Jump to content

MBAM constantly blocking IP Addresses


Recommended Posts

I just used MBAM to get rid of XP Security 2012, but I believe I still have malware on my machine.

I am constantly getting popups from MBAM blocking IPs like:

83.133.1xx.1xx

206.133.1xx.1xx

And occasionally I'll get a popup from Internet Explorer, even when it's not open (currently using Opera) saying "Would you like to restore the last session or home page"... Although I don't believe I have this checked in IE.

I ran a DDS scan, and I have the log for that, as well as a GMER scan. I tried to run sfc /scannow, but it told me I was missing a ton of DLL files, and I don't know that I have the install disk for Windows XP, so I'm not sure where I could get those from either.

attach.txt

Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

MBAM Trial has ended, so the popups have stopped, but I am fairly sure my Internet Explorer is still infected with some kind of malware, as it uses some ridiculous amount of CPU even when I am not using it (using Opera as my default browser, currently).

I would also like to note that i had an issue with opening Windows Explorer windows from the Start Menu shortcuts until I force closed one of my several iexplore.exe processes, at which point, all of the windows I had previously clicked to open all opened at once. After this point, all of the windows I tried to open would open immediately after I clicked.

MBAM Updated as of 5:28pm 1 Jan 2012.

MBAM Quick Scan started at 5:30pm 1 Jan 2012.

Results:

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.01.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Owner :: DESKTOP [administrator]

1/1/2012 5:30:44 PM

mbam-log-2012-01-01 (17-30-44).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 183750

Time elapsed: 43 minute(s), 59 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS scan finished at 5:28pm

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 11/15/2011 7:00:57 PM

System Uptime: 12/31/2011 11:32:52 AM (30 hours ago)

.

Motherboard: Dell Inc. | | 0JC474

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 449.37 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

F: is FIXED (NTFS) - 1397 GiB total, 1133.575 GiB free.

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 11/15/2011 7:04:54 PM - System Checkpoint

RP2: 11/16/2011 2:29:58 PM - Software Distribution Service 3.0

RP3: 11/16/2011 2:40:17 PM - Software Distribution Service 3.0

RP4: 11/16/2011 3:24:57 PM - Software Distribution Service 3.0

RP5: 11/16/2011 4:01:22 PM - Software Distribution Service 3.0

RP6: 11/16/2011 4:41:36 PM - Software Distribution Service 3.0

RP7: 11/16/2011 5:03:14 PM - Installed SigmaTel Audio

RP8: 11/16/2011 5:11:17 PM - Software Distribution Service 3.0

RP9: 11/16/2011 5:16:13 PM - Installed Adobe Reader X (10.1.1).

RP10: 11/16/2011 5:17:53 PM - Installed Java 6 Update 20

RP11: 11/16/2011 5:18:12 PM - Installed OpenOffice.org 3.2

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1)

AIO_Scan

BufferChm

C6200

C6200_doccd

C6200_Help

Compatibility Pack for the 2007 Office system

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DocProc

DocProcQFolder

eSupportQFolder

Fax

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB954708)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 9.0

HP Imaging Device Functions 9.0

HP OCR Software 9.0

HP Photosmart All-In-One Software 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

HP Solution Center 9.0

HP Update

HPProductAssistant

HPSSupply

Intel® 537EP V9x DF PCI Modem

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

Java Auto Updater

Java 6 Update 20

Jumpstart First Grade v1.4

Junk Mail filter update

Malwarebytes Anti-Malware version 1.60.0.1800

MarketResearch

McAfee Security Scan Plus

McAfee SecurityCenter

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office Basic Edition 2003

Microsoft Office File Validation Add-In

Microsoft Office Live Add-in 1.3

Microsoft Office Outlook Connector

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Mozilla Firefox 9.0.1 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

ooVoo

OpenOffice.org 3.2

Opera 11.60

PanoStandAlone

PS_AIO_02_ProductContext

PS_AIO_02_Software

PS_AIO_02_Software_min

PSSWCORE

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Segoe UI

SigmaTel Audio

SolutionCenter

Status

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

VideoToolkit01

WebFldrs XP

WebReg

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

Yontoo Layers Runtime (Drop Down Deals) 1.10.01

.

