 0184 PptpMiniport - ok 19:34:56.0156 0184 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 19:34:56.0156 0184 PSched - ok 19:34:56.0359 0184 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 19:34:56.0359 0184 Ptilink - ok 19:34:56.0515 0184 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys 19:34:56.0515 0184 PxHelp20 - ok 19:34:56.0562 0184 ql1080 - ok 19:34:56.0640 0184 Ql10wnt - ok 19:34:56.0703 0184 ql12160 - ok 19:34:56.0765 0184 ql1240 - ok 19:34:56.0937 0184 ql1280 - ok 19:34:57.0031 0184 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 19:34:57.0031 0184 RasAcd - ok 19:34:57.0109 0184 Rasirda - ok 19:34:57.0218 0184 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 19:34:57.0218 0184 Rasl2tp - ok 19:34:57.0296 0184 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 19:34:57.0296 0184 RasPppoe - ok 19:34:57.0375 0184 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 19:34:57.0375 0184 Raspti - ok 19:34:57.0562 0184 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 19:34:57.0578 0184 Rdbss - ok 19:34:57.0671 0184 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 19:34:57.0687 0184 RDPCDD - ok 19:34:57.0812 0184 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 19:34:57.0812 0184 RDPWD - ok 19:34:57.0937 0184 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 19:34:57.0937 0184 redbook - ok 19:34:58.0125 0184 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys 19:34:58.0125 0184 RegFilter - ok 19:34:58.0359 0184 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 19:34:58.0359 0184 RTL8023xp - ok 19:34:58.0468 0184 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 19:34:58.0468 0184 sdbus - ok 19:34:58.0546 0184 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 19:34:58.0546 0184 Secdrv - ok 19:34:58.0656 0184 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 19:34:58.0656 0184 serenum - ok 19:34:58.0765 0184 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 19:34:58.0765 0184 Serial - ok 19:34:58.0921 0184 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 19:34:58.0937 0184 Sfloppy - ok 19:34:59.0093 0184 Simbad - ok 19:34:59.0203 0184 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys 19:34:59.0203 0184 SMCIRDA - ok 19:34:59.0281 0184 Sparrow - ok 19:34:59.0359 0184 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 19:34:59.0359 0184 splitter - ok 19:34:59.0515 0184 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 19:34:59.0515 0184 sr - ok 19:34:59.0656 0184 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 19:34:59.0656 0184 Srv - ok 19:34:59.0828 0184 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 19:34:59.0828 0184 swenum - ok 19:34:59.0890 0184 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 19:34:59.0890 0184 swmidi - ok 19:34:59.0968 0184 symc810 - ok 19:35:00.0109 0184 symc8xx - ok 19:35:00.0203 0184 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys 19:35:00.0203 0184 symlcbrd - ok 19:35:00.0250 0184 sym_hi - ok 19:35:00.0328 0184 sym_u3 - ok 19:35:00.0500 0184 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys 19:35:00.0500 0184 SynTP - ok 19:35:00.0593 0184 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 19:35:00.0593 0184 sysaudio - ok 19:35:00.0687 0184 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 19:35:00.0703 0184 Tcpip - ok 19:35:00.0765 0184 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 19:35:00.0765 0184 TDPIPE - ok 19:35:00.0843 0184 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 19:35:00.0843 0184 TDTCP - ok 19:35:00.0937 0184 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 19:35:00.0937 0184 TermDD - ok 19:35:01.0125 0184 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys 19:35:01.0140 0184 tifm21 - ok 19:35:01.0187 0184 TosIde - ok 19:35:01.0281 0184 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 19:35:01.0281 0184 Udfs - ok 19:35:01.0343 0184 ultra - ok 19:35:01.0468 0184 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 19:35:01.0468 0184 Update - ok 19:35:01.0656 0184 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys 19:35:01.0656 0184 UrlFilter - ok 19:35:01.0796 0184 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 19:35:01.0796 0184 usbccgp - ok 19:35:01.0859 0184 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 19:35:01.0875 0184 usbehci - ok 19:35:01.0953 0184 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 19:35:01.0953 0184 usbhub - ok 19:35:02.0015 0184 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 19:35:02.0015 0184 usbprint - ok 19:35:02.0078 0184 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 19:35:02.0078 0184 usbscan - ok 19:35:02.0187 0184 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 19:35:02.0187 0184 USBSTOR - ok 19:35:02.0312 0184 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 19:35:02.0312 0184 usbuhci - ok 19:35:02.0375 0184 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 19:35:02.0375 0184 VgaSave - ok 19:35:02.0453 0184 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 19:35:02.0468 0184 ViaIde - ok 19:35:02.0546 0184 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 19:35:02.0546 0184 VolSnap - ok 19:35:02.0734 0184 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys 19:35:02.0812 0184 w29n51 - ok 19:35:02.0984 0184 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:35:02.0984 0184 Wanarp - ok 19:35:03.0093 0184 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 19:35:03.0109 0184 Wdf01000 - ok 19:35:03.0171 0184 WDICA - ok 19:35:03.0265 0184 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 19:35:03.0265 0184 wdmaud - ok 19:35:03.0375 0184 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 19:35:03.0390 0184 winachsf - ok 19:35:03.0500 0184 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 19:35:03.0500 0184 WmiAcpi - ok 19:35:03.0718 0184 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 19:35:03.0734 0184 WS2IFSL - ok 19:35:03.0828 0184 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 19:35:03.0828 0184 WudfPf - ok 19:35:03.0906 0184 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 19:35:03.0906 0184 WudfRd - ok 19:35:03.0968 0184 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0 19:35:04.0062 0184 \Device\Harddisk0\DR0 - ok 19:35:04.0062 0184 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0 19:35:04.0062 0184 \Device\Harddisk0\DR0\Partition0 - ok 19:35:04.0062 0184 ============================================================ 19:35:04.0062 0184 Scan finished 19:35:04.0062 0184 ============================================================ 19:35:04.0078 1732 Detected object count: 2 19:35:04.0078 1732 Actual detected object count: 2 19:36:02.0656 1732 C:\WINDOWS\3203397148:3809022017.exe - copied to quarantine 19:36:02.0656 1732 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Quarantine 19:36:03.0937 1732 Backup copy found, using it.. 19:36:03.0984 1732 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured on reboot 19:36:03.0984 1732 MRxSmb ( Rootkit.Win32.ZAccess.e ) - User select action: Cure 19:36:33.0468 2024 Deinitialize success During the DDS scan, my computer froze twice. I will keep trying and will post the log when it runs.
  4. Good evening: I have this google redirect/Malwarebytes gets terminated problem that everyone seems to be referring to. I tried doing the various steps here: http://forums.malwarebytes.org/index.php?showtopic=85715 but to no avail. I ran hijackthis and got the following log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:35:49 AM, on 9/25/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17099) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe G:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2384137 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=25040 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110924170404.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InCD File System Service (InCDsrv) - Unknown owner - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe O23 - Service: PanelSvc - Unknown owner - C:\Program Files\SurfBoard\PanelApp\PanelSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 8489 bytes Can you provide assistance? Thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.