Jump to content

Recommended Posts

Vista Security 2012 keeps appearing on my computer. I've ran anti-virus scans and even followed an uninstall guide, but it continues to come back.

Thanks in advance.

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2011.12.24.05

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 7.0.6002.18005

Connie :: CONNIE-PC [administrator]

12/31/2011 1:09:52 PM

mbam-log-2011-12-31 (13-09-52).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 182599

Time elapsed: 7 minute(s), 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\Connie\Local Settings\Application Data\crq.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Welcome to the forum.

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

MrC

Link to post
Share on other sites

Farbar Service Scanner

Ran by Connie (administrator) on 05-01-2012 at 08:09:57

Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:

Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.

Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.

Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

mpsdrv Service is not running. Checking service configuration:

The start type of mpsdrv service is OK.

The ImagePath of mpsdrv service is OK.

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:

The start type of VSS service is OK.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcsvc.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V6.2.2 [12/31/2011] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: Connie [Admin rights]

Mode: Scan -- Date : 01/05/2012 08:12:24

¤¤¤ Bad processes: 2 ¤¤¤

[sUSP PATH] LockStatusTray.exe -- C:\Windows\LockStatusTray.exe -> KILLED [TermProc]

[sUSP PATH] VM305_STI.EXE -- C:\Windows\VM305_STI.EXE -> KILLED [TermProc]

¤¤¤ Registry Entries: 6 ¤¤¤

[sUSP PATH] HKLM\[...]\Run : LockStatusTray (C:\Windows\LockStatusTray.exe) -> FOUND

[sUSP PATH] HKLM\[...]\Run : BigDog305 (C:\Windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] c084bd925bf07d3a5a28e5ba3cd8d738

[bSP] f447cd3dc644cd931fe7f4d39e641310 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 57 Mo

1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 112640 | Size: 10737 Mo

2 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 21084160 | Size: 629338 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

08:32:27.0994 7692 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

08:32:28.0446 7692 ============================================================

08:32:28.0446 7692 Current date / time: 2012/01/05 08:32:28.0446

08:32:28.0446 7692 SystemInfo:

08:32:28.0446 7692

08:32:28.0446 7692 OS Version: 6.0.6002 ServicePack: 2.0

08:32:28.0446 7692 Product type: Workstation

08:32:28.0446 7692 ComputerName: CONNIE-PC

08:32:28.0446 7692 UserName: Connie

08:32:28.0446 7692 Windows directory: C:\Windows

08:32:28.0446 7692 System windows directory: C:\Windows

08:32:28.0446 7692 Processor architecture: Intel x86

08:32:28.0446 7692 Number of processors: 4

08:32:28.0446 7692 Page size: 0x1000

08:32:28.0446 7692 Boot type: Normal boot

08:32:28.0446 7692 ============================================================

08:32:29.0086 7692 Initialize success

08:33:40.0799 5900 ============================================================

08:33:40.0799 5900 Scan started

08:33:40.0799 5900 Mode: Manual; SigCheck; TDLFS;