==== Event Viewer Messages From Past Week ========

.

12/27/2011 4:51:15 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

12/25/2011 4:46:47 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1684.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.

12/25/2011 4:41:46 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1684.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.

12/25/2011 12:43:33 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.

12/25/2011 11:43:27 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1684.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.

12/25/2011 11:39:40 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

12/25/2011 11:34:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde

12/25/2011 11:33:28 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

12/25/2011 1:36:50 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1684.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.

1/1/2012 5:36:15 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

.

==== End Of File ===========================

Microsoft Security Essentials has been uninstalled.

Link to post
Share on other sites

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

13:52:53.0216 1284 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

13:52:54.0420 1284 ============================================================

13:52:54.0420 1284 Current date / time: 2012/01/02 13:52:54.0420

13:52:54.0420 1284 SystemInfo:

13:52:54.0420 1284

13:52:54.0420 1284 OS Version: 5.1.2600 ServicePack: 3.0

13:52:54.0420 1284 Product type: Workstation

13:52:54.0420 1284 ComputerName: DESKTOP

13:52:54.0420 1284 UserName: Owner

13:52:54.0420 1284 Windows directory: C:\WINDOWS

13:52:54.0420 1284 System windows directory: C:\WINDOWS

13:52:54.0420 1284 Processor architecture: Intel x86

13:52:54.0420 1284 Number of processors: 1

13:52:54.0420 1284 Page size: 0x1000

13:52:54.0420 1284 Boot type: Normal boot

13:52:54.0420 1284 ============================================================

13:52:56.0748 1284 Initialize success

13:53:18.0310 5300 ============================================================

13:53:18.0310 5300 Scan started

13:53:18.0310 5300 Mode: Manual; SigCheck; TDLFS;

13:53:18.0310 5300 ============================================================

13:53:21.0514 5300 Abiosdsk - ok

13:53:21.0732 5300 abp480n5 - ok

13:53:22.0092 5300 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:53:25.0935 5300 ACPI - ok

13:53:26.0248 5300 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

13:53:26.0420 5300 ACPIEC - ok

13:53:26.0717 5300 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS

13:53:27.0045 5300 ADM8511 - ok

13:53:27.0326 5300 adpu160m - ok

13:53:27.0654 5300 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

13:53:27.0951 5300 aec - ok

13:53:28.0279 5300 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

13:53:28.0389 5300 AFD - ok

13:53:28.0623 5300 Aha154x - ok

13:53:28.0857 5300 aic78u2 - ok

13:53:29.0185 5300 aic78xx - ok

13:53:29.0404 5300 AliIde - ok

13:53:29.0623 5300 amsint - ok

13:53:29.0842 5300 asc - ok

13:53:30.0170 5300 asc3350p - ok

13:53:30.0404 5300 asc3550 - ok

13:53:30.0670 5300 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:53:30.0857 5300 AsyncMac - ok

13:53:31.0279 5300 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

13:53:31.0529 5300 atapi - ok

13:53:31.0779 5300 Atdisk - ok

13:53:32.0264 5300 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:53:32.0560 5300 Atmarpc - ok

13:53:32.0810 5300 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

13:53:32.0951 5300 audstub - ok

13:53:33.0201 5300 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

13:53:33.0529 5300 Beep - ok

13:53:33.0795 5300 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

13:53:33.0951 5300 cbidf2k - ok

13:53:34.0217 5300 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

13:53:34.0482 5300 CCDECODE - ok

13:53:34.0717 5300 cd20xrnt - ok

13:53:34.0967 5300 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

13:53:35.0092 5300 Cdaudio - ok

13:53:35.0373 5300 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

13:53:35.0670 5300 Cdfs - ok

13:53:35.0935 5300 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:53:36.0092 5300 Cdrom - ok

