Jump to content

Recommended Posts

Hi there,

I'm in a deep mess! I was infected by the System Fix virus and used the following and removed it (I think):

1. Combofix

2. FixTDSS

3. Malwarebytes

My desktop icons were still not showing and I used Unhide and Roguekiller.

However, I still seem to face some issues. My Start menu is not how it used to be and I have iexplore processes running even when I have not opened IE.

I have now resorted (at last!) to start afresh and followed the steps in "I'm infected - What do I do now?" and attached the log files.

Any help here is most appreciated!

Thnx in advance!

Regards,

Swapna

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27

Run by Swapna at 22:44:26 on 2011-11-27

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2036.1312 [GMT 5.5:30]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\PROGRA~1\Webshots\315~1.761\webshots.scr

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

C:\WINDOWS\system32\msdtc.exe

C:\WINDOWS\System32\alg.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.in/

uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [superCopier2.exe] c:\program files\supercopier2\SuperCopier2.exe

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet

uRun: [Google Update] "c:\documents and settings\swapna\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe

mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"

mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart

mRun: [Norton Ghost 14.0] "c:\program files\norton ghost\agent\VProTray.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [NSU_agent] "c:\program files\nokia\nokia software updater\nsu3ui_agent.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFQTEwtRVlINEEtN1k2VlItUTNQTTYtRkxRM1gtSQ"&"inst=NzYtOTgxODEwOTkyLVRCOSsxLUZMKzktWE8zNisxLVhPOSsxLUREVCswLVNUOTBGQVBQKzEtREQ5MEYrMS1GOTBNMTJEVCsxLVRCTisxLVU5NSsxLUY5MFVEKzEtU1

StartupFolder: c:\docume~1\swapna\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7617\Launcher.exe

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: download.com

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: c:\windows\system32\acaptuser32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OpfiljeZfalb.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\swapna\application data\mozilla\firefox\profiles\nsfazoxy.default\

FF - prefs.js: browser.startup.homepage - about:blank

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll

FF - plugin: c:\documents and settings\swapna\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\swapna\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\documents and settings\swapna\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\nokia\nokia pc suite 7\bkmrksync

FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-27 366152]

R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2004-8-4 5120]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-27 22216]

R3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2007-12-20 1553896]

R4 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys --> c:\windows\system32\drivers\avgfwdx.sys [?]

R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriver.sys --> c:\windows\system32\drivers\AVGIDSDriver.Sys [?]

R4 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\avgidseh.sys --> c:\windows\system32\drivers\AVGIDSEH.Sys [?]

R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilter.sys --> c:\windows\system32\drivers\AVGIDSFilter.Sys [?]

R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]

R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys --> c:\windows\system32\drivers\avgrkx86.sys [?]

R4 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys --> c:\windows\system32\drivers\avgtdix.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-8-24 137600]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-8-24 8576]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-11-27 16:27:41 -------- d-----w- c:\documents and settings\swapna\application data\Malwarebytes

2011-11-27 13:36:43 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-11-27 13:36:33 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-27 12:27:21 -------- d-sha-r- C:\cmdcons

2011-11-27 12:20:35 98816 ----a-w- c:\windows\sed.exe

2011-11-27 12:20:35 518144 ----a-w- c:\windows\SWREG.exe

2011-11-27 12:20:35 256000 ----a-w- c:\windows\PEV.exe

2011-11-27 12:20:35 208896 ----a-w- c:\windows\MBR.exe

2011-11-27 12:18:13 -------- d-----w- C:\123

2011-11-26 05:07:52 13824 ----a-w- c:\windows\system32\OpfiljeZfalb.dll

2011-11-21 15:00:25 274288 ----a-w- c:\windows\system32\mucltui.dll

2011-11-21 15:00:25 215920 ----a-w- c:\windows\system32\muweb.dll

2011-11-21 15:00:25 16736 ----a-w- c:\windows\system32\mucltui.dll.mui

2011-11-21 14:38:52 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2011-11-21 14:38:52 32656 ----a-w- c:\windows\system32\msonpmon.dll

2011-11-21 14:34:57 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2011-11-21 14:34:18 -------- d-----w- c:\documents and settings\swapna\local settings\application data\Microsoft Help

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-07 11:35:50 323624 ----a-w- c:\windows\system32\wiaaut.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 06:11:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 06:11:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 06:11:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-30 16:13:48 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-08-30 16:13:48 472808 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 22:44:52.34 ===============

mbam-log-2011-11-27 (22-43-42).txt

dds.txt

attach.zip

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please go to http://www.virustotal.com/, click on Browse, and upload the following file for analysis:

c:\windows\system32\OpfiljeZfalb.dll

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for me to see.

If virustotal is too busy you can try these.

http://virusscan.jotti.org

http://www.kaspersky.com/scanforvirus.html

Link to post
Share on other sites

Hi, Thank you so much for replying! I am unable to open any website from the infected computer :( Was also unable to copy the file for upload to another system. Hence zipped it, uploaded it onto the required site and here are the results. Hope this helps.

___________________________________________________________________________________________________________________________________________

File name:

Submission date:

Current status:

Result:

Swapna My account Sign out Languages

Virustotal is a service that analyzes suspicious

files and URLs and facilitates the quick

detection of viruses, worms, trojans, and all kinds

of malware detected by antivirus engines. More

information...

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community

user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.

