Jump to content

Just purchased this product, now getting PING.EXE issue


Recommended Posts

Hello,

I just purchased this because I used the trial version to solve another issue,and it worked so well that I figure I should buy it to have it protect my computer real time. But shortly after I purchased, I have been getting this PING.EXE issue that some of the other forum members have been facing. Please help and thanks in advance. I attached the two files: "Attach.txt" and "DDS.txt"

dds.txt

attach.txt

Link to post
Share on other sites

Welcome to the forum.

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

MrC

Link to post
Share on other sites

Hi MRC,

Thanks for your attention on this. Below are the requested information:

Farbar Service Scanner

Ran by Quyen (administrator) on 27-12-2011 at 11:56:33

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

System Restore Disabled Policy:

========================

File Check:

========

C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit

C:\WINDOWS\system32\netman.dll => MD5 is legit

C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

C:\WINDOWS\system32\srsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:

=======

Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)

0x0700000005000000010000000200000003000000040000000600000007000000

**** End of log ****

RogueKiller V6.2.0 [12/12/2011] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Quyen [Admin rights]

Mode: Scan -- Date : 12/27/2011 11:58:29

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] MusicManager.exe -- C:\Documents and Settings\Quyen\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 3 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Documents and Settings\Quyen\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe") -> FOUND

[sUSP PATH] HKUS\S-1-5-21-1409082233-1004336348-725345543-1003[...]\Run : MusicManager ("C:\Documents and Settings\Quyen\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe") -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

--- User ---

[MBR] 9a154a23176dc6e2810ce6bf0e8b3706

[bSP] 0865dbc3033a5b0d1557ae0b87d99f0b : MBR Code unknown

Partition table:

0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 80015 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

You're infected with the ZeroAccess/Max++ rootkit , which is a nasty rootkit and sometimes results in the loss of your internet connection and is sometimes impossible to restore.

With that warning......

Download and run antizeroaccess.exe as outlined in the link below:

http://forums.malwarebytes.org/index.php?showtopic=102754&view=findpost&p=509090

Post back the log, MrC

Link to post
Share on other sites

Thats not good. Here's the log from the antizeroaccess scan

Webroot AntiZeroAccess 0.8 Log File

Execution time: 17/12/2011 - 08:15

Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 3

08:15:23 - CheckSystem - Begin to check system...

08:15:23 - OpenRootDrive - Opening system root volume and physical drive....

08:15:26 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x0950A5C1 sectors.

08:15:26 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".

08:15:29 - InstallAndStartDriver - Main driver was installed and now is running.

08:15:29 - CheckSystem - Warning! Disk class driver is INFECTED.

08:15:57 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.

08:15:57 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!

08:15:57 - Execution Ended!

Webroot AntiZeroAccess 0.8 Log File

Execution time: 27/12/2011 - 14:32

Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 3

14:32:58 - CheckSystem - Begin to check system...

14:32:58 - OpenRootDrive - Opening system root volume and physical drive....

14:33:04 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x0950A5C1 sectors.

14:33:04 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".

14:33:06 - InstallAndStartDriver - Main driver was installed and now is running.

14:33:06 - CheckSystem - Warning! Disk class driver is INFECTED.

14:33:14 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.

14:33:14 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!

14:33:14 - Execution Ended!

Webroot AntiZeroAccess 0.8 Log File

Execution time: 27/12/2011 - 14:35

Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 3

14:35:56 - CheckSystem - Begin to check system...

14:35:56 - OpenRootDrive - Opening system root volume and physical drive....

14:35:59 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x0950A5C1 sectors.

14:36:00 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".

14:36:00 - InstallAndStartDriver - Main driver was installed and now is running.

14:36:00 - CheckSystem - Warning! Disk class driver is INFECTED.

14:36:04 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.

14:36:04 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!

14:36:04 - Execution Ended!

Link to post
Share on other sites

Here you go:

18:14:04.0250 1116 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

18:14:04.0312 1116 ============================================================

18:14:04.0312 1116 Current date / time: 2011/12/27 18:14:04.0312

18:14:04.0312 1116 SystemInfo:

18:14:04.0312 1116

18:14:04.0312 1116 OS Version: 5.1.2600 ServicePack: 3.0

18:14:04.0312 1116 Product type: Workstation

18:14:04.0312 1116 ComputerName: QUYEN-DLAPTOP

18:14:04.0312 1116 UserName: Quyen

18:14:04.0312 1116 Windows directory: C:\WINDOWS

18:14:04.0312 1116 System windows directory: C:\WINDOWS

18:14:04.0312 1116 Processor architecture: Intel x86

18:14:04.0312 1116 Number of processors: 2

18:14:04.0312 1116 Page size: 0x1000

18:14:04.0312 1116 Boot type: Safe boot

18:14:04.0312 1116 ============================================================

18:14:08.0093 1116 Initialize success

18:14:16.0109 1136 ============================================================

18:14:16.0109 1136 Scan started

18:14:16.0109 1136 Mode: Manual; SigCheck; TDLFS;

18:14:16.0109 1136 ============================================================

18:14:18.0578 1136 Abiosdsk - ok

18:14:19.0062 1136 abp480n5 - ok

18:14:19.0671 1136 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:14:31.0281 1136 ACPI - ok