08:33:40.0799 5900 ============================================================

08:33:42.0359 5900 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys

08:33:42.0593 5900 61883 - ok

08:33:42.0889 5900 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

08:33:42.0921 5900 ACPI - ok

08:33:43.0014 5900 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

08:33:43.0045 5900 adp94xx - ok

08:33:43.0077 5900 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

08:33:43.0108 5900 adpahci - ok

08:33:43.0139 5900 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

08:33:43.0155 5900 adpu160m - ok

08:33:43.0186 5900 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

08:33:43.0217 5900 adpu320 - ok

08:33:43.0295 5900 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

08:33:43.0357 5900 AFD - ok

08:33:43.0389 5900 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

08:33:43.0420 5900 agp440 - ok

08:33:43.0435 5900 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

08:33:43.0451 5900 aic78xx - ok

08:33:43.0482 5900 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

08:33:43.0498 5900 aliide - ok

08:33:43.0513 5900 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

08:33:43.0529 5900 amdagp - ok

08:33:43.0576 5900 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

08:33:43.0591 5900 amdide - ok

08:33:43.0623 5900 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

08:33:43.0685 5900 AmdK7 - ok

08:33:43.0716 5900 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

08:33:43.0763 5900 AmdK8 - ok

08:33:43.0825 5900 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

08:33:43.0841 5900 arc - ok

08:33:43.0888 5900 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

08:33:43.0919 5900 arcsas - ok

08:33:43.0950 5900 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

08:33:44.0013 5900 AsyncMac - ok

08:33:44.0044 5900 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

08:33:44.0059 5900 atapi - ok

08:33:44.0106 5900 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys

08:33:44.0137 5900 Avc - ok

08:33:44.0184 5900 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

08:33:44.0247 5900 Beep - ok

08:33:44.0278 5900 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

08:33:44.0309 5900 blbdrive - ok

08:33:44.0418 5900 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

08:33:44.0481 5900 bowser - ok

08:33:44.0512 5900 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

08:33:44.0621 5900 BrFiltLo - ok

08:33:44.0668 5900 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

08:33:44.0715 5900 BrFiltUp - ok

08:33:44.0746 5900 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

08:33:44.0902 5900 Brserid - ok

08:33:44.0964 5900 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

08:33:45.0042 5900 BrSerWdm - ok

08:33:45.0089 5900 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

08:33:45.0136 5900 BrUsbMdm - ok

08:33:45.0151 5900 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

08:33:45.0214 5900 BrUsbSer - ok

08:33:45.0245 5900 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

08:33:45.0292 5900 BthEnum - ok

08:33:45.0323 5900 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

08:33:45.0401 5900 BTHMODEM - ok

08:33:45.0432 5900 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

08:33:45.0479 5900 BthPan - ok

08:33:45.0573 5900 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys

08:33:45.0697 5900 BTHPORT - ok

08:33:45.0775 5900 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys

08:33:45.0900 5900 BTHUSB - ok

08:33:45.0947 5900 btwaudio (fc23e3a7ae18b02dcc1a34cbef3f80af) C:\Windows\system32\drivers\btwaudio.sys

08:33:46.0009 5900 btwaudio - ok

08:33:46.0009 5900 btwavdt (5e14c92763e51130bfb9a670afd7eddf) C:\Windows\system32\drivers\btwavdt.sys

08:33:46.0181 5900 btwavdt - ok

08:33:46.0228 5900 btwrchid (ac3fd5a3bbfa114098f75b80c4c1f3e7) C:\Windows\system32\DRIVERS\btwrchid.sys

08:33:46.0337 5900 btwrchid - ok

08:33:46.0399 5900 catchme - ok

08:33:46.0446 5900 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

08:33:46.0493 5900 cdfs - ok

08:33:46.0509 5900 cdrom - ok

08:33:46.0571 5900 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys

08:33:46.0649 5900 cfwids - ok

08:33:46.0680 5900 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

08:33:46.0727 5900 circlass - ok

08:33:46.0774 5900 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

08:33:46.0789 5900 CLFS - ok

08:33:46.0867 5900 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

08:33:46.0883 5900 cmdide - ok

08:33:46.0914 5900 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

08:33:46.0945 5900 Compbatt - ok

08:33:46.0961 5900 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

08:33:46.0977 5900 crcdisk - ok

08:33:46.0992 5900 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

08:33:47.0039 5900 Crusoe - ok

08:33:47.0101 5900 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys

08:33:47.0195 5900 CSC - ok

08:33:47.0226 5900 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

08:33:47.0273 5900 DfsC - ok

08:33:47.0304 5900 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

08:33:47.0320 5900 disk - ok

08:33:47.0382 5900 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

08:33:47.0429 5900 Dot4 - ok

08:33:47.0491 5900 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

08:33:47.0523 5900 Dot4Print - ok

08:33:47.0585 5900 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

08:33:47.0616 5900 dot4usb - ok

08:33:47.0647 5900 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

08:33:47.0694 5900 drmkaud - ok

08:33:47.0725 5900 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

08:33:47.0819 5900 DXGKrnl - ok

08:33:47.0881 5900 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

08:33:47.0944 5900 e1express - ok

08:33:47.0991 5900 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

08:33:48.0069 5900 E1G60 - ok

08:33:48.0115 5900 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

08:33:48.0131 5900 Ecache - ok

08:33:48.0162 5900 ElRawDisk (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\elrawdsk.sys