OpfiljeZfalb.rar

2011-12-01 14:12:17 (UTC)

finished

19/ 43 (44.2%)

VT Community

not reviewed

Safety score: -

Print results

Antivirus Version Last Update Result

AhnLab-V3 2011.12.01.00 2011.12.01 Trojan/Win32.Agent

AntiVir 7.11.18.169 2011.12.01 TR/ATRAPS.Gen2

Antiy-AVL 2.0.3.7 2011.12.01 -

Avast 6.0.1289.0 2011.12.01 -

AVG 10.0.0.1190 2011.12.01 -

BitDefender 7.2 2011.12.01 Trojan.Generic.KDV.424568

ByteHero 1.0.0.1 2011.11.29 -

CAT-QuickHeal 12.00 2011.12.01 Trojan.Agent.gen

ClamAV 0.97.3.0 2011.12.01 -

Commtouch 5.3.2.6 2011.12.01 -

Comodo 10799 2011.12.01 UnclassifiedMalware

DrWeb 5.0.2.03300 2011.12.01 -

Emsisoft 5.1.0.11 2011.12.01 Backdoor.Win32.Agent!IK

eSafe 7.0.17.0 2011.11.30 -

eTrust-Vet 37.0.9597 2011.12.01 -

F-Prot 4.6.5.141 2011.11.29 -

F-Secure 9.0.16440.0 2011.12.01 Trojan.Generic.KDV.424568

Fortinet 4.3.388.0 2011.12.01 -

GData 22.292/22.544 2011.12.01 Trojan.Generic.KDV.424568

Ikarus T3.1.1.109.0 2011.12.01 Backdoor.Win32.Agent

Jiangmin 13.0.900 2011.11.30 -

Compact

VirusTotal - Free Online Virus, Malware and URL Scanner Page 1 of 3

http://www.virustotal.com/file-scan/report.html?id=61d1bd18ff6f42b84f1773b7180a4a968... 12/1/2011

Additional information Show all

K7AntiVirus 9.119.5570 2011.11.30 -

Kaspersky 9.0.0.837 2011.12.01 Trojan-Proxy.Win32.Agent.esw

McAfee 5.400.0.1158 2011.12.01 Generic FakeAlert!uq

McAfee-GW-Edition 2010.1D 2011.12.01 Generic FakeAlert!uq

Microsoft 1.7903 2011.12.01 -

NOD32 6668 2011.12.01 -

Norman 6.07.13 2011.12.01 -

nProtect 2011-12-01.01 2011.12.01 Gen:Variant.Kazy.45366

Panda 10.0.3.5 2011.11.30 Trj/CI.A

PCTools 8.0.0.5 2011.12.01 -

Prevx 3.0 2011.12.01 -

Rising 23.86.03.01 2011.12.01 -

Sophos 4.71.0 2011.12.01 Mal/Generic-L

SUPERAntiSpyware 4.40.0.1006 2011.12.01 -

Symantec 20111.2.0.82 2011.12.01 Trojan.FakeAV

TheHacker 6.7.0.1.352 2011.11.30 -

TrendMicro 9.500.0.1008 2011.12.01 TROJ_FAKEAV.GBF

TrendMicro-HouseCall 9.500.0.1008 2011.12.01 TROJ_FAKEAV.GBF

VBA32 3.12.16.4 2011.12.01 -

VIPRE 11187 2011.12.01 Trojan.Win32.Generic!BT

ViRobot 2011.12.1.4803 2011.12.01 -

VirusBuster 14.1.93.0 2011.11.30 -

MD5 : c3c2a63eb8f0427f39acd0c9812e31df

SHA1 : c6bcbd40caf380240024b350da0dedb1b8953052

SHA256: 61d1bd18ff6f42b84f1773b7180a4a9689390b9e8d41edc5c6256a6de2508d4e

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!

VirusTotal Team

VirusTotal - Free Online Virus, Malware and URL Scanner Page 2 of 3

http://www.virustotal.com/file-scan/report.html?id=61d1bd18ff6f42b84f1773b7180a4a968... 12/1/2011

Goodware Malware Spam attachment/link

P2P download Propagating via IM Network worm

Drive-by-download

Preview comment Post comment

Add your comment... How to markup your comments?

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the

availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is

far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file

Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy

VirusTotal - Free Online Virus, Malware and URL Scanner Page 3 of 3

http://www.virustotal.com/file-scan/report.html?id=61d1bd18ff6f42b84f1773b7180a4a968... 12/1/2011

P.S: I'm not very tech savvy. So in case I need to post the results any differently kindly let me know. Thanks a ton for all your help!

Link to post
Share on other sites

No I don't :( Any way to clean up other than a reinstall? The problem is I don't have my external hard disk till monday and hence wouldnt be able to take a backup of my files either. I'm ablel to access all files as of now, but would it still be the case till Monday?

File deleted.

Link to post
Share on other sites

Download the tools needed to a flash drive or other USB device, and transfer them to the infected computer.

If the tool won't run from the desktop, try running it from the USB device.

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Hi, I took the tool from the link provided by you. Not sure if the version of this tool and the one in your screenshot is different. Initial scan returned no threats. I had to choose 'Change parameters' and select the following:

Verify driver digital signatures

Detect TDLFS file system

Now 4 threats detected but no cure option. Only options are

Skip

Copy to quarantine

Delete

SHould I delete the files? Computer behaviour: Start menu seems like Windows 2003 menu - gray with minimal menu options; unable to open websites in IE, only IE available in start menu is with no add-ons. Quicklaunch toolbar missing. On USB insertion, no autoplay pops up.

FInd report of TDSSkiller below:

21:40:45.0984 2532 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

21:40:46.0000 2532 ============================================================

21:40:46.0000 2532 Current date / time: 2011/12/01 21:40:46.0000

21:40:46.0000 2532 SystemInfo:

21:40:46.0000 2532

21:40:46.0000 2532 OS Version: 5.1.2600 ServicePack: 3.0

21:40:46.0000 2532 Product type: Workstation

21:40:46.0000 2532 ComputerName: JAIHOMEPC

21:40:46.0000 2532 UserName: Jai

21:40:46.0000 2532 Windows directory: C:\WINDOWS

21:40:46.0000 2532 System windows directory: C:\WINDOWS

21:40:46.0000 2532 Processor architecture: Intel x86

21:40:46.0000 2532 Number of processors: 2

21:40:46.0000 2532 Page size: 0x1000

21:40:46.0000 2532 Boot type: Normal boot

21:40:46.0000 2532 ============================================================

21:40:46.0828 2532 Initialize success

21:41:01.0671 2632 ============================================================

21:41:01.0671 2632 Scan started

21:41:01.0671 2632 Mode: Manual;

21:41:01.0671 2632 ============================================================

21:41:01.0859 2632 Abiosdsk - ok

21:41:01.0890 2632 abp480n5 - ok

21:41:01.0906 2632 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:41:01.0906 2632 ACPI - ok

21:41:01.0937 2632 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

21:41:01.0937 2632 ACPIEC - ok

21:41:01.0937 2632 adpu160m - ok

21:41:01.0968 2632 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:41:01.0968 2632 aec - ok