18:14:31.0765 1136 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

18:14:31.0984 1136 ACPIEC - ok

18:14:32.0312 1136 adpu160m - ok

18:14:32.0765 1136 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:14:32.0968 1136 aec - ok

18:14:33.0421 1136 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

18:14:33.0593 1136 AFD - ok

18:14:34.0015 1136 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys

18:14:34.0093 1136 AFS2K - ok

18:14:34.0421 1136 Aha154x - ok

18:14:34.0765 1136 aic78u2 - ok

18:14:35.0109 1136 aic78xx - ok

18:14:35.0500 1136 AliIde - ok

18:14:35.0843 1136 amsint - ok

18:14:36.0203 1136 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

18:14:36.0250 1136 APPDRV ( UnsignedFile.Multi.Generic ) - warning

18:14:36.0250 1136 APPDRV - detected UnsignedFile.Multi.Generic (1)

18:14:36.0656 1136 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:14:36.0796 1136 Arp1394 - ok

18:14:37.0125 1136 asc - ok

18:14:37.0500 1136 asc3350p - ok

18:14:37.0843 1136 asc3550 - ok

18:14:38.0265 1136 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:14:38.0390 1136 AsyncMac - ok

18:14:38.0812 1136 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:14:38.0937 1136 atapi - ok

18:14:39.0281 1136 Atdisk - ok

18:14:39.0703 1136 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:14:39.0843 1136 Atmarpc - ok

18:14:40.0234 1136 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:14:40.0359 1136 audstub - ok

18:14:41.0046 1136 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

18:14:41.0687 1136 BCM43XX - ok

18:14:42.0093 1136 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

18:14:42.0156 1136 bcm4sbxp - ok

18:14:42.0562 1136 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:14:42.0687 1136 Beep - ok

18:14:43.0187 1136 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:14:43.0312 1136 cbidf2k - ok

18:14:43.0640 1136 cd20xrnt - ok

18:14:44.0046 1136 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:14:44.0171 1136 Cdaudio - ok

18:14:44.0546 1136 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:14:44.0718 1136 Cdfs - ok

18:14:45.0093 1136 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:14:45.0250 1136 Cdrom - ok

18:14:45.0656 1136 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

18:14:45.0703 1136 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

18:14:45.0703 1136 cercsr6 - detected UnsignedFile.Multi.Generic (1)

18:14:46.0031 1136 Changer - ok

18:14:46.0437 1136 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:14:46.0546 1136 CmBatt - ok

18:14:46.0890 1136 CmdIde - ok

18:14:47.0234 1136 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:14:47.0375 1136 Compbatt - ok

18:14:47.0750 1136 Cpqarray - ok

18:14:48.0109 1136 dac2w2k - ok

18:14:48.0453 1136 dac960nt - ok

18:14:48.0843 1136 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:14:49.0000 1136 Disk - ok

18:14:49.0765 1136 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

18:14:50.0531 1136 dmboot - ok

18:14:50.0953 1136 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

18:14:51.0156 1136 dmio - ok

18:14:51.0515 1136 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:14:51.0640 1136 dmload - ok

18:14:52.0046 1136 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:14:52.0203 1136 DMusic - ok

18:14:52.0609 1136 dpti2o - ok

18:14:52.0968 1136 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:14:53.0078 1136 drmkaud - ok

18:14:53.0562 1136 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:14:53.0765 1136 Fastfat - ok

18:14:54.0140 1136 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

18:14:54.0265 1136 Fdc - ok

18:14:54.0640 1136 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

18:14:54.0796 1136 Fips - ok

18:14:55.0156 1136 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

18:14:55.0296 1136 Flpydisk - ok

18:14:55.0718 1136 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

18:14:55.0937 1136 FltMgr - ok

18:14:56.0281 1136 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:14:56.0406 1136 Fs_Rec - ok

18:14:56.0843 1136 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:14:57.0031 1136 Ftdisk - ok

18:14:57.0421 1136 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:14:57.0421 1136 GEARAspiWDM - ok

18:14:57.0828 1136 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:14:57.0968 1136 Gpc - ok

18:14:58.0546 1136 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:14:58.0687 1136 HDAudBus - ok

18:14:59.0093 1136 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:14:59.0203 1136 HidUsb - ok

18:14:59.0562 1136 hpn - ok

18:15:00.0421 1136 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

18:15:01.0406 1136 HSF_DPV - ok

18:15:01.0859 1136 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

18:15:01.0968 1136 HSXHWAZL - ok

18:15:02.0468 1136 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:15:02.0687 1136 HTTP - ok

18:15:03.0046 1136 i2omgmt - ok

18:15:03.0390 1136 i2omp - ok

18:15:03.0812 1136 i8042prt (a82d9da434eb5aa9cfbe6d7d8aafe8dd) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:15:03.0812 1136 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\i8042prt.sys. Real md5: a82d9da434eb5aa9cfbe6d7d8aafe8dd, Fake md5: 4a0b06aa8943c1e332520f7440c0aa30

18:15:03.0812 1136 i8042prt ( Rootkit.Win32.ZAccess.aml ) - infected

18:15:03.0812 1136 i8042prt - detected Rootkit.Win32.ZAccess.aml (0)

18:15:07.0015 1136 ialm (e8c7cc369c2fb657e0792af70df529e6) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

