Jump to content

ping redirects in google


mbsusa

Recommended Posts

After reading about similar problems from the forum, I ran TDSSKILLER as instructed, then OTL, then ran ComboFix and it found a Rootkit.zero virus, was able to remove it. Then reran MBAB it it came up clean. Here are the logs, please see if there is anything else I need to do to make sure I am free of malware now. The computer was redirecting me to other websites and kept trying to contact other servers in Germany and Europe. Haven't seen anymore attempts at redirecting yet nor trying to contact the other servers.

10:40:15.0875 4656 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

10:40:17.0890 4656 ============================================================

10:40:17.0890 4656 Current date / time: 2011/12/07 10:40:17.0890

10:40:17.0890 4656 SystemInfo:

10:40:17.0890 4656

10:40:17.0890 4656 OS Version: 5.1.2600 ServicePack: 3.0

10:40:17.0890 4656 Product type: Workstation

10:40:17.0890 4656 ComputerName: OFFICE

10:40:17.0890 4656 UserName: Siena

10:40:17.0890 4656 Windows directory: C:\WINDOWS

10:40:17.0890 4656 System windows directory: C:\WINDOWS

10:40:17.0890 4656 Processor architecture: Intel x86

10:40:17.0890 4656 Number of processors: 1

10:40:17.0890 4656 Page size: 0x1000

10:40:17.0890 4656 Boot type: Normal boot

10:40:17.0890 4656 ============================================================

10:40:19.0296 4656 Initialize success

10:40:43.0875 4228 ============================================================

10:40:43.0875 4228 Scan started

10:40:43.0875 4228 Mode: Manual; SigCheck; TDLFS;

10:40:43.0875 4228 ============================================================

10:40:45.0437 4228 a320raid (ce91060555920221df0ad2b4e16ffd3e) C:\WINDOWS\system32\drivers\a320raid.sys

10:40:46.0796 4228 a320raid - ok

10:40:46.0890 4228 aarich (cbc2f80f0c6da201886b0fb61901c241) C:\WINDOWS\system32\DRIVERS\aarich.sys

10:40:46.0968 4228 aarich - ok

10:40:47.0000 4228 Abiosdsk - ok

10:40:47.0031 4228 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

10:40:47.0734 4228 abp480n5 - ok

10:40:47.0796 4228 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:40:48.0015 4228 ACPI - ok

10:40:48.0078 4228 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

10:40:48.0218 4228 ACPIEC - ok

10:40:48.0296 4228 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

10:40:48.0437 4228 adpu160m - ok

10:40:48.0609 4228 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys

10:40:48.0640 4228 aeaudio - ok

10:40:48.0687 4228 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:40:48.0843 4228 aec - ok

10:40:48.0890 4228 AFAmgt (709043d03a10e4b91e17488b5c2f9b15) C:\WINDOWS\system32\drivers\AFAmgt.sys

10:40:48.0984 4228 AFAmgt ( UnsignedFile.Multi.Generic ) - warning

10:40:48.0984 4228 AFAmgt - detected UnsignedFile.Multi.Generic (1)

10:40:49.0031 4228 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

10:40:49.0078 4228 AFD - ok

10:40:49.0156 4228 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

10:40:49.0296 4228 agp440 - ok

10:40:49.0359 4228 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

10:40:49.0500 4228 agpCPQ - ok

10:40:49.0593 4228 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

10:40:49.0656 4228 Aha154x - ok

10:40:49.0734 4228 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

10:40:49.0890 4228 aic78u2 - ok

10:40:49.0937 4228 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

10:40:50.0078 4228 aic78xx - ok

10:40:50.0140 4228 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

10:40:50.0281 4228 AliIde - ok

10:40:50.0328 4228 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

10:40:50.0484 4228 alim1541 - ok

10:40:50.0531 4228 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

10:40:50.0687 4228 amdagp - ok

10:40:50.0750 4228 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

10:40:50.0828 4228 amsint - ok

10:40:50.0859 4228 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

10:40:51.0015 4228 Arp1394 - ok

10:40:51.0046 4228 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

10:40:51.0187 4228 asc - ok

10:40:51.0218 4228 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

10:40:51.0296 4228 asc3350p - ok

10:40:51.0328 4228 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

10:40:51.0484 4228 asc3550 - ok

10:40:51.0531 4228 AsfAlrt (e301dd2b6cced65e0537ceaee8f954b6) C:\WINDOWS\system32\drivers\AsfAlrt.sys