21:41:02.0000 2632 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

21:41:02.0000 2632 AFD - ok

21:41:02.0000 2632 Aha154x - ok

21:41:02.0015 2632 aic78u2 - ok

21:41:02.0015 2632 aic78xx - ok

21:41:02.0031 2632 AliIde - ok

21:41:02.0031 2632 amsint - ok

21:41:02.0046 2632 asc - ok

21:41:02.0046 2632 asc3350p - ok

21:41:02.0062 2632 asc3550 - ok

21:41:02.0078 2632 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:41:02.0078 2632 AsyncMac - ok

21:41:02.0078 2632 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:41:02.0078 2632 atapi - ok

21:41:02.0093 2632 Atdisk - ok

21:41:02.0109 2632 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:41:02.0109 2632 Atmarpc - ok

21:41:02.0125 2632 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:41:02.0125 2632 audstub - ok

21:41:02.0140 2632 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:41:02.0140 2632 Beep - ok

21:41:02.0156 2632 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS

21:41:02.0156 2632 BVRPMPR5 - ok

21:41:02.0171 2632 Cardex - ok

21:41:02.0203 2632 catchme - ok

21:41:02.0218 2632 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:41:02.0218 2632 cbidf2k - ok

21:41:02.0234 2632 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

21:41:02.0234 2632 CCDECODE - ok

21:41:02.0250 2632 cd20xrnt - ok

21:41:02.0265 2632 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:41:02.0265 2632 Cdaudio - ok

21:41:02.0265 2632 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:41:02.0265 2632 Cdfs - ok

21:41:02.0281 2632 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:41:02.0281 2632 Cdrom - ok

21:41:02.0296 2632 Changer - ok

21:41:02.0296 2632 CmdIde - ok

21:41:02.0312 2632 Cpqarray - ok

21:41:02.0328 2632 dac2w2k - ok

21:41:02.0328 2632 dac960nt - ok

21:41:02.0343 2632 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:41:02.0343 2632 Disk - ok

21:41:02.0359 2632 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

21:41:02.0375 2632 dmboot - ok

21:41:02.0375 2632 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

21:41:02.0390 2632 dmio - ok

21:41:02.0406 2632 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:41:02.0406 2632 dmload - ok

21:41:02.0421 2632 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:41:02.0421 2632 DMusic - ok

21:41:02.0453 2632 dpti2o - ok

21:41:02.0453 2632 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:41:02.0453 2632 drmkaud - ok

21:41:02.0500 2632 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:41:02.0500 2632 Fastfat - ok

21:41:02.0515 2632 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

21:41:02.0515 2632 Fdc - ok

21:41:02.0531 2632 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

21:41:02.0531 2632 Fips - ok

21:41:02.0546 2632 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

21:41:02.0546 2632 Flpydisk - ok

21:41:02.0578 2632 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:41:02.0578 2632 FltMgr - ok

21:41:02.0593 2632 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:41:02.0593 2632 Fs_Rec - ok

21:41:02.0625 2632 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:41:02.0625 2632 Ftdisk - ok

21:41:02.0656 2632 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

21:41:02.0656 2632 GEARAspiWDM - ok

21:41:02.0656 2632 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:41:02.0656 2632 Gpc - ok

21:41:02.0671 2632 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:41:02.0671 2632 HDAudBus - ok

21:41:02.0687 2632 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:41:02.0687 2632 hidusb - ok

21:41:02.0703 2632 hpn - ok

21:41:02.0734 2632 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:41:02.0734 2632 HTTP - ok

21:41:02.0734 2632 i2omgmt - ok

21:41:02.0750 2632 i2omp - ok

21:41:02.0765 2632 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:41:02.0765 2632 Imapi - ok

21:41:02.0781 2632 ini910u - ok

21:41:02.0875 2632 IntcAzAudAddService (b1a809e7fe19becd5aca61f0e7088c8c) C:\WINDOWS\system32\drivers\RtkHDAud.sys

21:41:02.0890 2632 IntcAzAudAddService - ok

21:41:02.0906 2632 IntelIde - ok

21:41:02.0921 2632 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:41:02.0921 2632 intelppm - ok

21:41:02.0921 2632 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:41:02.0921 2632 Ip6Fw - ok

21:41:02.0953 2632 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:41:02.0953 2632 IpFilterDriver - ok

21:41:02.0968 2632 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:41:02.0968 2632 IpInIp - ok

21:41:02.0984 2632 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:41:02.0984 2632 IpNat - ok

21:41:02.0984 2632 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:41:02.0984 2632 IPSec - ok

21:41:03.0000 2632 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:41:03.0000 2632 IRENUM - ok

21:41:03.0015 2632 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:41:03.0015 2632 isapnp - ok

21:41:03.0031 2632 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:41:03.0031 2632 Kbdclass - ok

21:41:03.0046 2632 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

21:41:03.0046 2632 kbdhid - ok

21:41:03.0046 2632 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:41:03.0062 2632 kmixer - ok

21:41:03.0078 2632 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:41:03.0078 2632 KSecDD - ok

21:41:03.0093 2632 lbrtfdc - ok

21:41:03.0125 2632 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

21:41:03.0125 2632 MBAMProtector - ok

21:41:03.0156 2632 mchInjDrv - ok

21:41:03.0187 2632 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:41:03.0187 2632 mnmdd - ok

21:41:03.0203 2632 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

21:41:03.0203 2632 Modem - ok

21:41:03.0218 2632 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:41:03.0218 2632 Mouclass - ok

21:41:03.0250 2632 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:41:03.0250 2632 mouhid - ok

21:41:03.0250 2632 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:41:03.0250 2632 MountMgr - ok

21:41:03.0265 2632 mraid35x - ok

21:41:03.0265 2632 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:41:03.0265 2632 MRxDAV - ok

21:41:03.0296 2632 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:41:03.0296 2632 MRxSmb - ok

21:41:03.0312 2632 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:41:03.0312 2632 Msfs - ok

21:41:03.0328 2632 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:41:03.0328 2632 MSKSSRV - ok

21:41:03.0343 2632 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:41:03.0343 2632 MSPCLOCK - ok

21:41:03.0359 2632 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:41:03.0359 2632 MSPQM - ok

21:41:03.0359 2632 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:41:03.0359 2632 mssmbios - ok