18:15:12.0750 1136 ialm - ok

18:15:13.0187 1136 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:15:13.0328 1136 Imapi - ok

18:15:13.0734 1136 ini910u - ok

18:15:14.0093 1136 IntelIde - ok

18:15:14.0468 1136 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:15:14.0593 1136 intelppm - ok

18:15:14.0968 1136 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

18:15:15.0125 1136 Ip6Fw - ok

18:15:15.0484 1136 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:15:15.0656 1136 IpFilterDriver - ok

18:15:16.0000 1136 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:15:16.0125 1136 IpInIp - ok

18:15:16.0578 1136 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:15:16.0781 1136 IpNat - ok

18:15:17.0203 1136 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:15:17.0359 1136 IPSec - ok

18:15:17.0718 1136 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:15:17.0843 1136 IRENUM - ok

18:15:18.0250 1136 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:15:18.0375 1136 isapnp - ok

18:15:18.0828 1136 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:15:18.0968 1136 Kbdclass - ok

18:15:19.0421 1136 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:15:19.0609 1136 kmixer - ok

18:15:20.0015 1136 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:15:20.0156 1136 KSecDD - ok

18:15:20.0515 1136 lbrtfdc - ok

18:15:20.0984 1136 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

18:15:21.0031 1136 MBAMProtector - ok

18:15:21.0406 1136 MBAMSwissArmy - ok

18:15:21.0843 1136 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:15:21.0875 1136 mdmxsdk - ok

18:15:22.0265 1136 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

18:15:22.0296 1136 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

18:15:22.0296 1136 MHNDRV - detected UnsignedFile.Multi.Generic (1)

18:15:22.0703 1136 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:15:22.0828 1136 mnmdd - ok

18:15:23.0234 1136 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

18:15:23.0375 1136 Modem - ok

18:15:23.0796 1136 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:15:23.0937 1136 Mouclass - ok

18:15:24.0312 1136 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:15:24.0453 1136 mouhid - ok

18:15:24.0843 1136 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:15:25.0000 1136 MountMgr - ok

18:15:25.0140 1136 MpKsl04f013f0 - ok

18:15:25.0203 1136 MpKsl09b8f1e4 - ok

18:15:25.0250 1136 MpKsl45a8d6cb - ok

18:15:25.0296 1136 MpKsl49fc1aed - ok

18:15:25.0343 1136 MpKsl51453375 - ok

18:15:25.0390 1136 MpKsl7992b5a0 - ok

18:15:25.0453 1136 MpKslae42c684 - ok

18:15:25.0500 1136 MpKslbada0c62 - ok

18:15:25.0546 1136 MpKslbbf1b174 - ok

18:15:25.0593 1136 MpKsld4891ce2 - ok

18:15:25.0640 1136 MpKslf0b23015 - ok

18:15:25.0984 1136 mraid35x - ok

18:15:26.0421 1136 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:15:26.0640 1136 MRxDAV - ok

18:15:26.0968 1136 MRxSmb - ok

18:15:27.0390 1136 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:15:27.0531 1136 Msfs - ok

18:15:27.0906 1136 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:15:28.0046 1136 MSKSSRV - ok

18:15:28.0390 1136 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:15:28.0531 1136 MSPCLOCK - ok

18:15:28.0875 1136 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:15:29.0015 1136 MSPQM - ok

18:15:29.0406 1136 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:15:29.0515 1136 mssmbios - ok

18:15:29.0937 1136 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:15:30.0078 1136 Mup - ok

18:15:30.0515 1136 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:15:30.0734 1136 NDIS - ok

18:15:31.0109 1136 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:15:31.0171 1136 NdisTapi - ok

18:15:31.0562 1136 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:15:31.0703 1136 Ndisuio - ok

18:15:32.0078 1136 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:15:32.0250 1136 NdisWan - ok

18:15:32.0625 1136 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:15:32.0703 1136 NDProxy - ok

18:15:33.0062 1136 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:15:33.0218 1136 NetBIOS - ok

18:15:33.0687 1136 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:15:33.0890 1136 NetBT - ok

18:15:34.0312 1136 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:15:34.0484 1136 NIC1394 - ok

18:15:34.0843 1136 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:15:34.0968 1136 Npfs - ok

18:15:35.0625 1136 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:15:36.0171 1136 Ntfs - ok

18:15:36.0562 1136 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:15:36.0687 1136 Null - ok

18:15:37.0062 1136 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:15:37.0218 1136 NwlnkFlt - ok

18:15:37.0578 1136 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:15:37.0734 1136 NwlnkFwd - ok

18:15:38.0140 1136 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:15:38.0281 1136 ohci1394 - ok

18:15:38.0640 1136 OMCI - ok

18:15:39.0109 1136 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

18:15:39.0265 1136 Parport - ok

18:15:39.0625 1136 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:15:39.0750 1136 PartMgr - ok

18:15:40.0125 1136 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

18:15:40.0250 1136 ParVdm - ok

18:15:40.0625 1136 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

18:15:40.0781 1136 PCI - ok

18:15:41.0109 1136 PCIDump - ok

18:15:41.0500 1136 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:15:41.0656 1136 PCIIde - ok