08:33:48.0240 5900 ElRawDisk - ok

08:33:48.0256 5900 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

08:33:48.0287 5900 elxstor - ok

08:33:48.0303 5900 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

08:33:48.0349 5900 ErrDev - ok

08:33:48.0396 5900 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

08:33:48.0443 5900 exfat - ok

08:33:48.0490 5900 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

08:33:48.0521 5900 fastfat - ok

08:33:48.0552 5900 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

08:33:48.0599 5900 fdc - ok

08:33:48.0630 5900 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

08:33:48.0646 5900 FileInfo - ok

08:33:48.0677 5900 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

08:33:48.0708 5900 Filetrace - ok

08:33:48.0786 5900 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

08:33:48.0849 5900 flpydisk - ok

08:33:48.0880 5900 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

08:33:48.0895 5900 FltMgr - ok

08:33:48.0927 5900 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

08:33:48.0973 5900 Fs_Rec - ok

08:33:48.0973 5900 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys

08:33:48.0989 5900 fvevol - ok

08:33:49.0005 5900 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

08:33:49.0020 5900 gagp30kx - ok

08:33:49.0067 5900 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

08:33:49.0114 5900 GEARAspiWDM - ok

08:33:49.0192 5900 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

08:33:49.0254 5900 HDAudBus - ok

08:33:49.0270 5900 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

08:33:49.0332 5900 HidBth - ok

08:33:49.0348 5900 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

08:33:49.0395 5900 HidIr - ok

08:33:49.0441 5900 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

08:33:49.0473 5900 HidUsb - ok

08:33:49.0504 5900 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

08:33:49.0519 5900 HpCISSs - ok

08:33:49.0551 5900 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

08:33:49.0613 5900 HTTP - ok

08:33:49.0644 5900 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

08:33:49.0660 5900 i2omp - ok

08:33:49.0675 5900 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

08:33:49.0722 5900 i8042prt - ok

08:33:49.0753 5900 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

08:33:49.0769 5900 iaStorV - ok

08:33:49.0816 5900 ICDUSB2 (60b044a221cf76cc6077b0c3e9136cff) C:\Windows\system32\Drivers\ICDUSB2.sys

08:33:49.0909 5900 ICDUSB2 - ok

08:33:49.0941 5900 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

08:33:49.0956 5900 iirsp - ok

08:33:50.0034 5900 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys

08:33:50.0253 5900 IntcAzAudAddService - ok

08:33:50.0299 5900 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

08:33:50.0315 5900 intelide - ok

08:33:50.0331 5900 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

08:33:50.0377 5900 intelppm - ok

08:33:50.0424 5900 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:33:50.0455 5900 IpFilterDriver - ok