21:41:03.0375 2632 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

21:41:03.0375 2632 MSTEE - ok

21:41:03.0406 2632 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

21:41:03.0406 2632 Mup - ok

21:41:03.0421 2632 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

21:41:03.0421 2632 NABTSFEC - ok

21:41:03.0437 2632 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:41:03.0437 2632 NDIS - ok

21:41:03.0453 2632 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

21:41:03.0453 2632 NdisIP - ok

21:41:03.0468 2632 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:41:03.0468 2632 NdisTapi - ok

21:41:03.0500 2632 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:41:03.0500 2632 Ndisuio - ok

21:41:03.0515 2632 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:41:03.0515 2632 NdisWan - ok

21:41:03.0531 2632 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:41:03.0531 2632 NDProxy - ok

21:41:03.0546 2632 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:41:03.0546 2632 NetBIOS - ok

21:41:03.0562 2632 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:41:03.0562 2632 NetBT - ok

21:41:03.0593 2632 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\WINDOWS\system32\drivers\ccdcmb.sys

21:41:03.0593 2632 nmwcd - ok

21:41:03.0625 2632 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\WINDOWS\system32\drivers\ccdcmbo.sys

21:41:03.0625 2632 nmwcdc - ok

21:41:03.0656 2632 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\WINDOWS\system32\drivers\nmwcdnsu.sys

21:41:03.0656 2632 nmwcdnsu - ok

21:41:03.0671 2632 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys

21:41:03.0671 2632 nmwcdnsuc - ok

21:41:03.0687 2632 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:41:03.0687 2632 Npfs - ok

21:41:03.0703 2632 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:41:03.0718 2632 Ntfs - ok

21:41:03.0734 2632 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:41:03.0750 2632 Null - ok

21:41:03.0875 2632 nv (61bf339927f7a02c395f89fd8ad7ccfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:41:03.0953 2632 nv - ok

21:41:03.0984 2632 nvcap (281169c9bbb8a0d4f1df67f1af791148) C:\WINDOWS\system32\DRIVERS\nvcap.sys

21:41:04.0000 2632 nvcap - ok

21:41:04.0015 2632 NVXBAR (8558d771e406487f200647a13a74472e) C:\WINDOWS\system32\DRIVERS\NVxbar.sys

21:41:04.0015 2632 NVXBAR - ok

21:41:04.0031 2632 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:41:04.0046 2632 NwlnkFlt - ok

21:41:04.0046 2632 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:41:04.0046 2632 NwlnkFwd - ok

21:41:04.0062 2632 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

21:41:04.0062 2632 Parport - ok

21:41:04.0078 2632 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:41:04.0078 2632 PartMgr - ok

21:41:04.0093 2632 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

21:41:04.0093 2632 ParVdm - ok

21:41:04.0125 2632 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

21:41:04.0125 2632 pccsmcfd - ok

21:41:04.0140 2632 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

21:41:04.0140 2632 PCI - ok

21:41:04.0156 2632 PCIDump - ok

21:41:04.0156 2632 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:41:04.0156 2632 PCIIde - ok

21:41:04.0171 2632 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:41:04.0187 2632 Pcmcia - ok

21:41:04.0187 2632 PDCOMP - ok

21:41:04.0187 2632 PDFRAME - ok

21:41:04.0203 2632 PDRELI - ok

21:41:04.0203 2632 PDRFRAME - ok

21:41:04.0218 2632 perc2 - ok

21:41:04.0218 2632 perc2hib - ok

21:41:04.0265 2632 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:41:04.0265 2632 PptpMiniport - ok

21:41:04.0296 2632 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:41:04.0296 2632 PSched - ok

21:41:04.0296 2632 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:41:04.0296 2632 Ptilink - ok

21:41:04.0328 2632 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:41:04.0328 2632 PxHelp20 - ok

21:41:04.0328 2632 ql1080 - ok

21:41:04.0343 2632 Ql10wnt - ok

21:41:04.0343 2632 ql12160 - ok

21:41:04.0359 2632 ql1240 - ok

21:41:04.0359 2632 ql1280 - ok

21:41:04.0375 2632 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:41:04.0375 2632 RasAcd - ok

21:41:04.0390 2632 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:41:04.0390 2632 Rasl2tp - ok

21:41:04.0406 2632 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:41:04.0406 2632 RasPppoe - ok

21:41:04.0406 2632 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:41:04.0406 2632 Raspti - ok

21:41:04.0421 2632 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:41:04.0421 2632 Rdbss - ok

21:41:04.0437 2632 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:41:04.0437 2632 RDPCDD - ok

21:41:04.0453 2632 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:41:04.0453 2632 rdpdr - ok

21:41:04.0484 2632 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

21:41:04.0484 2632 RDPWD - ok

21:41:04.0500 2632 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

21:41:04.0500 2632 redbook - ok

21:41:04.0546 2632 RTLE8023xp (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

21:41:04.0546 2632 RTLE8023xp - ok

21:41:04.0562 2632 SCDEmu (16b1abe7f3e35f21dac57592b6c5d464) C:\WINDOWS\system32\drivers\SCDEmu.sys

21:41:04.0562 2632 SCDEmu - ok

21:41:04.0593 2632 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:41:04.0593 2632 Secdrv - ok

21:41:04.0609 2632 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

21:41:04.0609 2632 serenum - ok

21:41:04.0625 2632 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

21:41:04.0625 2632 Serial - ok

21:41:04.0656 2632 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

21:41:04.0656 2632 Sfloppy - ok

21:41:04.0671 2632 Simbad - ok

21:41:04.0687 2632 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

21:41:04.0687 2632 SLIP - ok

21:41:04.0687 2632 Sparrow - ok

21:41:04.0703 2632 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:41:04.0703 2632 splitter - ok

21:41:04.0718 2632 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

21:41:04.0718 2632 sr - ok

21:41:04.0750 2632 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

21:41:04.0750 2632 Srv - ok

21:41:04.0765 2632 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

21:41:04.0765 2632 streamip - ok

21:41:04.0781 2632 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:41:04.0781 2632 swenum - ok

21:41:04.0796 2632 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:41:04.0796 2632 swmidi - ok