13:53:36.0342 5300 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys

13:53:36.0435 5300 cfwids - ok

13:53:36.0764 5300 Changer - ok

13:53:36.0982 5300 CmdIde - ok

13:53:37.0217 5300 Cpqarray - ok

13:53:37.0451 5300 dac2w2k - ok

13:53:37.0670 5300 dac960nt - ok

13:53:38.0014 5300 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

13:53:38.0201 5300 Disk - ok

13:53:38.0732 5300 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

13:53:39.0404 5300 dmboot - ok

13:53:39.0670 5300 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

13:53:39.0873 5300 dmio - ok

13:53:40.0217 5300 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

13:53:40.0342 5300 dmload - ok

13:53:40.0639 5300 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

13:53:40.0795 5300 DMusic - ok

13:53:41.0139 5300 dpti2o - ok

13:53:41.0389 5300 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

13:53:41.0514 5300 drmkaud - ok

13:53:41.0826 5300 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys

13:53:41.0936 5300 E100B - ok

13:53:42.0389 5300 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

13:53:42.0592 5300 Fastfat - ok

13:53:42.0826 5300 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

13:53:42.0982 5300 Fdc - ok

13:53:43.0342 5300 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

13:53:43.0545 5300 Fips - ok

13:53:43.0779 5300 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

13:53:43.0920 5300 Flpydisk - ok

13:53:44.0201 5300 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

13:53:44.0514 5300 FltMgr - ok

13:53:44.0779 5300 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

13:53:44.0826 5300 fssfltr - ok

13:53:45.0045 5300 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:53:45.0186 5300 Fs_Rec - ok

13:53:45.0576 5300 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:53:45.0748 5300 Ftdisk - ok

13:53:46.0014 5300 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:53:46.0154 5300 Gpc - ok

13:53:46.0451 5300 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

13:53:46.0779 5300 HDAudBus - ok

13:53:47.0076 5300 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:53:47.0217 5300 hidusb - ok

13:53:47.0436 5300 hpn - ok

13:53:47.0826 5300 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

13:53:48.0123 5300 HPZid412 - ok

13:53:48.0420 5300 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

13:53:48.0545 5300 HPZipr12 - ok

13:53:48.0936 5300 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

13:53:48.0982 5300 HPZius12 - ok

13:53:49.0326 5300 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

13:53:49.0467 5300 HTTP - ok

13:53:49.0686 5300 i2omgmt - ok

13:53:50.0014 5300 i2omp - ok

13:53:50.0279 5300 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys

13:53:50.0436 5300 i8042prt - ok

13:53:51.0264 5300 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

13:53:52.0217 5300 ialm - ok

13:53:52.0482 5300 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

13:53:52.0639 5300 Imapi - ok

13:53:52.0857 5300 ini910u - ok

13:53:53.0795 5300 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys

13:53:54.0732 5300 IntelC51 - ok

13:53:55.0170 5300 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys

13:53:55.0717 5300 IntelC52 - ok

13:53:55.0967 5300 IntelC53 (de2686c0e012e6ae24acd6e79eb7ff5d) C:\WINDOWS\system32\DRIVERS\IntelC53.sys

13:53:56.0014 5300 IntelC53 - ok

13:53:56.0279 5300 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

13:53:56.0545 5300 IntelIde - ok

13:53:56.0779 5300 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:53:56.0920 5300 intelppm - ok

13:53:57.0170 5300 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

13:53:57.0311 5300 Ip6Fw - ok

13:53:57.0686 5300 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:53:57.0826 5300 IpFilterDriver - ok

13:53:58.0061 5300 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:53:58.0201 5300 IpInIp - ok

13:53:58.0529 5300 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:53:58.0873 5300 IpNat - ok

13:53:59.0154 5300 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:53:59.0311 5300 IPSec - ok

13:53:59.0654 5300 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

13:53:59.0842 5300 IRENUM - ok

13:54:00.0092 5300 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:54:00.0233 5300 isapnp - ok

13:54:00.0483 5300 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:54:00.0639 5300 Kbdclass - ok