08:33:50.0471 5900 IpInIp - ok

08:33:50.0487 5900 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

08:33:50.0533 5900 IPMIDRV - ok

08:33:50.0549 5900 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

08:33:50.0596 5900 IPNAT - ok

08:33:50.0627 5900 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

08:33:50.0658 5900 IRENUM - ok

08:33:50.0689 5900 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

08:33:50.0705 5900 isapnp - ok

08:33:50.0721 5900 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

08:33:50.0752 5900 iScsiPrt - ok

08:33:50.0767 5900 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

08:33:50.0783 5900 iteatapi - ok

08:33:50.0799 5900 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

08:33:50.0814 5900 iteraid - ok

08:33:50.0845 5900 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

08:33:50.0861 5900 kbdclass - ok

08:33:50.0892 5900 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

08:33:50.0939 5900 kbdhid - ok

08:33:50.0986 5900 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

08:33:51.0017 5900 KSecDD - ok

08:33:51.0111 5900 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys

08:33:51.0189 5900 Lavasoft Kernexplorer - ok

08:33:51.0235 5900 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys

08:33:51.0235 5900 Lbd - ok

08:33:51.0267 5900 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

08:33:51.0298 5900 lltdio - ok

08:33:51.0360 5900 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

08:33:51.0376 5900 LSI_FC - ok

08:33:51.0391 5900 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

08:33:51.0407 5900 LSI_SAS - ok

08:33:51.0423 5900 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

08:33:51.0438 5900 LSI_SCSI - ok

08:33:51.0469 5900 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

08:33:51.0485 5900 luafv - ok

08:33:51.0532 5900 LxrSII1d (59045011f52b81cd411419b558dd50ff) C:\Windows\System32\Drivers\LxrSII1d.sys

08:33:51.0594 5900 LxrSII1d - ok

08:33:51.0688 5900 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

08:33:51.0703 5900 megasas - ok

08:33:51.0719 5900 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

08:33:51.0750 5900 MegaSR - ok

08:33:51.0781 5900 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys

08:33:51.0859 5900 mfeapfk - ok

08:33:51.0906 5900 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys

08:33:52.0015 5900 mfeavfk - ok

08:33:52.0047 5900 mfeavfk01 - ok

08:33:52.0062 5900 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys

08:33:52.0140 5900 mfebopk - ok

08:33:52.0218 5900 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys

08:33:52.0374 5900 mfefirek - ok

08:33:52.0452 5900 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys

08:33:52.0624 5900 mfehidk - ok

08:33:52.0655 5900 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys

08:33:52.0749 5900 mfenlfk - ok

08:33:52.0780 5900 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys

08:33:52.0858 5900 mferkdet - ok

08:33:52.0889 5900 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys

08:33:52.0951 5900 mfewfpk - ok

08:33:52.0983 5900 MOBKFilter (e896775837a8bce436348df460522394) C:\Windows\system32\DRIVERS\MOBK.sys

08:33:53.0092 5900 MOBKFilter - ok

08:33:53.0139 5900 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

08:33:53.0185 5900 Modem - ok

08:33:53.0217 5900 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

08:33:53.0248 5900 monitor - ok

08:33:53.0279 5900 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

08:33:53.0295 5900 mouclass - ok

08:33:53.0295 5900 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

08:33:53.0326 5900 mouhid - ok

08:33:53.0357 5900 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

08:33:53.0373 5900 MountMgr - ok

08:33:53.0419 5900 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

08:33:53.0451 5900 mpio - ok

08:33:53.0482 5900 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

08:33:53.0497 5900 mpsdrv - ok

08:33:53.0529 5900 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

08:33:53.0544 5900 Mraid35x - ok

08:33:53.0622 5900 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

08:33:53.0685 5900 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

08:33:53.0685 5900 MREMP50 - detected UnsignedFile.Multi.Generic (1)

08:33:53.0700 5900 MREMPR5 - ok

08:33:53.0700 5900 MRENDIS5 - ok

08:33:53.0716 5900 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

08:33:53.0763 5900 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

08:33:53.0763 5900 MRESP50 - detected UnsignedFile.Multi.Generic (1)

08:33:53.0809 5900 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

08:33:53.0887 5900 MRxDAV - ok

08:33:53.0934 5900 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

08:33:53.0997 5900 mrxsmb - ok

08:33:54.0059 5900 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:33:54.0090 5900 mrxsmb10 - ok

08:33:54.0137 5900 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:33:54.0153 5900 mrxsmb20 - ok