18:15:42.0109 1136 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

18:15:42.0296 1136 Pcmcia - ok

18:15:42.0640 1136 PDCOMP - ok

18:15:42.0968 1136 PDFRAME - ok

18:15:43.0328 1136 PDRELI - ok

18:15:43.0687 1136 PDRFRAME - ok

18:15:44.0031 1136 perc2 - ok

18:15:44.0375 1136 perc2hib - ok

18:15:44.0843 1136 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:15:44.0984 1136 PptpMiniport - ok

18:15:45.0375 1136 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:15:45.0515 1136 PSched - ok

18:15:45.0859 1136 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:15:46.0015 1136 Ptilink - ok

18:15:46.0406 1136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:15:46.0437 1136 PxHelp20 - ok

18:15:46.0781 1136 ql1080 - ok

18:15:47.0125 1136 Ql10wnt - ok

18:15:47.0484 1136 ql12160 - ok

18:15:47.0812 1136 ql1240 - ok

18:15:48.0156 1136 ql1280 - ok

18:15:48.0531 1136 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:15:48.0671 1136 RasAcd - ok

18:15:49.0046 1136 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:15:49.0203 1136 Rasl2tp - ok

18:15:49.0593 1136 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:15:49.0734 1136 RasPppoe - ok

18:15:50.0093 1136 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:15:50.0234 1136 Raspti - ok

18:15:50.0671 1136 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:15:50.0859 1136 Rdbss - ok

18:15:51.0218 1136 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:15:51.0343 1136 RDPCDD - ok

18:15:51.0812 1136 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:15:52.0031 1136 rdpdr - ok

18:15:52.0500 1136 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:15:52.0640 1136 RDPWD - ok

18:15:53.0031 1136 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:15:53.0171 1136 redbook - ok

18:15:53.0578 1136 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

18:15:53.0671 1136 rimmptsk - ok

18:15:54.0046 1136 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

18:15:54.0109 1136 rimsptsk - ok

18:15:54.0468 1136 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

18:15:54.0515 1136 rismxdp - ok

18:15:55.0000 1136 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:15:55.0171 1136 sdbus - ok

18:15:55.0562 1136 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:15:55.0687 1136 Secdrv - ok

18:15:56.0125 1136 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

18:15:56.0265 1136 Serial - ok

18:15:56.0656 1136 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

18:15:56.0765 1136 Sfloppy - ok

18:15:57.0125 1136 Simbad - ok

18:15:57.0484 1136 Sparrow - ok

18:15:57.0843 1136 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:15:57.0968 1136 splitter - ok

18:15:58.0390 1136 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

18:15:58.0562 1136 sr - ok

18:15:59.0125 1136 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:15:59.0515 1136 Srv - ok

18:16:00.0500 1136 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

18:16:01.0718 1136 STHDA - ok

18:16:02.0093 1136 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:16:02.0218 1136 swenum - ok

18:16:02.0656 1136 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:16:02.0812 1136 swmidi - ok

18:16:03.0171 1136 symc810 - ok

18:16:03.0515 1136 symc8xx - ok

18:16:03.0859 1136 sym_hi - ok

18:16:04.0203 1136 sym_u3 - ok

18:16:04.0734 1136 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:16:04.0921 1136 SynTP - ok

18:16:05.0328 1136 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:16:05.0500 1136 sysaudio - ok

18:16:06.0078 1136 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:16:06.0578 1136 Tcpip - ok

18:16:06.0984 1136 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:16:07.0109 1136 TDPIPE - ok

18:16:07.0484 1136 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:16:07.0625 1136 TDTCP - ok

18:16:08.0015 1136 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:16:08.0156 1136 TermDD - ok

18:16:08.0531 1136 TosIde - ok

18:16:09.0015 1136 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

18:16:09.0078 1136 TrueSight ( UnsignedFile.Multi.Generic ) - warning

18:16:09.0078 1136 TrueSight - detected UnsignedFile.Multi.Generic (1)

18:16:09.0468 1136 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:16:09.0625 1136 Udfs - ok

18:16:10.0015 1136 UIUSys - ok

18:16:10.0359 1136 ultra - ok

18:16:10.0906 1136 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:16:11.0343 1136 Update - ok

18:16:11.0828 1136 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

18:16:11.0937 1136 USBAAPL - ok

18:16:12.0296 1136 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:16:12.0437 1136 usbehci - ok

18:16:12.0859 1136 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:16:13.0015 1136 usbhub - ok

18:16:13.0421 1136 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:16:13.0562 1136 usbscan - ok

18:16:13.0968 1136 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:16:14.0109 1136 USBSTOR - ok

18:16:14.0484 1136 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:16:14.0625 1136 usbuhci - ok

18:16:14.0984 1136 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:16:15.0125 1136 VgaSave - ok

18:16:15.0468 1136 ViaIde - ok

18:16:15.0890 1136 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

18:16:16.0015 1136 VolSnap - ok

18:16:16.0453 1136 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:16:16.0593 1136 Wanarp - ok

18:16:16.0921 1136 WDICA - ok

18:16:17.0343 1136 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:16:17.0515 1136 wdmaud - ok

18:16:18.0234 1136 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

18:16:18.0859 1136 winachsf - ok

18:16:19.0343 1136 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:16:19.0453 1136 WmiAcpi - ok

18:16:19.0890 1136 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:16:20.0031 1136 WS2IFSL - ok