10:40:51.0546 4228 AsfAlrt ( UnsignedFile.Multi.Generic ) - warning

10:40:51.0546 4228 AsfAlrt - detected UnsignedFile.Multi.Generic (1)

10:40:51.0625 4228 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:40:51.0765 4228 AsyncMac - ok

10:40:51.0812 4228 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:40:51.0968 4228 atapi - ok

10:40:52.0000 4228 Atdisk - ok

10:40:52.0031 4228 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:40:52.0187 4228 Atmarpc - ok

10:40:52.0234 4228 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:40:52.0375 4228 audstub - ok

10:40:52.0437 4228 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:40:52.0593 4228 Beep - ok

10:40:52.0687 4228 bvrp_pci (c945dc4eee3f624dfd07788ea7f0db0a) C:\WINDOWS\system32\drivers\bvrp_pci.sys

10:40:52.0781 4228 bvrp_pci ( UnsignedFile.Multi.Generic ) - warning

10:40:52.0781 4228 bvrp_pci - detected UnsignedFile.Multi.Generic (1)

10:40:52.0843 4228 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

10:40:53.0000 4228 cbidf - ok

10:40:53.0031 4228 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:40:53.0281 4228 cbidf2k - ok

10:40:53.0343 4228 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

10:40:53.0500 4228 CCDECODE - ok

10:40:53.0562 4228 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

10:40:53.0640 4228 cd20xrnt - ok

10:40:53.0703 4228 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:40:53.0843 4228 Cdaudio - ok

10:40:53.0906 4228 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:40:54.0062 4228 Cdfs - ok

10:40:54.0140 4228 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:40:54.0281 4228 Cdrom - ok

10:40:54.0328 4228 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys

10:40:54.0375 4228 cfwids - ok

10:40:54.0406 4228 Changer - ok

10:40:54.0453 4228 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

10:40:54.0625 4228 CmdIde - ok

10:40:54.0687 4228 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

10:40:54.0828 4228 Cpqarray - ok

10:40:54.0921 4228 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

10:40:55.0078 4228 dac2w2k - ok

10:40:55.0109 4228 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

10:40:55.0250 4228 dac960nt - ok

10:40:55.0296 4228 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:40:55.0453 4228 Disk - ok

10:40:55.0546 4228 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

10:40:55.0734 4228 dmboot - ok

10:40:55.0812 4228 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

10:40:55.0953 4228 dmio - ok

10:40:55.0984 4228 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:40:56.0140 4228 dmload - ok

10:40:56.0171 4228 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:40:56.0328 4228 DMusic - ok

10:40:56.0390 4228 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

10:40:56.0531 4228 dpti2o - ok

10:40:56.0609 4228 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:40:56.0765 4228 drmkaud - ok

10:40:56.0828 4228 E1000 (bb98a47faf8b6a99202290c1e7d49d36) C:\WINDOWS\system32\DRIVERS\e1000325.sys

10:40:56.0859 4228 E1000 - ok

10:40:56.0906 4228 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

10:40:57.0062 4228 E100B - ok

10:40:57.0125 4228 Eplpdx02 (f9472131367d39435d750f5fa3d23582) C:\WINDOWS\system32\Drivers\EPLPDX02.SYS

10:40:57.0140 4228 Eplpdx02 ( UnsignedFile.Multi.Generic ) - warning

10:40:57.0140 4228 Eplpdx02 - detected UnsignedFile.Multi.Generic (1)

10:40:57.0218 4228 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:40:57.0375 4228 Fastfat - ok

10:40:57.0437 4228 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

10:40:57.0578 4228 Fdc - ok

10:40:57.0625 4228 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

10:40:57.0796 4228 Fips - ok

10:40:57.0828 4228 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

10:40:57.0984 4228 Flpydisk - ok

10:40:58.0031 4228 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

10:40:58.0203 4228 FltMgr - ok

10:40:58.0265 4228 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:40:58.0421 4228 Fs_Rec - ok

10:40:58.0484 4228 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:40:58.0640 4228 Ftdisk - ok

10:40:58.0687 4228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

10:40:58.0718 4228 GEARAspiWDM - ok

10:40:58.0765 4228 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys

10:40:58.0781 4228 giveio ( UnsignedFile.Multi.Generic ) - warning

10:40:58.0781 4228 giveio - detected UnsignedFile.Multi.Generic (1)

10:40:58.0828 4228 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:40:59.0000 4228 Gpc - ok