08:33:54.0184 5900 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

08:33:54.0199 5900 msahci - ok

08:33:54.0215 5900 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

08:33:54.0231 5900 msdsm - ok

08:33:54.0277 5900 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

08:33:54.0309 5900 Msfs - ok

08:33:54.0324 5900 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

08:33:54.0324 5900 msisadrv - ok

08:33:54.0355 5900 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

08:33:54.0387 5900 MSKSSRV - ok

08:33:54.0387 5900 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

08:33:54.0418 5900 MSPCLOCK - ok

08:33:54.0433 5900 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

08:33:54.0465 5900 MSPQM - ok

08:33:54.0511 5900 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

08:33:54.0527 5900 MsRPC - ok

08:33:54.0543 5900 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

08:33:54.0558 5900 mssmbios - ok

08:33:54.0574 5900 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

08:33:54.0621 5900 MSTEE - ok

08:33:54.0636 5900 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

08:33:54.0652 5900 Mup - ok

08:33:54.0699 5900 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

08:33:54.0730 5900 NativeWifiP - ok

08:33:54.0777 5900 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

08:33:54.0823 5900 NDIS - ok

08:33:54.0855 5900 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

08:33:54.0870 5900 NdisTapi - ok

08:33:54.0901 5900 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

08:33:54.0948 5900 Ndisuio - ok

08:33:54.0979 5900 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

08:33:55.0011 5900 NdisWan - ok

08:33:55.0042 5900 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

08:33:55.0089 5900 NDProxy - ok

08:33:55.0182 5900 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

08:33:55.0213 5900 NetBIOS - ok

08:33:55.0276 5900 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

08:33:55.0323 5900 netbt - ok

08:33:55.0385 5900 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

08:33:55.0401 5900 nfrd960 - ok

08:33:55.0432 5900 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

08:33:55.0447 5900 Npfs - ok

08:33:55.0463 5900 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

08:33:55.0494 5900 nsiproxy - ok

08:33:55.0557 5900 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

08:33:55.0588 5900 Ntfs - ok

08:33:55.0635 5900 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

08:33:55.0697 5900 ntrigdigi - ok

08:33:55.0728 5900 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

08:33:55.0775 5900 Null - ok

08:33:55.0822 5900 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys

08:33:55.0947 5900 NVENETFD - ok

08:33:56.0134 5900 nvlddmkm (37ce220413b15f914fffb57cd7fe3d79) C:\Windows\system32\DRIVERS\nvlddmkm.sys

08:33:56.0430 5900 nvlddmkm - ok

08:33:56.0461 5900 NVR0Dev (812f257ed1cd53fcb1f9f9cc910f4809) C:\Windows\nvoclock.sys

08:33:56.0539 5900 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning

08:33:56.0539 5900 NVR0Dev - detected UnsignedFile.Multi.Generic (1)

08:33:56.0555 5900 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

08:33:56.0571 5900 nvraid - ok

08:33:56.0602 5900 nvrd32 (049e81b6fb41c73619ed3fe4df7d8638) C:\Windows\system32\drivers\nvrd32.sys

08:33:56.0602 5900 nvrd32 - ok

08:33:56.0633 5900 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

08:33:56.0649 5900 nvstor - ok

08:33:56.0649 5900 nvstor32 (7eba6c9a0a295b1559efb9062e701218) C:\Windows\system32\drivers\nvstor32.sys