18:16:20.0156 1136 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

18:16:20.0531 1136 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:16:20.0531 1136 \Device\Harddisk0\DR0 - detected TDSS File System (1)

18:16:20.0578 1136 Boot (0x1200) (a89505d2d65ba871f8ae02d61f72abb4) \Device\Harddisk0\DR0\Partition0

18:16:20.0578 1136 \Device\Harddisk0\DR0\Partition0 - ok

18:16:20.0578 1136 ============================================================

18:16:20.0578 1136 Scan finished

18:16:20.0578 1136 ============================================================

18:16:20.0703 1128 Detected object count: 6

18:16:20.0703 1128 Actual detected object count: 6

18:16:39.0375 1128 C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS - copied to quarantine

18:16:39.0375 1128 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

18:16:39.0875 1128 C:\WINDOWS\system32\drivers\cercsr6.sys - copied to quarantine

18:16:39.0875 1128 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

18:16:40.0296 1128 C:\WINDOWS\system32\DRIVERS\i8042prt.sys - copied to quarantine

18:16:40.0296 1128 i8042prt ( Rootkit.Win32.ZAccess.aml ) - User select action: Quarantine

18:16:40.0859 1128 C:\WINDOWS\system32\DRIVERS\mhndrv.sys - copied to quarantine

18:16:40.0859 1128 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

18:16:41.0296 1128 c:\windows\system32\drivers\TrueSight.sys - copied to quarantine

18:16:41.0296 1128 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

18:16:41.0453 1128 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

18:16:41.0453 1128 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

18:16:41.0515 1128 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

18:16:41.0562 1128 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

18:16:41.0578 1128 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

18:16:41.0578 1128 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

18:16:41.0578 1128 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

18:16:41.0609 1128 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

18:16:41.0625 1128 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

18:16:41.0796 1128 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

18:16:42.0078 1128 \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine

18:16:42.0078 1128 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

Link to post
Share on other sites

I deleted the TDDSKiller i had on my comp an re downloaded and scanned again.

19:03:45.0243 2364 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

19:03:45.0759 2364 ============================================================

19:03:45.0759 2364 Current date / time: 2011/12/29 19:03:45.0759

19:03:45.0759 2364 SystemInfo:

19:03:45.0759 2364

19:03:45.0759 2364 OS Version: 5.1.2600 ServicePack: 3.0

19:03:45.0759 2364 Product type: Workstation

19:03:45.0759 2364 ComputerName: QUYEN-DLAPTOP

19:03:45.0759 2364 UserName: Quyen

19:03:45.0759 2364 Windows directory: C:\WINDOWS

19:03:45.0759 2364 System windows directory: C:\WINDOWS

19:03:45.0759 2364 Processor architecture: Intel x86

19:03:45.0759 2364 Number of processors: 2

19:03:45.0759 2364 Page size: 0x1000

19:03:45.0759 2364 Boot type: Normal boot

19:03:45.0759 2364 ============================================================

19:03:47.0274 2364 Initialize success

19:03:58.0884 2448 ============================================================

19:03:58.0884 2448 Scan started

19:03:58.0884 2448 Mode: Manual; SigCheck; TDLFS;

19:03:58.0884 2448 ============================================================

19:03:59.0462 2448 Abiosdsk - ok

19:03:59.0478 2448 abp480n5 - ok

19:03:59.0540 2448 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:04:01.0540 2448 ACPI - ok

19:04:01.0681 2448 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

19:04:01.0884 2448 ACPIEC - ok

19:04:01.0899 2448 adpu160m - ok

19:04:01.0931 2448 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

19:04:02.0071 2448 aec - ok

19:04:02.0118 2448 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

19:04:02.0165 2448 AFD - ok

19:04:02.0212 2448 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys

19:04:02.0274 2448 AFS2K - ok

19:04:02.0306 2448 Aha154x - ok

19:04:02.0321 2448 aic78u2 - ok

19:04:02.0337 2448 aic78xx - ok

19:04:02.0353 2448 AliIde - ok

19:04:02.0368 2448 amsint - ok

19:04:02.0415 2448 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

19:04:02.0446 2448 APPDRV ( UnsignedFile.Multi.Generic ) - warning

19:04:02.0446 2448 APPDRV - detected UnsignedFile.Multi.Generic (1)

19:04:02.0493 2448 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:04:02.0681 2448 Arp1394 - ok

19:04:02.0759 2448 asc - ok

19:04:02.0759 2448 asc3350p - ok

19:04:02.0774 2448 asc3550 - ok

19:04:02.0837 2448 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:04:03.0040 2448 AsyncMac - ok

19:04:03.0056 2448 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

19:04:03.0212 2448 atapi - ok

19:04:03.0243 2448 Atdisk - ok

19:04:03.0290 2448 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:04:03.0399 2448 Atmarpc - ok

19:04:03.0446 2448 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

19:04:03.0587 2448 audstub - ok

19:04:03.0681 2448 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

19:04:03.0759 2448 BCM43XX - ok

19:04:03.0821 2448 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

19:04:03.0868 2448 bcm4sbxp - ok

19:04:03.0915 2448 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

19:04:04.0103 2448 Beep - ok

19:04:04.0165 2448 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

19:04:04.0368 2448 cbidf2k - ok

19:04:04.0368 2448 cd20xrnt - ok

19:04:04.0446 2448 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

19:04:04.0649 2448 Cdaudio - ok

19:04:04.0665 2448 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

19:04:04.0821 2448 Cdfs - ok

19:04:04.0853 2448 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:04:04.0978 2448 Cdrom - ok