10:40:59.0062 4228 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:40:59.0296 4228 HidUsb - ok

10:40:59.0375 4228 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

10:40:59.0531 4228 hpn - ok

10:40:59.0609 4228 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

10:40:59.0656 4228 HSFHWBS2 - ok

10:40:59.0750 4228 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

10:40:59.0828 4228 HSF_DP - ok

10:40:59.0906 4228 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:40:59.0968 4228 HTTP - ok

10:41:00.0015 4228 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

10:41:00.0234 4228 i2omgmt - ok

10:41:00.0281 4228 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

10:41:00.0437 4228 i2omp - ok

10:41:00.0531 4228 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

10:41:00.0703 4228 i8042prt - ok

10:41:00.0734 4228 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:41:00.0890 4228 Imapi - ok

10:41:00.0937 4228 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

10:41:01.0093 4228 ini910u - ok

10:41:01.0140 4228 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

10:41:01.0312 4228 IntelIde - ok

10:41:01.0375 4228 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:41:01.0531 4228 intelppm - ok

10:41:01.0578 4228 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

10:41:01.0734 4228 Ip6Fw - ok

10:41:01.0781 4228 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:41:01.0921 4228 IpFilterDriver - ok

10:41:01.0968 4228 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:41:02.0109 4228 IpInIp - ok

10:41:02.0171 4228 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:41:02.0328 4228 IpNat - ok

10:41:02.0390 4228 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:41:02.0531 4228 IPSec - ok

10:41:02.0593 4228 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:41:02.0687 4228 IRENUM - ok

10:41:02.0718 4228 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:41:02.0875 4228 isapnp - ok

10:41:02.0968 4228 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:41:03.0125 4228 Kbdclass - ok

10:41:03.0203 4228 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

10:41:03.0359 4228 kbdhid - ok

10:41:03.0406 4228 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:41:03.0562 4228 kmixer - ok

10:41:03.0609 4228 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:41:03.0687 4228 KSecDD - ok

10:41:03.0750 4228 lbrtfdc - ok

10:41:03.0812 4228 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

10:41:03.0828 4228 MBAMProtector - ok

10:41:03.0906 4228 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

10:41:03.0921 4228 mdmxsdk - ok

10:41:03.0968 4228 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys

10:41:03.0984 4228 mfeapfk - ok

10:41:04.0031 4228 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys

10:41:04.0046 4228 mfeavfk - ok

10:41:04.0078 4228 mfeavfk01 - ok

10:41:04.0125 4228 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys

10:41:04.0140 4228 mfebopk - ok

10:41:04.0203 4228 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys

10:41:04.0234 4228 mfefirek - ok

10:41:04.0281 4228 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys

10:41:04.0312 4228 mfehidk - ok

10:41:04.0359 4228 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

10:41:04.0359 4228 mfendisk - ok

10:41:04.0375 4228 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

10:41:04.0390 4228 mfendiskmp - ok

10:41:04.0421 4228 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys

10:41:04.0437 4228 mferkdet - ok

10:41:04.0546 4228 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys

10:41:04.0562 4228 mfetdi2k - ok

10:41:04.0625 4228 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:41:04.0765 4228 mnmdd - ok

10:41:04.0843 4228 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

10:41:05.0000 4228 Modem - ok

10:41:05.0046 4228 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

10:41:05.0187 4228 MODEMCSA - ok

10:41:05.0343 4228 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:41:05.0515 4228 Mouclass - ok

10:41:05.0593 4228 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:41:05.0734 4228 mouhid - ok

10:41:05.0781 4228 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:41:05.0953 4228 MountMgr - ok

10:41:06.0046 4228 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

10:41:06.0187 4228 mraid35x - ok

10:41:06.0234 4228 MREMP50 - ok

10:41:06.0234 4228 MREMP50a64 - ok

10:41:06.0250 4228 MREMPR5 - ok

10:41:06.0250 4228 MRENDIS5 - ok

10:41:06.0265 4228 MRESP50 - ok

10:41:06.0265 4228 MRESP50a64 - ok

10:41:06.0343 4228 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:41:06.0500 4228 MRxDAV - ok

10:41:06.0562 4228 MRxSmb (2a922bf746dcd2cf509233425b4874e0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:41:06.0578 4228 MRxSmb ( Rootkit.Win32.ZAccess.k ) - infected

10:41:06.0578 4228 MRxSmb - detected Rootkit.Win32.ZAccess.k (0)