08:33:56.0664 5900 nvstor32 - ok

08:33:56.0695 5900 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

08:33:56.0711 5900 nv_agp - ok

08:33:56.0727 5900 NwlnkFlt - ok

08:33:56.0727 5900 NwlnkFwd - ok

08:33:56.0789 5900 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

08:33:56.0820 5900 ohci1394 - ok

08:33:56.0867 5900 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

08:33:56.0898 5900 Parport - ok

08:33:56.0929 5900 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

08:33:56.0945 5900 partmgr - ok

08:33:56.0961 5900 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

08:33:57.0023 5900 Parvdm - ok

08:33:57.0070 5900 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

08:33:57.0085 5900 pci - ok

08:33:57.0117 5900 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

08:33:57.0132 5900 pciide - ok

08:33:57.0163 5900 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

08:33:57.0195 5900 pcmcia - ok

08:33:57.0257 5900 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

08:33:57.0413 5900 PEAUTH - ok

08:33:57.0460 5900 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

08:33:57.0491 5900 PptpMiniport - ok

08:33:57.0522 5900 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

08:33:57.0569 5900 Processor - ok

08:33:57.0600 5900 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

08:33:57.0631 5900 PSched - ok

08:33:57.0663 5900 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys

08:33:57.0678 5900 PxHelp20 - ok

08:33:57.0725 5900 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

08:33:57.0834 5900 ql2300 - ok

08:33:57.0850 5900 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

08:33:57.0865 5900 ql40xx - ok

08:33:57.0912 5900 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

08:33:57.0975 5900 QWAVEdrv - ok

08:33:58.0021 5900 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

08:33:58.0193 5900 R300 - ok

08:33:58.0193 5900 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

08:33:58.0240 5900 RasAcd - ok

08:33:58.0271 5900 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

08:33:58.0302 5900 Rasl2tp - ok

08:33:58.0333 5900 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

08:33:58.0380 5900 RasPppoe - ok

08:33:58.0427 5900 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

08:33:58.0443 5900 RasSstp - ok

08:33:58.0505 5900 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

08:33:58.0552 5900 rdbss - ok

08:33:58.0583 5900 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

08:33:58.0614 5900 RDPCDD - ok

08:33:58.0661 5900 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys

08:33:58.0708 5900 rdpdr - ok

08:33:58.0708 5900 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

08:33:58.0739 5900 RDPENCDD - ok

08:33:58.0801 5900 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

08:33:58.0833 5900 RDPWD - ok

08:33:58.0864 5900 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

08:33:58.0911 5900 RFCOMM - ok

08:33:58.0957 5900 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

08:33:58.0989 5900 rspndr - ok

08:33:59.0004 5900 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

08:33:59.0020 5900 sbp2port - ok

08:33:59.0067 5900 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

08:33:59.0113 5900 secdrv - ok

08:33:59.0129 5900 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

08:33:59.0160 5900 Serenum - ok

08:33:59.0191 5900 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

08:33:59.0254 5900 Serial - ok

08:33:59.0285 5900 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

08:33:59.0332 5900 sermouse - ok

08:33:59.0363 5900 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

08:33:59.0394 5900 sffdisk - ok

08:33:59.0425 5900 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

08:33:59.0441 5900 sffp_mmc - ok

08:33:59.0488 5900 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

08:33:59.0519 5900 sffp_sd - ok

08:33:59.0566 5900 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

08:33:59.0613 5900 sfloppy - ok

08:33:59.0644 5900 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

08:33:59.0644 5900 sisagp - ok

08:33:59.0659 5900 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

08:33:59.0675 5900 SiSRaid2 - ok

08:33:59.0691 5900 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

08:33:59.0706 5900 SiSRaid4 - ok

08:33:59.0753 5900 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

08:33:59.0784 5900 Smb - ok

08:33:59.0800 5900 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

08:33:59.0815 5900 spldr - ok

08:33:59.0878 5900 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

08:33:59.0940 5900 srv - ok

08:34:00.0003 5900 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

08:34:00.0159 5900 srv2 - ok

08:34:00.0205 5900 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

08:34:00.0330 5900 srvnet - ok

08:34:00.0346 5900 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

08:34:00.0361 5900 swenum - ok

08:34:00.0393 5900 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

08:34:00.0393 5900 Symc8xx - ok

08:34:00.0424 5900 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

08:34:00.0439 5900 Sym_hi - ok

08:34:00.0455 5900 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

08:34:00.0471 5900 Sym_u3 - ok

08:34:00.0549 5900 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

08:34:00.0673 5900 Tcpip - ok

08:34:00.0689 5900 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

08:34:00.0751 5900 Tcpip6 - ok

08:34:00.0798 5900 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

08:34:00.0814 5900 tcpipreg - ok

08:34:00.0845 5900 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

08:34:00.0861 5900 TDPIPE - ok

08:34:00.0876 5900 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

08:34:00.0907 5900 TDTCP - ok

08:34:00.0939 5900 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

08:34:00.0985 5900 tdx - ok

08:34:01.0017 5900 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

08:34:01.0032 5900 TermDD - ok

08:34:01.0095 5900 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

08:34:01.0095 5900 TrueSight ( UnsignedFile.Multi.Generic ) - warning

08:34:01.0095 5900 TrueSight - detected UnsignedFile.Multi.Generic (1)