21:41:04.0796 2632 symc810 - ok

21:41:04.0812 2632 symc8xx - ok

21:41:04.0828 2632 symsnap (c9273531eac75ee225e3170fb6107fa3) C:\WINDOWS\system32\DRIVERS\symsnap.sys

21:41:04.0828 2632 symsnap - ok

21:41:04.0828 2632 sym_hi - ok

21:41:04.0843 2632 sym_u3 - ok

21:41:04.0859 2632 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:41:04.0859 2632 sysaudio - ok

21:41:04.0890 2632 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:41:04.0890 2632 Tcpip - ok

21:41:04.0906 2632 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:41:04.0906 2632 TDPIPE - ok

21:41:04.0937 2632 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:41:04.0937 2632 TDTCP - ok

21:41:04.0953 2632 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:41:04.0953 2632 TermDD - ok

21:41:04.0968 2632 TosIde - ok

21:41:04.0984 2632 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:41:04.0984 2632 Udfs - ok

21:41:05.0000 2632 ultra - ok

21:41:05.0031 2632 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:41:05.0031 2632 Update - ok

21:41:05.0062 2632 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

21:41:05.0062 2632 upperdev - ok

21:41:05.0078 2632 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:41:05.0078 2632 usbccgp - ok

21:41:05.0078 2632 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:41:05.0078 2632 usbehci - ok

21:41:05.0093 2632 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:41:05.0093 2632 usbhub - ok

21:41:05.0125 2632 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

21:41:05.0125 2632 usbser - ok

21:41:05.0140 2632 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

21:41:05.0140 2632 UsbserFilt - ok

21:41:05.0156 2632 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:41:05.0156 2632 USBSTOR - ok

21:41:05.0156 2632 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:41:05.0156 2632 usbuhci - ok

21:41:05.0187 2632 v2imount (b4d63048d6358e7c6ab61b98b8cff263) C:\WINDOWS\system32\DRIVERS\v2imount.sys

21:41:05.0187 2632 v2imount - ok

21:41:05.0203 2632 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:41:05.0218 2632 VgaSave - ok

21:41:05.0218 2632 ViaIde - ok

21:41:05.0234 2632 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

21:41:05.0234 2632 VolSnap - ok

21:41:05.0250 2632 VProEventMonitor (e78781b2c86c92a0a738df566460f716) C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys

21:41:05.0250 2632 VProEventMonitor - ok

21:41:05.0265 2632 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:41:05.0265 2632 Wanarp - ok

21:41:05.0296 2632 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

21:41:05.0312 2632 Wdf01000 - ok

21:41:05.0312 2632 WDICA - ok

21:41:05.0328 2632 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:41:05.0343 2632 wdmaud - ok

21:41:05.0359 2632 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys

21:41:05.0359 2632 WimFltr - ok

21:41:05.0406 2632 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

21:41:05.0406 2632 WpdUsb - ok

21:41:05.0421 2632 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

21:41:05.0421 2632 WSTCODEC - ok

21:41:05.0437 2632 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:41:05.0437 2632 WudfPf - ok

21:41:05.0468 2632 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:41:05.0468 2632 WudfRd - ok

21:41:05.0484 2632 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

21:41:05.0546 2632 \Device\Harddisk0\DR0 - ok

21:41:05.0562 2632 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR4

21:41:05.0562 2632 \Device\Harddisk1\DR4 - ok

21:41:05.0562 2632 Boot (0x1200) (e2807aa34a313c316471fbe21c5ef9b7) \Device\Harddisk0\DR0\Partition0

21:41:05.0562 2632 \Device\Harddisk0\DR0\Partition0 - ok

21:41:05.0578 2632 Boot (0x1200) (637a9999d3670f669210e77288c9aa7b) \Device\Harddisk0\DR0\Partition1

21:41:05.0578 2632 \Device\Harddisk0\DR0\Partition1 - ok

21:41:05.0593 2632 Boot (0x1200) (8f4bf7a6177fa1e3a812e6546b333cbf) \Device\Harddisk0\DR0\Partition2

21:41:05.0593 2632 \Device\Harddisk0\DR0\Partition2 - ok

21:41:05.0593 2632 Boot (0x1200) (dea1af4478e361146966ccfbf7bf5c57) \Device\Harddisk1\DR4\Partition0

21:41:05.0609 2632 \Device\Harddisk1\DR4\Partition0 - ok

21:41:05.0609 2632 ============================================================

21:41:05.0609 2632 Scan finished

21:41:05.0609 2632 ============================================================

21:41:05.0609 3544 Detected object count: 0

21:41:05.0609 3544 Actual detected object count: 0

21:42:01.0953 3748 ============================================================

21:42:01.0953 3748 Scan started

21:42:01.0953 3748 Mode: Manual; SigCheck; TDLFS;

21:42:01.0953 3748 ============================================================

21:42:02.0078 3748 Abiosdsk - ok

21:42:02.0093 3748 abp480n5 - ok

21:42:02.0109 3748 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:42:03.0062 3748 ACPI - ok

21:42:03.0125 3748 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

21:42:03.0218 3748 ACPIEC - ok

21:42:03.0234 3748 adpu160m - ok

21:42:03.0250 3748 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:42:03.0328 3748 aec - ok

21:42:03.0359 3748 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

21:42:03.0375 3748 AFD - ok

21:42:03.0375 3748 Aha154x - ok

21:42:03.0375 3748 aic78u2 - ok

21:42:03.0390 3748 aic78xx - ok

21:42:03.0406 3748 AliIde - ok

21:42:03.0406 3748 amsint - ok

21:42:03.0421 3748 asc - ok

21:42:03.0421 3748 asc3350p - ok

21:42:03.0437 3748 asc3550 - ok

21:42:03.0453 3748 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:42:03.0515 3748 AsyncMac - ok

21:42:03.0531 3748 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:42:03.0593 3748 atapi - ok

21:42:03.0593 3748 Atdisk - ok

21:42:03.0609 3748 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:42:03.0671 3748 Atmarpc - ok

21:42:03.0703 3748 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:42:03.0765 3748 audstub - ok

21:42:03.0781 3748 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:42:03.0843 3748 Beep - ok

21:42:03.0875 3748 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS

21:42:03.0890 3748 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

21:42:03.0890 3748 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

21:42:03.0890 3748 Cardex - ok

21:42:03.0921 3748 catchme - ok

21:42:03.0953 3748 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:42:04.0031 3748 cbidf2k - ok