19:04:05.0009 2448 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

19:04:05.0040 2448 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

19:04:05.0040 2448 cercsr6 - detected UnsignedFile.Multi.Generic (1)

19:04:05.0040 2448 Changer - ok

19:04:05.0087 2448 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

19:04:05.0196 2448 CmBatt - ok

19:04:05.0212 2448 CmdIde - ok

19:04:05.0228 2448 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

19:04:05.0337 2448 Compbatt - ok

19:04:05.0353 2448 Cpqarray - ok

19:04:05.0368 2448 dac2w2k - ok

19:04:05.0384 2448 dac960nt - ok

19:04:05.0399 2448 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

19:04:05.0540 2448 Disk - ok

19:04:05.0587 2448 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

19:04:05.0743 2448 dmboot - ok

19:04:05.0774 2448 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

19:04:05.0899 2448 dmio - ok

19:04:05.0915 2448 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

19:04:06.0056 2448 dmload - ok

19:04:06.0071 2448 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

19:04:06.0212 2448 DMusic - ok

19:04:06.0228 2448 dpti2o - ok

19:04:06.0259 2448 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

19:04:06.0368 2448 drmkaud - ok

19:04:06.0399 2448 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

19:04:06.0540 2448 Fastfat - ok

19:04:06.0571 2448 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

19:04:06.0743 2448 Fdc - ok

19:04:06.0774 2448 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

19:04:06.0915 2448 Fips - ok

19:04:06.0931 2448 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

19:04:07.0056 2448 Flpydisk - ok

19:04:07.0103 2448 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

19:04:07.0259 2448 FltMgr - ok

19:04:07.0274 2448 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:04:07.0446 2448 Fs_Rec - ok

19:04:07.0446 2448 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:04:07.0587 2448 Ftdisk - ok

19:04:07.0634 2448 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

19:04:07.0649 2448 GEARAspiWDM - ok

19:04:07.0712 2448 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:04:07.0837 2448 Gpc - ok

19:04:07.0884 2448 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:04:08.0009 2448 HDAudBus - ok

19:04:08.0071 2448 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:04:08.0196 2448 HidUsb - ok

19:04:08.0228 2448 hpn - ok

19:04:08.0306 2448 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

19:04:08.0462 2448 HSF_DPV - ok

19:04:08.0509 2448 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

19:04:08.0524 2448 HSXHWAZL - ok

19:04:08.0587 2448 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

19:04:08.0665 2448 HTTP - ok

19:04:08.0681 2448 i2omgmt - ok

19:04:08.0696 2448 i2omp - ok

19:04:08.0728 2448 i8042prt (a82d9da434eb5aa9cfbe6d7d8aafe8dd) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:04:08.0759 2448 i8042prt ( UnsignedFile.Multi.Generic ) - warning

19:04:08.0759 2448 i8042prt - detected UnsignedFile.Multi.Generic (1)

19:04:09.0056 2448 ialm (e8c7cc369c2fb657e0792af70df529e6) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

19:04:09.0509 2448 ialm - ok

19:04:09.0634 2448 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

19:04:09.0853 2448 Imapi - ok

19:04:09.0868 2448 ini910u - ok

19:04:09.0884 2448 IntelIde - ok

19:04:09.0915 2448 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:04:10.0024 2448 intelppm - ok

19:04:10.0071 2448 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

19:04:10.0196 2448 Ip6Fw - ok

19:04:10.0243 2448 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:04:10.0384 2448 IpFilterDriver - ok

19:04:10.0399 2448 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:04:10.0509 2448 IpInIp - ok

19:04:10.0540 2448 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:04:10.0681 2448 IpNat - ok

19:04:10.0728 2448 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:04:10.0853 2448 IPSec - ok

19:04:10.0884 2448 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

19:04:11.0024 2448 IRENUM - ok

19:04:11.0056 2448 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:04:11.0181 2448 isapnp - ok

19:04:11.0228 2448 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:04:11.0353 2448 Kbdclass - ok

19:04:11.0384 2448 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

19:04:11.0509 2448 kmixer - ok

19:04:11.0540 2448 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

19:04:11.0603 2448 KSecDD - ok

19:04:11.0618 2448 lbrtfdc - ok

19:04:11.0665 2448 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

19:04:11.0696 2448 MBAMProtector - ok

19:04:11.0759 2448 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

19:04:11.0790 2448 mdmxsdk - ok

19:04:11.0821 2448 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

19:04:11.0853 2448 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

19:04:11.0853 2448 MHNDRV - detected UnsignedFile.Multi.Generic (1)

19:04:11.0899 2448 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

19:04:12.0040 2448 mnmdd - ok

19:04:12.0087 2448 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

19:04:12.0228 2448 Modem - ok

19:04:12.0259 2448 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:04:12.0384 2448 Mouclass - ok

19:04:12.0431 2448 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:04:12.0571 2448 mouhid - ok