08:34:01.0126 5900 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

08:34:01.0157 5900 tssecsrv - ok

08:34:01.0157 5900 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

08:34:01.0219 5900 tunmp - ok

08:34:01.0251 5900 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

08:34:01.0266 5900 tunnel - ok

08:34:01.0297 5900 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

08:34:01.0313 5900 uagp35 - ok

08:34:01.0360 5900 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

08:34:01.0391 5900 udfs - ok

08:34:01.0407 5900 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

08:34:01.0422 5900 uliagpkx - ok

08:34:01.0438 5900 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

08:34:01.0469 5900 uliahci - ok

08:34:01.0485 5900 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

08:34:01.0500 5900 UlSata - ok

08:34:01.0516 5900 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

08:34:01.0531 5900 ulsata2 - ok

08:34:01.0563 5900 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

08:34:01.0609 5900 umbus - ok

08:34:01.0672 5900 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

08:34:01.0828 5900 USBAAPL - ok

08:34:01.0875 5900 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

08:34:01.0890 5900 usbccgp - ok

08:34:01.0921 5900 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

08:34:01.0968 5900 usbcir - ok

08:34:01.0999 5900 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

08:34:02.0046 5900 usbehci - ok

08:34:02.0077 5900 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

08:34:02.0140 5900 usbhub - ok

08:34:02.0187 5900 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

08:34:02.0218 5900 usbohci - ok

08:34:02.0265 5900 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

08:34:02.0296 5900 usbprint - ok

08:34:02.0358 5900 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

08:34:02.0374 5900 usbscan - ok

08:34:02.0405 5900 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:34:02.0421 5900 USBSTOR - ok

08:34:02.0452 5900 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

08:34:02.0483 5900 usbuhci - ok

08:34:02.0514 5900 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

08:34:02.0530 5900 vga - ok

08:34:02.0561 5900 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

08:34:02.0623 5900 VgaSave - ok

08:34:02.0639 5900 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

08:34:02.0655 5900 viaagp - ok

08:34:02.0686 5900 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

08:34:02.0748 5900 ViaC7 - ok

08:34:02.0779 5900 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

08:34:02.0795 5900 viaide - ok

08:34:02.0811 5900 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

08:34:02.0826 5900 volmgr - ok

08:34:02.0857 5900 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

08:34:02.0873 5900 volmgrx - ok

08:34:02.0889 5900 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

08:34:02.0904 5900 volsnap - ok

08:34:02.0935 5900 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

08:34:02.0951 5900 vsmraid - ok

08:34:02.0982 5900 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

08:34:03.0029 5900 WacomPen - ok

08:34:03.0045 5900 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

08:34:03.0091 5900 Wanarp - ok

08:34:03.0091 5900 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

08:34:03.0123 5900 Wanarpv6 - ok

08:34:03.0169 5900 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

08:34:03.0185 5900 Wd - ok

08:34:03.0216 5900 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

08:34:03.0232 5900 Wdf01000 - ok

08:34:03.0310 5900 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

08:34:03.0357 5900 WmiAcpi - ok

08:34:03.0403 5900 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

08:34:03.0419 5900 WpdUsb - ok

08:34:03.0435 5900 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

08:34:03.0466 5900 ws2ifsl - ok

08:34:03.0497 5900 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

08:34:03.0528 5900 WUDFRd - ok

08:34:03.0575 5900 ZSMC0305 (c53cb6b30e8d7fe6d950707508aacfb9) C:\Windows\system32\Drivers\usbVM305.sys

08:34:03.0684 5900 ZSMC0305 - ok

08:34:03.0715 5900 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

08:34:03.0840 5900 \Device\Harddisk0\DR0 - ok

08:34:03.0871 5900 Boot (0x1200) (1fc14a6256d255fc9a08ac906b851c80) \Device\Harddisk0\DR0\Partition0