21:42:04.0046 3748 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

21:42:04.0109 3748 CCDECODE - ok

21:42:04.0125 3748 cd20xrnt - ok

21:42:04.0125 3748 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:42:04.0203 3748 Cdaudio - ok

21:42:04.0218 3748 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:42:04.0296 3748 Cdfs - ok

21:42:04.0312 3748 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:42:04.0375 3748 Cdrom - ok

21:42:04.0390 3748 Changer - ok

21:42:04.0406 3748 CmdIde - ok

21:42:04.0421 3748 Cpqarray - ok

21:42:04.0437 3748 dac2w2k - ok

21:42:04.0437 3748 dac960nt - ok

21:42:04.0453 3748 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:42:04.0515 3748 Disk - ok

21:42:04.0562 3748 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

21:42:04.0640 3748 dmboot - ok

21:42:04.0656 3748 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

21:42:04.0718 3748 dmio - ok

21:42:04.0750 3748 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:42:04.0812 3748 dmload - ok

21:42:04.0843 3748 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:42:04.0906 3748 DMusic - ok

21:42:04.0906 3748 dpti2o - ok

21:42:04.0921 3748 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:42:04.0984 3748 drmkaud - ok

21:42:05.0031 3748 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:42:05.0109 3748 Fastfat - ok

21:42:05.0109 3748 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

21:42:05.0187 3748 Fdc - ok

21:42:05.0203 3748 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

21:42:05.0265 3748 Fips - ok

21:42:05.0281 3748 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

21:42:05.0359 3748 Flpydisk - ok

21:42:05.0406 3748 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:42:05.0468 3748 FltMgr - ok

21:42:05.0484 3748 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:42:05.0546 3748 Fs_Rec - ok

21:42:05.0562 3748 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:42:05.0625 3748 Ftdisk - ok

21:42:05.0640 3748 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

21:42:05.0656 3748 GEARAspiWDM - ok

21:42:05.0687 3748 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:42:05.0750 3748 Gpc - ok

21:42:05.0750 3748 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:42:05.0812 3748 HDAudBus - ok

21:42:05.0828 3748 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:42:05.0890 3748 hidusb - ok

21:42:05.0906 3748 hpn - ok

21:42:05.0937 3748 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:42:05.0968 3748 HTTP - ok

21:42:05.0984 3748 i2omgmt - ok

21:42:05.0984 3748 i2omp - ok

21:42:06.0000 3748 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:42:06.0078 3748 Imapi - ok

21:42:06.0093 3748 ini910u - ok

21:42:06.0203 3748 IntcAzAudAddService (b1a809e7fe19becd5aca61f0e7088c8c) C:\WINDOWS\system32\drivers\RtkHDAud.sys

21:42:06.0312 3748 IntcAzAudAddService - ok

21:42:06.0328 3748 IntelIde - ok

21:42:06.0343 3748 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:42:06.0406 3748 intelppm - ok

21:42:06.0421 3748 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:42:06.0484 3748 Ip6Fw - ok

21:42:06.0515 3748 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:42:06.0578 3748 IpFilterDriver - ok

21:42:06.0593 3748 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:42:06.0671 3748 IpInIp - ok

21:42:06.0687 3748 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:42:06.0750 3748 IpNat - ok

21:42:06.0781 3748 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:42:06.0843 3748 IPSec - ok

21:42:06.0859 3748 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:42:06.0921 3748 IRENUM - ok

21:42:06.0953 3748 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:42:07.0015 3748 isapnp - ok

21:42:07.0031 3748 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:42:07.0093 3748 Kbdclass - ok

21:42:07.0109 3748 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

21:42:07.0171 3748 kbdhid - ok

21:42:07.0187 3748 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:42:07.0265 3748 kmixer - ok

21:42:07.0281 3748 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:42:07.0312 3748 KSecDD - ok

21:42:07.0328 3748 lbrtfdc - ok

21:42:07.0359 3748 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

21:42:07.0437 3748 MBAMProtector - ok

21:42:07.0484 3748 mchInjDrv - ok

21:42:07.0500 3748 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:42:07.0578 3748 mnmdd - ok

21:42:07.0593 3748 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

21:42:07.0656 3748 Modem - ok

21:42:07.0671 3748 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:42:07.0734 3748 Mouclass - ok

21:42:07.0750 3748 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:42:07.0812 3748 mouhid - ok

21:42:07.0843 3748 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:42:07.0890 3748 MountMgr - ok

21:42:07.0906 3748 mraid35x - ok

21:42:07.0906 3748 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:42:07.0984 3748 MRxDAV - ok

21:42:08.0015 3748 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:42:08.0046 3748 MRxSmb - ok

21:42:08.0062 3748 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:42:08.0140 3748 Msfs - ok

21:42:08.0156 3748 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:42:08.0218 3748 MSKSSRV - ok

21:42:08.0234 3748 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:42:08.0312 3748 MSPCLOCK - ok

21:42:08.0343 3748 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:42:08.0406 3748 MSPQM - ok

21:42:08.0421 3748 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:42:08.0484 3748 mssmbios - ok

21:42:08.0484 3748 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

21:42:08.0546 3748 MSTEE - ok

21:42:08.0578 3748 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

21:42:08.0593 3748 Mup - ok

21:42:08.0609 3748 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

21:42:08.0687 3748 NABTSFEC - ok

21:42:08.0718 3748 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:42:08.0796 3748 NDIS - ok

21:42:08.0812 3748 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

21:42:08.0875 3748 NdisIP - ok

21:42:08.0890 3748 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:42:08.0906 3748 NdisTapi - ok

21:42:08.0921 3748 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:42:09.0000 3748 Ndisuio - ok

21:42:09.0015 3748 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:42:09.0078 3748 NdisWan - ok

21:42:09.0093 3748 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:42:09.0109 3748 NDProxy - ok

21:42:09.0125 3748 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:42:09.0187 3748 NetBIOS - ok

21:42:09.0218 3748 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:42:09.0281 3748 NetBT - ok

21:42:09.0312 3748 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\WINDOWS\system32\drivers\ccdcmb.sys