10:41:06.0625 4228 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:41:06.0781 4228 Msfs - ok

10:41:06.0812 4228 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:41:06.0968 4228 MSKSSRV - ok

10:41:07.0015 4228 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:41:07.0171 4228 MSPCLOCK - ok

10:41:07.0265 4228 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:41:07.0406 4228 MSPQM - ok

10:41:07.0500 4228 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:41:07.0671 4228 mssmbios - ok

10:41:07.0750 4228 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

10:41:07.0906 4228 MSTEE - ok

10:41:08.0000 4228 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

10:41:08.0046 4228 Mup - ok

10:41:08.0093 4228 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\WINDOWS\system32\DRIVERS\mxopswd.sys

10:41:08.0125 4228 MXOPSWD - ok

10:41:08.0234 4228 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

10:41:08.0390 4228 NABTSFEC - ok

10:41:08.0421 4228 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:41:08.0578 4228 NDIS - ok

10:41:08.0656 4228 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

10:41:08.0812 4228 NdisIP - ok

10:41:08.0890 4228 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:41:08.0937 4228 NdisTapi - ok

10:41:08.0984 4228 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:41:09.0125 4228 Ndisuio - ok

10:41:09.0156 4228 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:41:09.0312 4228 NdisWan - ok

10:41:09.0359 4228 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

10:41:09.0390 4228 NDProxy - ok

10:41:09.0453 4228 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:41:09.0640 4228 NetBIOS - ok

10:41:09.0718 4228 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:41:09.0875 4228 NetBT - ok

10:41:09.0984 4228 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

10:41:10.0140 4228 NIC1394 - ok

10:41:10.0187 4228 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys

10:41:10.0203 4228 NPF - ok

10:41:10.0265 4228 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:41:10.0421 4228 Npfs - ok

10:41:10.0453 4228 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:41:10.0734 4228 Ntfs - ok

10:41:10.0812 4228 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:41:10.0953 4228 Null - ok

10:41:11.0062 4228 nv (074922194144c3b48c65c3392da42209) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

10:41:11.0203 4228 nv - ok

10:41:11.0437 4228 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:41:11.0609 4228 NwlnkFlt - ok

10:41:11.0687 4228 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:41:11.0843 4228 NwlnkFwd - ok

10:41:11.0921 4228 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

10:41:12.0062 4228 ohci1394 - ok

10:41:12.0109 4228 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS

10:41:12.0109 4228 OMCI ( UnsignedFile.Multi.Generic ) - warning

10:41:12.0109 4228 OMCI - detected UnsignedFile.Multi.Generic (1)

10:41:12.0156 4228 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

10:41:12.0296 4228 Parport - ok

10:41:12.0343 4228 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:41:12.0500 4228 PartMgr - ok

10:41:12.0578 4228 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

10:41:12.0734 4228 ParVdm - ok

10:41:12.0812 4228 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

10:41:12.0968 4228 PCI - ok

10:41:13.0000 4228 PCIDump - ok

10:41:13.0046 4228 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:41:13.0203 4228 PCIIde - ok

10:41:13.0265 4228 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:41:13.0437 4228 Pcmcia - ok

10:41:13.0484 4228 PDCOMP - ok

10:41:13.0515 4228 PDFRAME - ok

10:41:13.0531 4228 PDRELI - ok

10:41:13.0546 4228 PDRFRAME - ok

10:41:13.0578 4228 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

10:41:13.0734 4228 perc2 - ok

10:41:13.0781 4228 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

10:41:13.0937 4228 perc2hib - ok

10:41:13.0984 4228 Pfc (5903fa75200807ad739286bbf40c4904) C:\WINDOWS\system32\drivers\pfc.sys

10:41:14.0000 4228 Pfc ( UnsignedFile.Multi.Generic ) - warning

10:41:14.0000 4228 Pfc - detected UnsignedFile.Multi.Generic (1)

10:41:14.0062 4228 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:41:14.0218 4228 PptpMiniport - ok

10:41:14.0265 4228 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:41:14.0421 4228 PSched - ok

10:41:14.0515 4228 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:41:14.0671 4228 Ptilink - ok

10:41:14.0750 4228 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:41:14.0750 4228 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

10:41:14.0750 4228 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

10:41:14.0796 4228 qic157 (23168ba9e0b079461b9f2a6cfe57a84c) C:\WINDOWS\system32\DRIVERS\qic157.sys