08:34:03.0871 5900 \Device\Harddisk0\DR0\Partition0 - ok

08:34:03.0871 5900 Boot (0x1200) (6c674505d75512539402a7320cfb7c07) \Device\Harddisk0\DR0\Partition1

08:34:03.0887 5900 \Device\Harddisk0\DR0\Partition1 - ok

08:34:03.0887 5900 ============================================================

08:34:03.0887 5900 Scan finished

08:34:03.0887 5900 ============================================================

08:34:03.0887 4804 Detected object count: 4

08:34:03.0887 4804 Actual detected object count: 4

08:34:35.0690 4804 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

08:34:35.0690 4804 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:34:35.0706 4804 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

08:34:35.0706 4804 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:34:35.0706 4804 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user

08:34:35.0706 4804 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:34:35.0706 4804 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

08:34:35.0706 4804 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Download aswMBR to your desktop.

http://public.avast.com/~gmerek/aswMBR.exe

Double click the aswMBR.exe to run it.

If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".

Click the "Scan" button to start scan.

On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

MrC

Link to post
Share on other sites

aswMBR version 0.9.9.1156 Copyright© 2011 AVAST Software

Run date: 2012-01-05 09:37:24

-----------------------------

09:37:24.453 OS Version: Windows 6.0.6002 Service Pack 2

09:37:24.453 Number of processors: 4 586 0x1707

09:37:24.453 ComputerName: CONNIE-PC UserName: Connie

09:37:27.448 Initialize success

09:38:54.618 AVAST engine defs: 12010500

09:39:47.209 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f

09:39:47.209 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 6

09:39:47.240 Disk 0 MBR read successfully

09:39:47.240 Disk 0 MBR scan

09:39:47.240 Disk 0 Windows VISTA default MBR code

09:39:47.256 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63

09:39:47.256 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640

09:39:47.271 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 600184 MB offset 21084160

09:39:47.287 Disk 0 scanning sectors +1250260992

09:39:47.349 Disk 0 scanning C:\Windows\system32\drivers

09:40:01.374 Service scanning

09:40:03.542 Modules scanning

09:40:07.754 Disk 0 trace - called modules:

09:40:08.285 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys

09:40:08.285 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f775d0]

09:40:08.285 3 CLASSPNP.SYS[807998b3] -> nt!IofCallDriver -> [0x865e0158]

09:40:08.285 5 acpi.sys[806946bc] -> nt!IofCallDriver -> \Device\0000005f[0x865c35f0]

09:40:10.032 AVAST engine scan C:\Windows

09:40:18.347 AVAST engine scan C:\Windows\system32

09:43:02.600 AVAST engine scan C:\Windows\system32\drivers

09:43:16.796 AVAST engine scan C:\Users\Connie

09:53:33.963 File: C:\Users\Connie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\4456791b-4bae104b **INFECTED** Win32:MalOb-GR [Cryp]

10:14:21.799 AVAST engine scan C:\ProgramData

12:25:17.006 Scan finished successfully

12:36:16.756 Disk 0 MBR has been saved successfully to "C:\Users\Connie\Desktop\MBR.dat"

12:36:16.756 The log file has been saved successfully to "C:\Users\Connie\Desktop\aswMBR.txt"

Link to post
Share on other sites

Please clear out your Java cache:

http://www.java.com/en/download/help/plugin_cache.xml

------------------------------

Then.....

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

I came up with this....

Click "Start," type "msconfig" into the search field and press Enter. The System Configuration window opens.

Click the "Startup" tab in the System Configuration window.

Uncheck the box next to "McAfee Total Protection."

Click "Apply," then "OK."

Restart your computer.

and this:

http://img.photobucket.com/albums/v666/sUBs/mcafee_disable.gif

MrC

Link to post
Share on other sites

Make sure ComboFix is on your desktop.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Go to Start > Run > copy and paste this and hit Enter:

"%userprofile%\desktop\ComboFix.exe" /killall

See if you get any warnings.

MrC

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.