21:42:09.0421 3748 nmwcd - ok

21:42:09.0468 3748 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\WINDOWS\system32\drivers\ccdcmbo.sys

21:42:09.0500 3748 nmwcdc - ok

21:42:09.0531 3748 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\WINDOWS\system32\drivers\nmwcdnsu.sys

21:42:09.0578 3748 nmwcdnsu - ok

21:42:09.0593 3748 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys

21:42:09.0640 3748 nmwcdnsuc - ok

21:42:09.0671 3748 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:42:09.0734 3748 Npfs - ok

21:42:09.0750 3748 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:42:09.0812 3748 Ntfs - ok

21:42:09.0828 3748 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:42:09.0906 3748 Null - ok

21:42:10.0031 3748 nv (61bf339927f7a02c395f89fd8ad7ccfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:42:10.0156 3748 nv - ok

21:42:10.0171 3748 nvcap (281169c9bbb8a0d4f1df67f1af791148) C:\WINDOWS\system32\DRIVERS\nvcap.sys

21:42:10.0171 3748 nvcap ( UnsignedFile.Multi.Generic ) - warning

21:42:10.0171 3748 nvcap - detected UnsignedFile.Multi.Generic (1)

21:42:10.0203 3748 NVXBAR (8558d771e406487f200647a13a74472e) C:\WINDOWS\system32\DRIVERS\NVxbar.sys

21:42:10.0218 3748 NVXBAR ( UnsignedFile.Multi.Generic ) - warning

21:42:10.0218 3748 NVXBAR - detected UnsignedFile.Multi.Generic (1)

21:42:10.0234 3748 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:42:10.0312 3748 NwlnkFlt - ok

21:42:10.0312 3748 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:42:10.0375 3748 NwlnkFwd - ok

21:42:10.0437 3748 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

21:42:10.0500 3748 Parport - ok

21:42:10.0515 3748 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:42:10.0578 3748 PartMgr - ok

21:42:10.0593 3748 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

21:42:10.0671 3748 ParVdm - ok

21:42:10.0718 3748 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

21:42:10.0750 3748 pccsmcfd - ok

21:42:10.0765 3748 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

21:42:10.0828 3748 PCI - ok

21:42:10.0828 3748 PCIDump - ok

21:42:10.0859 3748 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:42:10.0937 3748 PCIIde - ok

21:42:10.0953 3748 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:42:11.0015 3748 Pcmcia - ok

21:42:11.0015 3748 PDCOMP - ok

21:42:11.0031 3748 PDFRAME - ok

21:42:11.0031 3748 PDRELI - ok

21:42:11.0046 3748 PDRFRAME - ok

21:42:11.0046 3748 perc2 - ok

21:42:11.0062 3748 perc2hib - ok

21:42:11.0109 3748 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:42:11.0171 3748 PptpMiniport - ok

21:42:11.0187 3748 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:42:11.0234 3748 PSched - ok

21:42:11.0265 3748 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:42:11.0328 3748 Ptilink - ok

21:42:11.0343 3748 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:42:11.0359 3748 PxHelp20 - ok

21:42:11.0359 3748 ql1080 - ok

21:42:11.0375 3748 Ql10wnt - ok

21:42:11.0375 3748 ql12160 - ok

21:42:11.0390 3748 ql1240 - ok

21:42:11.0390 3748 ql1280 - ok

21:42:11.0406 3748 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:42:11.0468 3748 RasAcd - ok

21:42:11.0500 3748 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:42:11.0562 3748 Rasl2tp - ok

21:42:11.0578 3748 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:42:11.0625 3748 RasPppoe - ok

21:42:11.0640 3748 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:42:11.0718 3748 Raspti - ok

21:42:11.0734 3748 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:42:11.0796 3748 Rdbss - ok

21:42:11.0812 3748 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:42:11.0890 3748 RDPCDD - ok

21:42:11.0906 3748 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:42:11.0968 3748 rdpdr - ok

21:42:12.0000 3748 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

21:42:12.0015 3748 RDPWD - ok

21:42:12.0015 3748 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

21:42:12.0093 3748 redbook - ok

21:42:12.0109 3748 RTLE8023xp (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

21:42:12.0125 3748 RTLE8023xp - ok

21:42:12.0156 3748 SCDEmu (16b1abe7f3e35f21dac57592b6c5d464) C:\WINDOWS\system32\drivers\SCDEmu.sys

21:42:12.0156 3748 SCDEmu ( UnsignedFile.Multi.Generic ) - warning

21:42:12.0156 3748 SCDEmu - detected UnsignedFile.Multi.Generic (1)

21:42:12.0187 3748 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:42:12.0250 3748 Secdrv - ok

21:42:12.0265 3748 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

21:42:12.0328 3748 serenum - ok

21:42:12.0343 3748 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

21:42:12.0406 3748 Serial - ok

21:42:12.0421 3748 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

21:42:12.0484 3748 Sfloppy - ok

21:42:12.0500 3748 Simbad - ok

21:42:12.0515 3748 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

21:42:12.0578 3748 SLIP - ok

21:42:12.0593 3748 Sparrow - ok

21:42:12.0609 3748 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:42:12.0671 3748 splitter - ok

21:42:12.0687 3748 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

21:42:12.0750 3748 sr - ok

21:42:12.0781 3748 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

21:42:12.0812 3748 Srv - ok

21:42:12.0828 3748 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

21:42:12.0906 3748 streamip - ok

21:42:12.0906 3748 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:42:12.0968 3748 swenum - ok

21:42:13.0000 3748 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:42:13.0062 3748 swmidi - ok

21:42:13.0078 3748 symc810 - ok

21:42:13.0078 3748 symc8xx - ok

21:42:13.0109 3748 symsnap (c9273531eac75ee225e3170fb6107fa3) C:\WINDOWS\system32\DRIVERS\symsnap.sys

21:42:13.0109 3748 symsnap - ok

21:42:13.0125 3748 sym_hi - ok

21:42:13.0125 3748 sym_u3 - ok

21:42:13.0140 3748 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:42:13.0203 3748 sysaudio - ok

21:42:13.0234 3748 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:42:13.0281 3748 Tcpip - ok

21:42:13.0296 3748 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:42:13.0375 3748 TDPIPE - ok