19:04:12.0587 2448 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

19:04:12.0696 2448 MountMgr - ok

19:04:12.0774 2448 MpKsl04f013f0 - ok

19:04:12.0790 2448 MpKsl09b8f1e4 - ok

19:04:12.0790 2448 MpKsl45a8d6cb - ok

19:04:12.0790 2448 MpKsl49fc1aed - ok

19:04:12.0806 2448 MpKsl51453375 - ok

19:04:12.0806 2448 MpKsl7992b5a0 - ok

19:04:12.0837 2448 MpKslae42c684 - ok

19:04:12.0837 2448 MpKslbada0c62 - ok

19:04:12.0853 2448 MpKslbbf1b174 - ok

19:04:12.0853 2448 MpKsld4891ce2 - ok

19:04:12.0853 2448 MpKslf0b23015 - ok

19:04:12.0868 2448 mraid35x - ok

19:04:12.0899 2448 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:04:13.0024 2448 MRxDAV - ok

19:04:13.0040 2448 MRxSmb - ok

19:04:13.0071 2448 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

19:04:13.0181 2448 Msfs - ok

19:04:13.0196 2448 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:04:13.0321 2448 MSKSSRV - ok

19:04:13.0337 2448 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:04:13.0446 2448 MSPCLOCK - ok

19:04:13.0478 2448 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

19:04:13.0618 2448 MSPQM - ok

19:04:13.0649 2448 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:04:13.0759 2448 mssmbios - ok

19:04:13.0790 2448 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

19:04:13.0868 2448 Mup - ok

19:04:13.0884 2448 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

19:04:14.0024 2448 NDIS - ok

19:04:14.0056 2448 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:04:14.0118 2448 NdisTapi - ok

19:04:14.0149 2448 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:04:14.0274 2448 Ndisuio - ok

19:04:14.0290 2448 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:04:14.0462 2448 NdisWan - ok

19:04:14.0509 2448 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

19:04:14.0556 2448 NDProxy - ok

19:04:14.0587 2448 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

19:04:14.0712 2448 NetBIOS - ok

19:04:14.0774 2448 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

19:04:14.0915 2448 NetBT - ok

19:04:14.0962 2448 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:04:15.0181 2448 NIC1394 - ok

19:04:15.0196 2448 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

19:04:15.0306 2448 Npfs - ok

19:04:15.0353 2448 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

19:04:15.0509 2448 Ntfs - ok

19:04:15.0556 2448 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

19:04:15.0696 2448 Null - ok

19:04:15.0759 2448 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:04:15.0915 2448 NwlnkFlt - ok

19:04:15.0931 2448 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:04:16.0087 2448 NwlnkFwd - ok

19:04:16.0103 2448 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:04:16.0259 2448 ohci1394 - ok

19:04:16.0274 2448 OMCI - ok

19:04:16.0321 2448 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

19:04:16.0462 2448 Parport - ok

19:04:16.0478 2448 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

19:04:16.0603 2448 PartMgr - ok

19:04:16.0634 2448 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

19:04:16.0790 2448 ParVdm - ok

19:04:16.0806 2448 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

19:04:16.0962 2448 PCI - ok

19:04:16.0978 2448 PCIDump - ok

19:04:17.0009 2448 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

19:04:17.0165 2448 PCIIde - ok

19:04:17.0228 2448 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

19:04:17.0399 2448 Pcmcia - ok

19:04:17.0415 2448 PDCOMP - ok

19:04:17.0431 2448 PDFRAME - ok

19:04:17.0446 2448 PDRELI - ok

19:04:17.0446 2448 PDRFRAME - ok

19:04:17.0462 2448 perc2 - ok

19:04:17.0478 2448 perc2hib - ok

19:04:17.0556 2448 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:04:17.0681 2448 PptpMiniport - ok

19:04:17.0696 2448 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

19:04:17.0837 2448 PSched - ok

19:04:17.0853 2448 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:04:18.0024 2448 Ptilink - ok

19:04:18.0056 2448 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

19:04:18.0071 2448 PxHelp20 - ok

19:04:18.0087 2448 ql1080 - ok

19:04:18.0087 2448 Ql10wnt - ok

19:04:18.0103 2448 ql12160 - ok

19:04:18.0118 2448 ql1240 - ok

19:04:18.0134 2448 ql1280 - ok

19:04:18.0149 2448 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:04:18.0321 2448 RasAcd - ok

19:04:18.0353 2448 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:04:18.0493 2448 Rasl2tp - ok

19:04:18.0509 2448 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:04:18.0634 2448 RasPppoe - ok

19:04:18.0649 2448 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

19:04:18.0774 2448 Raspti - ok

19:04:18.0790 2448 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:04:18.0915 2448 Rdbss - ok

19:04:18.0915 2448 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:04:19.0071 2448 RDPCDD - ok

19:04:19.0118 2448 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:04:19.0243 2448 rdpdr - ok

19:04:19.0290 2448 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

19:04:19.0337 2448 RDPWD - ok

19:04:19.0368 2448 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

19:04:19.0478 2448 redbook - ok

19:04:19.0524 2448 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

19:04:19.0603 2448 rimmptsk - ok

19:04:19.0634 2448 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

19:04:19.0665 2448 rimsptsk - ok

19:04:19.0665 2448 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

19:04:19.0728 2448 rismxdp - ok

19:04:19.0774 2448 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

19:04:19.0931 2448 sdbus - ok

19:04:19.0993 2448 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:04:20.0165 2448 Secdrv - ok