13:54:01.0092 5300 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

13:54:01.0233 5300 kbdhid - ok

13:54:01.0545 5300 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

13:54:01.0748 5300 kmixer - ok

13:54:02.0186 5300 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

13:54:02.0279 5300 KSecDD - ok

13:54:02.0498 5300 lbrtfdc - ok

13:54:02.0748 5300 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

13:54:02.0764 5300 MBAMProtector - ok

13:54:03.0248 5300 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys

13:54:03.0295 5300 mfeapfk - ok

13:54:03.0654 5300 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys

13:54:03.0733 5300 mfeavfk - ok

13:54:03.0936 5300 mfeavfk01 - ok

13:54:04.0326 5300 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys

13:54:04.0358 5300 mfebopk - ok

13:54:04.0701 5300 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys

13:54:04.0920 5300 mfefirek - ok

13:54:05.0451 5300 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys

13:54:05.0842 5300 mfehidk - ok

13:54:06.0123 5300 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

13:54:06.0170 5300 mfendisk - ok

13:54:06.0201 5300 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

13:54:06.0217 5300 mfendiskmp - ok

13:54:06.0608 5300 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys

13:54:06.0654 5300 mferkdet - ok

13:54:06.0936 5300 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys

13:54:06.0983 5300 mfetdi2k - ok

13:54:07.0233 5300 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

13:54:07.0264 5300 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

13:54:07.0264 5300 MHNDRV - detected UnsignedFile.Multi.Generic (1)

13:54:07.0623 5300 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

13:54:07.0748 5300 mnmdd - ok

13:54:07.0998 5300 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

13:54:08.0139 5300 Modem - ok

13:54:08.0389 5300 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

13:54:08.0654 5300 MODEMCSA - ok

13:54:08.0920 5300 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys

13:54:08.0951 5300 mohfilt - ok

13:54:09.0233 5300 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:54:09.0358 5300 Mouclass - ok

13:54:09.0733 5300 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:54:09.0873 5300 mouhid - ok

13:54:10.0186 5300 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

13:54:10.0326 5300 MountMgr - ok

13:54:10.0389 5300 MpKsl156f39cd - ok

13:54:10.0404 5300 MpKslb00df0f6 - ok

13:54:10.0436 5300 MpKsle6145fca - ok

13:54:10.0451 5300 MpKslfa54ef84 - ok

13:54:10.0858 5300 mraid35x - ok

13:54:11.0201 5300 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:54:11.0404 5300 MRxDAV - ok

13:54:11.0889 5300 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:54:12.0170 5300 MRxSmb - ok

13:54:12.0420 5300 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

13:54:12.0576 5300 Msfs - ok

13:54:12.0826 5300 MSHUSBVideo (5119ffc2a6b51089cdb0efdc75808c97) C:\WINDOWS\system32\Drivers\nx6000.sys

13:54:12.0983 5300 MSHUSBVideo - ok

13:54:13.0264 5300 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:54:13.0404 5300 MSKSSRV - ok

13:54:13.0686 5300 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:54:13.0811 5300 MSPCLOCK - ok

13:54:14.0154 5300 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

13:54:14.0311 5300 MSPQM - ok

13:54:14.0561 5300 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:54:14.0686 5300 mssmbios - ok

13:54:14.0936 5300 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

13:54:15.0217 5300 MSTEE - ok

13:54:15.0498 5300 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

13:54:15.0576 5300 Mup - ok

13:54:15.0858 5300 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

13:54:16.0029 5300 NABTSFEC - ok

13:54:16.0529 5300 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

13:54:16.0733 5300 NDIS - ok

13:54:16.0983 5300 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

13:54:17.0123 5300 NdisIP - ok

13:54:17.0498 5300 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:54:17.0561 5300 NdisTapi - ok

13:54:17.0826 5300 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:54:17.0967 5300 Ndisuio - ok

13:54:18.0233 5300 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:54:18.0530 5300 NdisWan - ok

13:54:18.0811 5300 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

13:54:18.0873 5300 NDProxy - ok

13:54:19.0139 5300 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

13:54:19.0280 5300 NetBIOS - ok

13:54:19.0686 5300 NetBT (d826e005fb7006521a4c23855cd077ea) C:\WINDOWS\system32\DRIVERS\netbt.sys

13:54:19.0686 5300 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\netbt.sys. Real md5: d826e005fb7006521a4c23855cd077ea, Fake md5: 74b2b2f5bea5e9a3dc021d685551bd3d