21:42:13.0390 3748 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:42:13.0468 3748 TDTCP - ok

21:42:13.0484 3748 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:42:13.0562 3748 TermDD - ok

21:42:13.0578 3748 TosIde - ok

21:42:13.0593 3748 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:42:13.0656 3748 Udfs - ok

21:42:13.0671 3748 ultra - ok

21:42:13.0703 3748 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:42:13.0765 3748 Update - ok

21:42:13.0796 3748 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

21:42:13.0843 3748 upperdev - ok

21:42:13.0859 3748 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:42:13.0906 3748 usbccgp - ok

21:42:13.0921 3748 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:42:13.0984 3748 usbehci - ok

21:42:14.0015 3748 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:42:14.0078 3748 usbhub - ok

21:42:14.0093 3748 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

21:42:14.0171 3748 usbser - ok

21:42:14.0187 3748 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

21:42:14.0218 3748 UsbserFilt - ok

21:42:14.0234 3748 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:42:14.0296 3748 USBSTOR - ok

21:42:14.0312 3748 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:42:14.0375 3748 usbuhci - ok

21:42:14.0406 3748 v2imount (b4d63048d6358e7c6ab61b98b8cff263) C:\WINDOWS\system32\DRIVERS\v2imount.sys

21:42:14.0406 3748 v2imount - ok

21:42:14.0421 3748 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:42:14.0484 3748 VgaSave - ok

21:42:14.0484 3748 ViaIde - ok

21:42:14.0500 3748 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

21:42:14.0562 3748 VolSnap - ok

21:42:14.0593 3748 VProEventMonitor (e78781b2c86c92a0a738df566460f716) C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys

21:42:14.0593 3748 VProEventMonitor - ok

21:42:14.0609 3748 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:42:14.0671 3748 Wanarp - ok

21:42:14.0718 3748 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

21:42:14.0718 3748 Wdf01000 - ok

21:42:14.0734 3748 WDICA - ok

21:42:14.0750 3748 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:42:14.0812 3748 wdmaud - ok

21:42:14.0843 3748 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys

21:42:14.0859 3748 WimFltr - ok

21:42:14.0906 3748 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

21:42:14.0937 3748 WpdUsb - ok

21:42:14.0953 3748 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

21:42:15.0031 3748 WSTCODEC - ok

21:42:15.0062 3748 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:42:15.0109 3748 WudfPf - ok

21:42:15.0125 3748 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:42:15.0140 3748 WudfRd - ok

21:42:15.0171 3748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

21:42:15.0328 3748 \Device\Harddisk0\DR0 - ok

21:42:15.0328 3748 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR4

21:42:15.0437 3748 \Device\Harddisk1\DR4 - ok

21:42:15.0437 3748 Boot (0x1200) (e2807aa34a313c316471fbe21c5ef9b7) \Device\Harddisk0\DR0\Partition0

21:42:15.0453 3748 \Device\Harddisk0\DR0\Partition0 - ok

21:42:15.0453 3748 Boot (0x1200) (637a9999d3670f669210e77288c9aa7b) \Device\Harddisk0\DR0\Partition1

21:42:15.0453 3748 \Device\Harddisk0\DR0\Partition1 - ok

21:42:15.0468 3748 Boot (0x1200) (8f4bf7a6177fa1e3a812e6546b333cbf) \Device\Harddisk0\DR0\Partition2

21:42:15.0468 3748 \Device\Harddisk0\DR0\Partition2 - ok

21:42:15.0468 3748 Boot (0x1200) (dea1af4478e361146966ccfbf7bf5c57) \Device\Harddisk1\DR4\Partition0

21:42:15.0468 3748 \Device\Harddisk1\DR4\Partition0 - ok

21:42:15.0468 3748 ============================================================

21:42:15.0468 3748 Scan finished

21:42:15.0468 3748 ============================================================

21:42:15.0593 3576 Detected object count: 4

21:42:15.0593 3576 Actual detected object count: 4

21:42:36.0046 3576 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS - copied to quarantine

21:42:36.0046 3576 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

21:42:36.0093 3576 C:\WINDOWS\system32\DRIVERS\nvcap.sys - copied to quarantine

21:42:36.0093 3576 nvcap ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

21:42:36.0125 3576 C:\WINDOWS\system32\DRIVERS\NVxbar.sys - copied to quarantine

21:42:36.0125 3576 NVXBAR ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

21:42:36.0156 3576 C:\WINDOWS\system32\drivers\SCDEmu.sys - copied to quarantine

21:42:36.0156 3576 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

Link to post
Share on other sites

After running the unhide tool you may still be missing most of your start menu shortcuts… They can be found in a folder named smtmp inside:

(XP)- C:\Documents and Settings\Username\Local Settings\Temp

(W7)- C:\Users\Username\AppData\Local\Temp

Example:

%Temp%\smtmp\1 "%AllUsersProfile%\Start Menu"

%Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch"

%Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar"

%Temp%\smtmp\4 "%AllUsersProfile%\Desktop

Also look in C:\windows\Temp

These will be there unless you have removed temp files / folders

There might be three numbered folders inside C:\Documents and Settings\Your User Name\Local Settings\Temp\smtmp folder. The folders will be numbered 1, 2 and 4.

Inside the 1 folder is a folder named “Programs.” This folder should be copied / pasted to (using XP) to C:\Documents and Settings\All Users\Start Menu, which will already have a folder named Programs but it is safe to overwrite it since Windows will replace the subfolders without creating duplicates.

Inside the 2 folder are the quick launch items specific for the user. Select ALL of these shortcuts and copy / paste to (using XP) C:\Documents and Settings\Your User Name\Application Data\Microsoft\Internet Explorer\Quick Launch.

Inside the 4 folder are the desktop items that should be copied to C:\Documents and Settings\All Users\Desktop.

Also have a look here.

http://www.coolnerds.com/XP/StartMenu/xpStartMenu.htm

Let me know if everything was there and how it's running now.

Link to post
Share on other sites

Hi Larry,

While I was away, my folks reformatted C drive alone, and reinstalled the OS. Also installed the latest version of antivirus and hence system's clean now! :) My comp's back to normal! Thank you SO much for taking the time and helping me out!!! Really appreciate the work you guys are doing out here!

You may close this thread :)

Danke,

Swapna

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.