10:41:14.0937 4228 qic157 - ok

10:41:15.0015 4228 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

10:41:15.0156 4228 ql1080 - ok

10:41:15.0187 4228 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

10:41:15.0343 4228 Ql10wnt - ok

10:41:15.0375 4228 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

10:41:15.0531 4228 ql12160 - ok

10:41:15.0656 4228 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

10:41:16.0250 4228 ql1240 - ok

10:41:16.0468 4228 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

10:41:16.0687 4228 ql1280 - ok

10:41:16.0765 4228 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:41:16.0890 4228 RasAcd - ok

10:41:16.0953 4228 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:41:17.0109 4228 Rasl2tp - ok

10:41:17.0140 4228 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:41:17.0281 4228 RasPppoe - ok

10:41:17.0328 4228 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:41:17.0468 4228 Raspti - ok

10:41:17.0546 4228 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:41:17.0703 4228 Rdbss - ok

10:41:17.0781 4228 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:41:17.0921 4228 RDPCDD - ok

10:41:18.0031 4228 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:41:18.0171 4228 rdpdr - ok

10:41:18.0265 4228 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

10:41:18.0312 4228 RDPWD - ok

10:41:18.0375 4228 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:41:18.0531 4228 redbook - ok

10:41:18.0625 4228 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys

10:41:18.0765 4228 sbp2port - ok

10:41:18.0828 4228 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:41:18.0906 4228 Secdrv - ok

10:41:18.0953 4228 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

10:41:19.0109 4228 serenum - ok

10:41:19.0140 4228 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

10:41:19.0281 4228 Serial - ok

10:41:19.0312 4228 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:41:19.0468 4228 Sfloppy - ok

10:41:19.0593 4228 Simbad - ok

10:41:19.0640 4228 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

10:41:19.0796 4228 sisagp - ok

10:41:19.0875 4228 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

10:41:20.0015 4228 SLIP - ok

10:41:20.0078 4228 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys

10:41:20.0140 4228 smwdm - ok

10:41:20.0187 4228 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

10:41:20.0265 4228 Sparrow - ok

10:41:20.0343 4228 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:41:20.0484 4228 splitter - ok

10:41:20.0546 4228 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

10:41:20.0625 4228 sr - ok

10:41:20.0671 4228 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

10:41:20.0734 4228 Srv - ok

10:41:20.0812 4228 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

10:41:20.0968 4228 streamip - ok

10:41:21.0015 4228 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:41:21.0156 4228 swenum - ok

10:41:21.0203 4228 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:41:21.0375 4228 swmidi - ok

10:41:21.0437 4228 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

10:41:21.0562 4228 symc810 - ok

10:41:21.0640 4228 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

10:41:21.0796 4228 symc8xx - ok

10:41:21.0828 4228 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

10:41:21.0968 4228 sym_hi - ok

10:41:22.0000 4228 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

10:41:22.0156 4228 sym_u3 - ok

10:41:22.0203 4228 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:41:22.0375 4228 sysaudio - ok

10:41:22.0437 4228 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:41:22.0531 4228 Tcpip - ok

10:41:22.0609 4228 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:41:22.0765 4228 TDPIPE - ok

10:41:22.0828 4228 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:41:23.0000 4228 TDTCP - ok

10:41:23.0046 4228 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:41:23.0187 4228 TermDD - ok

10:41:23.0281 4228 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

10:41:23.0625 4228 TosIde - ok

10:41:23.0703 4228 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:41:23.0859 4228 Udfs - ok

10:41:23.0906 4228 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

10:41:23.0984 4228 ultra - ok

10:41:24.0046 4228 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:41:24.0218 4228 Update - ok

10:41:24.0312 4228 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

10:41:24.0453 4228 usbaudio - ok

10:41:24.0578 4228 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:41:24.0718 4228 usbccgp - ok

10:41:24.0781 4228 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:41:24.0937 4228 usbehci - ok

10:41:25.0015 4228 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:41:25.0156 4228 usbhub - ok

10:41:25.0203 4228 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:41:25.0375 4228 usbprint - ok

10:41:25.0421 4228 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:41:25.0562 4228 usbscan - ok

10:41:25.0640 4228 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:41:25.0781 4228 USBSTOR - ok

10:41:25.0859 4228 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:41:26.0000 4228 usbuhci - ok

10:41:26.0046 4228 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

10:41:26.0187 4228 usbvideo - ok

10:41:26.0296 4228 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:41:26.0437 4228 VgaSave - ok