13:54:19.0686 5300 NetBT ( Rootkit.Win32.ZAccess.aml ) - infected

13:54:19.0686 5300 NetBT - detected Rootkit.Win32.ZAccess.aml (0)

13:54:19.0983 5300 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

13:54:20.0108 5300 Npfs - ok

13:54:20.0530 5300 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

13:54:21.0076 5300 Ntfs - ok

13:54:21.0326 5300 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

13:54:21.0451 5300 Null - ok

13:54:21.0811 5300 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:54:21.0967 5300 NwlnkFlt - ok

13:54:22.0201 5300 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:54:22.0358 5300 NwlnkFwd - ok

13:54:22.0701 5300 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

13:54:23.0076 5300 Parport - ok

13:54:23.0326 5300 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

13:54:23.0451 5300 PartMgr - ok

13:54:23.0670 5300 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

13:54:24.0045 5300 ParVdm - ok

13:54:24.0311 5300 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

13:54:24.0483 5300 PCI - ok

13:54:24.0717 5300 PCIDump - ok

13:54:25.0076 5300 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys

13:54:25.0201 5300 PCIIde - ok

13:54:25.0483 5300 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

13:54:25.0655 5300 Pcmcia - ok

13:54:25.0873 5300 PDCOMP - ok

13:54:26.0201 5300 PDFRAME - ok

13:54:26.0420 5300 PDRELI - ok

13:54:26.0639 5300 PDRFRAME - ok

13:54:26.0858 5300 perc2 - ok

13:54:27.0186 5300 perc2hib - ok

13:54:27.0467 5300 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:54:27.0608 5300 PptpMiniport - ok

13:54:27.0858 5300 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

13:54:28.0014 5300 PSched - ok

13:54:28.0358 5300 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:54:28.0514 5300 Ptilink - ok

13:54:28.0811 5300 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys

13:54:28.0873 5300 PxHelp20 - ok

13:54:29.0108 5300 ql1080 - ok

13:54:29.0436 5300 Ql10wnt - ok

13:54:29.0655 5300 ql12160 - ok

13:54:29.0873 5300 ql1240 - ok

13:54:30.0092 5300 ql1280 - ok

13:54:30.0342 5300 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:54:30.0623 5300 RasAcd - ok

13:54:30.0889 5300 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:54:31.0030 5300 Rasl2tp - ok

13:54:31.0280 5300 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:54:31.0420 5300 RasPppoe - ok

13:54:31.0764 5300 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

13:54:31.0920 5300 Raspti - ok

13:54:32.0217 5300 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:54:32.0405 5300 Rdbss - ok

13:54:32.0764 5300 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:54:32.0889 5300 RDPCDD - ok

13:54:33.0201 5300 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:54:33.0405 5300 rdpdr - ok

13:54:33.0826 5300 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

13:54:33.0920 5300 RDPWD - ok

13:54:34.0170 5300 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

13:54:34.0326 5300 redbook - ok

13:54:34.0592 5300 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:54:34.0748 5300 Secdrv - ok

13:54:35.0139 5300 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

13:54:35.0280 5300 Serial - ok

13:54:35.0530 5300 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

13:54:35.0670 5300 Sfloppy - ok

13:54:35.0998 5300 Simbad - ok

13:54:36.0264 5300 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

13:54:36.0389 5300 SLIP - ok

13:54:36.0623 5300 Sparrow - ok

13:54:36.0873 5300 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

13:54:37.0139 5300 splitter - ok

13:54:37.0467 5300 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

13:54:37.0623 5300 sr - ok

13:54:37.0983 5300 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

13:54:38.0389 5300 Srv - ok

13:54:39.0030 5300 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys

13:54:39.0795 5300 STHDA - ok

13:54:40.0045 5300 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

13:54:40.0201 5300 streamip - ok

13:54:40.0561 5300 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

13:54:40.0686 5300 swenum - ok

13:54:40.0951 5300 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

13:54:41.0108 5300 swmidi - ok

13:54:41.0342 5300 symc810 - ok

13:54:41.0670 5300 symc8xx - ok

13:54:41.0889 5300 sym_hi - ok

13:54:42.0123 5300 sym_u3 - ok

13:54:42.0389 5300 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

13:54:42.0686 5300 sysaudio - ok

13:54:43.0045 5300 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:54:43.0311 5300 Tcpip - ok