19:04:20.0196 2448 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

19:04:20.0384 2448 Serial - ok

19:04:20.0415 2448 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

19:04:20.0556 2448 Sfloppy - ok

19:04:20.0571 2448 Simbad - ok

19:04:20.0587 2448 Sparrow - ok

19:04:20.0618 2448 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

19:04:20.0743 2448 splitter - ok

19:04:20.0806 2448 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

19:04:20.0915 2448 sr - ok

19:04:20.0962 2448 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

19:04:21.0024 2448 Srv - ok

19:04:21.0103 2448 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

19:04:21.0212 2448 STHDA - ok

19:04:21.0290 2448 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

19:04:21.0524 2448 swenum - ok

19:04:21.0587 2448 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

19:04:21.0806 2448 swmidi - ok

19:04:21.0821 2448 symc810 - ok

19:04:21.0837 2448 symc8xx - ok

19:04:21.0853 2448 sym_hi - ok

19:04:21.0868 2448 sym_u3 - ok

19:04:21.0915 2448 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys

19:04:22.0009 2448 SynTP - ok

19:04:22.0040 2448 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

19:04:22.0181 2448 sysaudio - ok

19:04:22.0243 2448 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:04:22.0384 2448 Tcpip - ok

19:04:22.0431 2448 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

19:04:22.0649 2448 TDPIPE - ok

19:04:22.0681 2448 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

19:04:22.0806 2448 TDTCP - ok

19:04:22.0868 2448 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

19:04:22.0993 2448 TermDD - ok

19:04:23.0024 2448 TosIde - ok

19:04:23.0087 2448 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

19:04:23.0087 2448 TrueSight ( UnsignedFile.Multi.Generic ) - warning

19:04:23.0087 2448 TrueSight - detected UnsignedFile.Multi.Generic (1)

19:04:23.0118 2448 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

19:04:23.0274 2448 Udfs - ok

19:04:23.0290 2448 UIUSys - ok

19:04:23.0306 2448 ultra - ok

19:04:23.0353 2448 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

19:04:23.0493 2448 Update - ok

19:04:23.0571 2448 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

19:04:23.0649 2448 USBAAPL - ok

19:04:23.0696 2448 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:04:23.0821 2448 usbehci - ok

19:04:23.0853 2448 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:04:24.0040 2448 usbhub - ok

19:04:24.0103 2448 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:04:24.0228 2448 usbscan - ok

19:04:24.0290 2448 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:04:24.0399 2448 USBSTOR - ok

19:04:24.0431 2448 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:04:24.0571 2448 usbuhci - ok

19:04:24.0571 2448 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

19:04:24.0696 2448 VgaSave - ok

19:04:24.0712 2448 ViaIde - ok

19:04:24.0759 2448 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

19:04:24.0884 2448 VolSnap - ok

19:04:24.0915 2448 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:04:25.0040 2448 Wanarp - ok

19:04:25.0056 2448 WDICA - ok

19:04:25.0087 2448 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

19:04:25.0196 2448 wdmaud - ok

19:04:25.0290 2448 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

19:04:25.0337 2448 winachsf - ok

19:04:25.0415 2448 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

19:04:25.0540 2448 WmiAcpi - ok

19:04:25.0603 2448 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

19:04:25.0743 2448 WS2IFSL - ok

19:04:25.0806 2448 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

19:04:26.0103 2448 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:04:26.0103 2448 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:04:26.0149 2448 Boot (0x1200) (a89505d2d65ba871f8ae02d61f72abb4) \Device\Harddisk0\DR0\Partition0

19:04:26.0149 2448 \Device\Harddisk0\DR0\Partition0 - ok

19:04:26.0149 2448 ============================================================

19:04:26.0149 2448 Scan finished

19:04:26.0149 2448 ============================================================

19:04:26.0274 4088 Detected object count: 6

19:04:26.0274 4088 Actual detected object count: 6

19:04:35.0462 4088 C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS - copied to quarantine

19:04:35.0462 4088 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:04:35.0571 4088 C:\WINDOWS\system32\drivers\cercsr6.sys - copied to quarantine

19:04:35.0571 4088 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:04:35.0634 4088 C:\WINDOWS\system32\DRIVERS\i8042prt.sys - copied to quarantine

19:04:35.0634 4088 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:04:35.0774 4088 C:\WINDOWS\system32\DRIVERS\mhndrv.sys - copied to quarantine

19:04:35.0774 4088 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:04:35.0868 4088 c:\windows\system32\drivers\TrueSight.sys - copied to quarantine

19:04:35.0868 4088 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:04:35.0931 4088 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

19:04:35.0931 4088 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

19:04:35.0946 4088 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

19:04:35.0993 4088 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

19:04:36.0071 4088 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

19:04:36.0071 4088 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:04:36.0071 4088 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:04:36.0087 4088 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

19:04:36.0103 4088 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

19:04:36.0134 4088 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

19:04:36.0353 4088 \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine

19:04:36.0353 4088 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

Link to post
Share on other sites

I must inform you that you're infected with Rootkit.ZeroAccess rootkit, a BackDoor Trojan.

Read this warning.

With that said........

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

If you loose you internet connection, please rerun ComboFix again.

MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.