10:41:26.0500 4228 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

10:41:26.0671 4228 viaagp - ok

10:41:26.0750 4228 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

10:41:26.0890 4228 ViaIde - ok

10:41:26.0968 4228 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

10:41:27.0125 4228 VolSnap - ok

10:41:27.0187 4228 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:41:27.0312 4228 Wanarp - ok

10:41:27.0343 4228 WDICA - ok

10:41:27.0375 4228 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:41:27.0515 4228 wdmaud - ok

10:41:27.0609 4228 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

10:41:27.0687 4228 winachsf - ok

10:41:27.0796 4228 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

10:41:27.0968 4228 WSTCODEC - ok

10:41:28.0015 4228 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:41:28.0078 4228 WudfPf - ok

10:41:28.0109 4228 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:41:28.0140 4228 WudfRd - ok

10:41:28.0187 4228 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

10:41:28.0765 4228 \Device\Harddisk0\DR0 - ok

10:41:28.0781 4228 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk1\DR3

10:41:29.0640 4228 \Device\Harddisk1\DR3 - ok

10:41:29.0656 4228 Boot (0x1200) (e9dbed433d2ef540d8ff3567d4ee5df1) \Device\Harddisk0\DR0\Partition0

10:41:29.0656 4228 \Device\Harddisk0\DR0\Partition0 - ok

10:41:29.0671 4228 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk1\DR3\Partition0

10:41:29.0671 4228 \Device\Harddisk1\DR3\Partition0 - ok

10:41:29.0687 4228 ============================================================

10:41:29.0687 4228 Scan finished

10:41:29.0687 4228 ============================================================

10:41:29.0796 5512 Detected object count: 9

10:41:29.0796 5512 Actual detected object count: 9

10:42:20.0468 5512 AFAmgt ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:20.0468 5512 AFAmgt ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:20.0468 5512 AsfAlrt ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:20.0468 5512 AsfAlrt ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:20.0468 5512 bvrp_pci ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:20.0468 5512 bvrp_pci ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:20.0468 5512 Eplpdx02 ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:20.0468 5512 Eplpdx02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:20.0468 5512 giveio ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:20.0468 5512 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:20.0593 5512 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\mrxsmb.sys) error 1813

10:42:20.0859 5512 Backup copy found, using it..

10:42:20.0921 5512 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured on reboot

10:42:23.0875 5512 MRxSmb ( Rootkit.Win32.ZAccess.k ) - User select action: Cure

10:42:23.0875 5512 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:23.0875 5512 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:23.0875 5512 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:23.0875 5512 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:42:23.0875 5512 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

10:42:23.0875 5512 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:53:09.0875 3952 Deinitialize success

ComboFix 11-12-06.02 - Siena 12/07/2011 11:30:42.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2469 [GMT -6:00]

Running from: c:\documents and settings\Siena\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Siena\g2mdlhlpx.exe

c:\documents and settings\Siena\Recent\Thumbs.db

c:\documents and settings\Siena\WINDOWS

c:\windows\$NtUninstallKB24613$

c:\windows\$NtUninstallKB24613$\3200103419

c:\windows\$NtUninstallKB24613$\860312418\@

c:\windows\$NtUninstallKB24613$\860312418\bckfg.tmp

c:\windows\$NtUninstallKB24613$\860312418\cfg.ini

c:\windows\$NtUninstallKB24613$\860312418\Desktop.ini

c:\windows\$NtUninstallKB24613$\860312418\keywords

c:\windows\$NtUninstallKB24613$\860312418\kwrd.dll

c:\windows\$NtUninstallKB24613$\860312418\L\iahonoel

c:\windows\$NtUninstallKB24613$\860312418\lsflt7.ver

c:\windows\$NtUninstallKB24613$\860312418\U\00000001.@

c:\windows\$NtUninstallKB24613$\860312418\U\00000002.@

c:\windows\$NtUninstallKB24613$\860312418\U\00000004.@

c:\windows\$NtUninstallKB24613$\860312418\U\80000000.@

c:\windows\$NtUninstallKB24613$\860312418\U\80000004.@

c:\windows\$NtUninstallKB24613$\860312418\U\80000032.@

c:\windows\CSC\d6

c:\windows\dasetup.log

c:\windows\system32\download

c:\windows\system32\drivers\npf.sys

c:\windows\system32\gotomon.log

c:\windows\system32\logs

c:\windows\system32\mirc.ini

c:\windows\system32\Packet.dll

c:\windows\system32\sounds

c:\windows\system32\wpcap.dll

E:\autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_NPF

-------\Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2011-11-07 to 2011-12-07 )))))))))))))))))))))))))))))))

.