13:54:43.0561 5300 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

13:54:43.0858 5300 TDPIPE - ok

13:54:44.0123 5300 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

13:54:44.0264 5300 TDTCP - ok

13:54:44.0530 5300 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

13:54:44.0670 5300 TermDD - ok

13:54:45.0014 5300 TosIde - ok

13:54:45.0280 5300 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

13:54:45.0436 5300 Udfs - ok

13:54:45.0655 5300 ultra - ok

13:54:46.0139 5300 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

13:54:46.0498 5300 Update - ok

13:54:46.0780 5300 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

13:54:47.0092 5300 usbaudio - ok

13:54:47.0358 5300 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:54:47.0545 5300 usbccgp - ok

13:54:47.0811 5300 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:54:47.0936 5300 usbehci - ok

13:54:48.0342 5300 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:54:48.0514 5300 usbhub - ok

13:54:48.0795 5300 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:54:48.0967 5300 usbprint - ok

13:54:49.0342 5300 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

13:54:49.0483 5300 usbscan - ok

13:54:49.0748 5300 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:54:49.0873 5300 USBSTOR - ok

13:54:50.0248 5300 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:54:50.0373 5300 usbuhci - ok

13:54:50.0670 5300 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

13:54:50.0842 5300 usbvideo - ok

13:54:51.0092 5300 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

13:54:51.0358 5300 VgaSave - ok

13:54:51.0576 5300 ViaIde - ok

13:54:51.0858 5300 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

13:54:51.0998 5300 VolSnap - ok

13:54:52.0373 5300 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:54:52.0561 5300 Wanarp - ok

13:54:52.0780 5300 WDICA - ok

13:54:53.0045 5300 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

13:54:53.0217 5300 wdmaud - ok

13:54:53.0655 5300 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

13:54:53.0795 5300 WSTCODEC - ok

13:54:54.0076 5300 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:54:54.0139 5300 WudfPf - ok

13:54:54.0576 5300 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:54:54.0748 5300 WudfRd - ok

13:54:54.0780 5300 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

13:54:55.0170 5300 \Device\Harddisk0\DR0 - ok

13:54:55.0186 5300 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2

13:54:55.0342 5300 \Device\Harddisk1\DR2 - ok

13:54:55.0342 5300 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR12

13:54:55.0639 5300 \Device\Harddisk2\DR12 - ok

13:54:55.0639 5300 Boot (0x1200) (6c59d98cbfdc83f742d4730596d94c21) \Device\Harddisk0\DR0\Partition0

13:54:55.0639 5300 \Device\Harddisk0\DR0\Partition0 - ok

13:54:55.0655 5300 Boot (0x1200) (03f98887d4b24d6453297067c228f6b6) \Device\Harddisk1\DR2\Partition0

13:54:55.0655 5300 \Device\Harddisk1\DR2\Partition0 - ok

13:54:55.0655 5300 Boot (0x1200) (04ac4694c53ee81209d6217a0f4bb4bc) \Device\Harddisk2\DR12\Partition0

13:54:55.0655 5300 \Device\Harddisk2\DR12\Partition0 - ok

13:54:55.0670 5300 ============================================================

13:54:55.0670 5300 Scan finished

13:54:55.0670 5300 ============================================================

13:54:55.0780 3752 Detected object count: 2

13:54:55.0780 3752 Actual detected object count: 2

13:55:18.0530 3752 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

13:55:18.0530 3752 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:55:19.0061 3752 Backup copy found, using it..

13:55:19.0139 3752 C:\WINDOWS\system32\DRIVERS\netbt.sys - will be cured on reboot

13:55:39.0983 3752 NetBT ( Rootkit.Win32.ZAccess.aml ) - User select action: Cure

Link to post
Share on other sites

Seems to be okay now, although I can't be certain if the outgoing IP requests have stopped or not. Internet Explorer seems to be using a normal amount of memory and CPU. I have McAfee scanning currently, and it says it's fixed 15 files infected by viruses out of the ~180,000 it's scanned so far, only 20% done though. No major issues atm though.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.