.

2011-12-02 23:21 . 2011-12-02 23:21 -------- d-----w- c:\documents and settings\Siena\Application Data\Malwarebytes

2011-12-02 23:21 . 2011-12-02 23:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-12-02 23:21 . 2011-12-02 23:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-02 23:21 . 2011-08-31 23:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-01 03:37 . 2011-12-01 03:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2011-11-30 21:40 . 2011-11-30 21:40 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2011-11-30 20:45 . 2011-11-30 20:45 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll

2011-11-30 20:44 . 2011-11-30 20:44 -------- d-----w- c:\program files\Common Files\xing shared

2011-11-30 20:44 . 2011-11-30 20:44 150696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll

2011-11-30 20:43 . 2011-11-30 20:43 108544 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll

2011-11-29 20:21 . 2011-11-29 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-07 16:54 . 2004-08-04 11:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-12-02 19:48 . 2005-01-28 08:04 90112 ----a-w- c:\windows\DUMP6409.tmp

2011-11-30 20:43 . 2004-09-02 00:50 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-10-28 20:56 . 2011-05-23 20:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22 . 2004-08-04 11:00 692736 ------w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06 . 2004-08-04 11:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 16:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 16:41 . 2004-08-04 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 16:41 . 2004-08-04 11:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2010-08-02 15:59 . 2010-08-02 15:59 58768 -c--a-w- c:\program files\mozilla firefox\plugins\ateccli.dll

2011-02-16 16:58 . 2010-02-18 19:43 28488 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll

2011-02-16 16:58 . 2010-02-18 19:43 185240 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll

2010-08-02 15:59 . 2010-08-02 15:58 99224 -c--a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll

2011-11-09 18:49 . 2011-03-24 13:48 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-04-14 19:01 . 2011-02-21 02:02 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickenScheduledUpdates"="c:\program files\Quicken\bagent.exe" [2011-03-10 77656]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 16943496]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-05-29 3784704]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"WFXSwtch"="c:\progra~1\WinFax\WFXSWTCH.exe" [2001-09-10 27648]

"WinFaxAppPortStarter"="wfxsnt40.exe" [2001-09-10 45568]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2008-07-21 169312]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1195408]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-30 296056]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-23 217194]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{A213B520-C6C2-11d0-AF9D-008029E1027E}"= "c:\program files\WinFax\WfxSeh32.Dll" [1998-07-27 38400]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToMyPC]

2011-08-22 10:39 15216 ----a-w- c:\program files\Citrix\GoToMyPC\G2WinLogon.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\SYSTEM32\\FXSCLNT.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Citrix\\GoToMyPC\\g2svc.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

.

R0 a320raid;a320raid;c:\windows\SYSTEM32\DRIVERS\A320RAID.SYS [6/15/2004 11:06 AM 251578]

R0 aarich;aarich;c:\windows\SYSTEM32\DRIVERS\AARICH.SYS [6/15/2004 11:07 AM 241815]

R0 AFAmgt;AFAmgt;c:\windows\SYSTEM32\DRIVERS\afamgt.sys [4/21/2004 3:36 AM 92411]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\SYSTEM32\DRIVERS\mfetdi2k.sys [2/20/2011 8:02 PM 84200]

R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [2/8/2004 8:02 AM 118784]

R2 AsfAlrt;AsfAlrt;c:\windows\SYSTEM32\DRIVERS\Asfalrt.sys [12/18/2002 4:31 AM 36064]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/2/2011 5:21 PM 366152]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [1/6/2009 11:34 AM 94880]

R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/20/2011 8:02 PM 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2/20/2011 8:02 PM 271480]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [2/20/2011 8:02 PM 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\SYSTEM32\mfevtps.exe [2/20/2011 8:02 PM 141792]

R3 cfwids;McAfee Inc. cfwids;c:\windows\SYSTEM32\DRIVERS\cfwids.sys [2/20/2011 8:02 PM 56064]

R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [12/2/2011 5:21 PM 22216]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\SYSTEM32\DRIVERS\mfefirek.sys [2/20/2011 8:02 PM 314088]

R3 mfendiskmp;mfendiskmp;c:\windows\SYSTEM32\DRIVERS\mfendisk.sys [2/20/2011 8:02 PM 88736]

R3 qic157;qic157;c:\windows\SYSTEM32\DRIVERS\qic157.sys [2/9/2005 10:26 AM 6016]

S2 RAIDStorAgent;RAID Storage Manager Agent;c:\program files\Dell\RAID Storage Manager\StorServ.exe [6/16/2004 2:10 PM 49152]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\SYSTEM32\DRIVERS\mfendisk.sys [2/20/2011 8:02 PM 88736]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\SYSTEM32\DRIVERS\mferkdet.sys [2/20/2011 8:02 PM 84488]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-26 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]

.

2011-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3944035799-4136254499-3659117382-1007Core.job

- c:\documents and settings\Siena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-02 21:19]

.

2011-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3944035799-4136254499-3659117382-1007UA.job

- c:\documents and settings\Siena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-02 21:19]

.

2011-12-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3944035799-4136254499-3659117382-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]

.

2011-11-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3944035799-4136254499-3659117382-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]

.

2011-12-07 c:\windows\Tasks\User_Feed_Synchronization-{6F9B968E-C782-4F5F-AB7B-9F33CFB12C7F}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 09:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: acehardware-acenet.com

Trusted Zone: acehardware-aceonline.com

Trusted Zone: acehardware-eaglevision.com

Trusted Zone: acehardware-vendors.com

Trusted Zone: aceservices.com

Trusted Zone: internet

Trusted Zone: mcafee.com

Trusted Zone: motive.com\pattta.att

Trusted Zone: motive.com\patttbc.att

Trusted Zone: ups.com\www

Trusted Zone: acehardware-acenet.com

Trusted Zone: acehardware-aceonline.com

Trusted Zone: acehardware-eaglevision.com

Trusted Zone: acehardware-vendors.com

Trusted Zone: aceservices.com

TCP: DhcpNameServer = 192.168.0.1

DPF: AceIESecuritySettings - hxxp://apps.acehardware-vendors.com/Controls/AceIESecuritySettings.CAB

DPF: {275E2FE0-7486-11D0-89D6-00A0C90C9B67} - hxxp://apps.acehardware-vendors.com/acehardware-vendors/Controls/MCSi/McsiMenu.cab

DPF: {41F841C0-AE16-11D5-8817-0050DA6EF5E5} - hxxp://apps.acehardware-vendors.com/Acehardware-Vendors/Controls/Farpoint60/fpspr60.cab

FF - ProfilePath - c:\documents and settings\Siena\Application Data\Mozilla\Firefox\Profiles\jesag0cf.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

.

- - - - ORPHANS REMOVED - - - -

.

HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe

HKCU-Run-DW6 - (no file)

HKLM-Run-EPSON Stylus C86 Series - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE

HKLM-Run-Auto EPSON Stylus C86 Series on GWLAPTOP - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2R1.EXE

HKLM-Run-ATT-SST_McciTrayApp - c:\program files\ATT-SST\McciTrayApp.exe

HKU-Default-Run-Norton SystemWorks - c:\program files\Norton SystemWorks\cfgwiz.exe

SafeBoot-46053600.sys

AddRemove-PBS Menu - p:\psi\pbs\Uninst.isu

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-12-07 11:43

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1064)

c:\program files\Citrix\GoToMyPC\G2WinLogon.dll

.

- - - - - - - > 'explorer.exe'(3524)

c:\windows\system32\WININET.dll

c:\progra~1\mcafee\SITEAD~1\saHook.dll

c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Citrix\GoToMyPC\g2svc.exe

c:\windows\system32\wfxsnt40.exe

c:\program files\Maxtor\Sync\SyncServices.exe

c:\program files\Citrix\GoToMyPC\g2comm.exe

c:\program files\Citrix\GoToMyPC\g2pre.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\program files\Citrix\GoToMyPC\g2tray.exe

c:\windows\system32\WFXSVC.EXE

c:\program files\WinFax\WFXMOD32.EXE

c:\windows\system32\fxssvc.exe

c:\program files\Common Files\McAfee\SystemCore\mcshield.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Completion time: 2011-12-07 11:47:59 - machine was rebooted

ComboFix-quarantined-files.txt 2011-12-07 17:47

.

Pre-Run: 13,131,997,184 bytes free

Post-Run: 13,216,022,528 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 3949654DF978BF163909DF0843875A27

Link to post
Share on other sites

  • 2 weeks later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.