Jump to content

Recommended Posts

mbam keeps stopping this i p address from outgoing. It happens about 15 minutes after the hour and seems to make 3 attempts and then stops for another hour. Ran latest version of mbam and it shows no problems. I don't know if possibly there is a virus or not. It does this with the browser closed also. Theser are the dds files.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 6/16/2009 4:08:55 PM

System Uptime: 2/10/2012 2:05:04 PM (94 hours ago)

.

Motherboard: Acer | |

Processor: Intel® Atom CPU N270 @ 1.60GHz | CPU | 1596/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 144 GiB total, 129.805 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Atheros AR5007EG Wireless Network Adapter

Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_E008105B&REV_01\4&2803E7C1&0&00E2

Manufacturer: Atheros

Name: Atheros AR5007EG Wireless Network Adapter

PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_E008105B&REV_01\4&2803E7C1&0&00E2

Service: AR5416

.

Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}

Description: Photosmart C6300 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart C6300 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

==== System Restore Points ===================

.

RP677: 11/16/2011 1:37:01 PM - System Checkpoint

RP678: 11/17/2011 2:37:01 PM - System Checkpoint

RP679: 11/18/2011 3:35:30 PM - System Checkpoint

RP680: 11/19/2011 4:10:59 PM - System Checkpoint

RP681: 11/20/2011 4:14:55 PM - System Checkpoint

RP682: 11/21/2011 4:52:28 PM - System Checkpoint

RP683: 11/22/2011 5:12:44 PM - System Checkpoint

RP684: 11/23/2011 6:23:29 PM - System Checkpoint

RP685: 11/24/2011 6:44:54 PM - System Checkpoint

RP686: 11/26/2011 7:32:09 AM - System Checkpoint

RP687: 11/27/2011 8:29:20 AM - System Checkpoint

RP688: 11/28/2011 9:22:35 AM - System Checkpoint

RP689: 11/29/2011 1:46:48 PM - System Checkpoint

RP690: 11/30/2011 2:31:15 PM - System Checkpoint

RP691: 12/1/2011 2:35:23 PM - System Checkpoint

RP692: 12/2/2011 3:31:16 PM - System Checkpoint

RP693: 12/3/2011 3:36:25 PM - System Checkpoint

RP694: 12/4/2011 3:45:55 PM - System Checkpoint

RP695: 12/5/2011 4:04:04 PM - System Checkpoint

RP696: 12/6/2011 5:00:45 PM - System Checkpoint

RP697: 12/7/2011 5:56:17 PM - System Checkpoint

RP698: 12/8/2011 7:00:50 PM - System Checkpoint

RP699: 12/9/2011 10:10:23 PM - System Checkpoint

RP700: 12/10/2011 11:55:29 PM - System Checkpoint

RP701: 12/12/2011 7:49:28 AM - System Checkpoint

RP702: 12/13/2011 8:17:53 AM - System Checkpoint

RP703: 12/14/2011 9:10:45 AM - System Checkpoint

RP704: 12/15/2011 12:21:41 AM - Software Distribution Service 3.0

RP705: 12/16/2011 1:00:16 AM - System Checkpoint

RP706: 12/17/2011 10:23:56 AM - System Checkpoint

RP707: 12/18/2011 10:57:30 AM - System Checkpoint

RP708: 12/19/2011 11:47:09 AM - System Checkpoint

RP709: 12/20/2011 12:46:42 PM - System Checkpoint

RP710: 12/21/2011 12:47:47 PM - System Checkpoint

RP711: 12/22/2011 1:20:52 PM - System Checkpoint

RP712: 12/23/2011 2:19:59 PM - System Checkpoint

RP713: 12/24/2011 3:05:15 PM - System Checkpoint

RP714: 12/25/2011 9:05:04 PM - System Checkpoint

RP715: 12/27/2011 12:46:04 PM - System Checkpoint

RP716: 12/28/2011 12:55:36 PM - System Checkpoint

RP717: 12/29/2011 1:33:05 PM - System Checkpoint

RP718: 12/30/2011 2:05:23 PM - System Checkpoint

RP719: 12/31/2011 2:32:59 PM - System Checkpoint

RP720: 1/1/2012 2:43:55 PM - System Checkpoint

RP721: 1/2/2012 3:43:58 PM - System Checkpoint

RP722: 1/3/2012 4:04:50 PM - System Checkpoint

RP723: 1/4/2012 4:17:38 PM - System Checkpoint

RP724: 1/5/2012 4:51:20 PM - System Checkpoint

RP725: 1/5/2012 11:57:17 PM - Software Distribution Service 3.0

RP726: 1/7/2012 7:55:51 AM - System Checkpoint

RP727: 1/8/2012 8:00:13 AM - System Checkpoint

RP728: 1/9/2012 8:00:39 AM - System Checkpoint

RP729: 1/10/2012 8:14:51 AM - System Checkpoint

RP730: 1/11/2012 9:10:25 AM - System Checkpoint

RP731: 1/11/2012 11:59:11 PM - Software Distribution Service 3.0

RP732: 1/13/2012 10:20:32 AM - System Checkpoint

RP733: 1/14/2012 12:04:51 PM - System Checkpoint

RP734: 1/15/2012 1:02:50 PM - System Checkpoint

RP735: 1/16/2012 1:09:42 PM - System Checkpoint

RP736: 1/17/2012 1:31:42 PM - System Checkpoint

RP737: 1/18/2012 2:18:23 PM - System Checkpoint

RP738: 1/19/2012 3:14:24 PM - System Checkpoint

RP739: 1/20/2012 3:58:27 PM - System Checkpoint

RP740: 1/21/2012 4:32:47 PM - System Checkpoint

RP741: 1/22/2012 5:42:28 PM - System Checkpoint

RP742: 1/23/2012 6:19:30 PM - System Checkpoint

RP743: 1/24/2012 6:49:43 PM - System Checkpoint

RP744: 1/25/2012 9:13:29 PM - System Checkpoint

RP745: 1/26/2012 9:57:07 PM - System Checkpoint

RP746: 1/28/2012 10:02:14 AM - System Checkpoint

RP747: 1/29/2012 3:00:16 AM - Software Distribution Service 3.0

RP748: 1/30/2012 3:21:51 AM - System Checkpoint

RP749: 1/31/2012 4:21:51 AM - System Checkpoint

RP750: 2/1/2012 8:24:24 AM - System Checkpoint

RP751: 2/2/2012 8:39:03 AM - System Checkpoint

RP752: 2/3/2012 11:25:59 AM - System Checkpoint

RP753: 2/4/2012 2:46:32 PM - System Checkpoint

RP754: 2/5/2012 3:01:29 PM - System Checkpoint

RP755: 2/6/2012 3:55:26 PM - System Checkpoint

RP756: 2/7/2012 4:34:09 PM - System Checkpoint

RP757: 2/8/2012 5:14:01 PM - System Checkpoint

RP758: 2/9/2012 6:18:37 PM - System Checkpoint

RP759: 2/10/2012 8:15:30 PM - System Checkpoint

RP760: 2/12/2012 1:02:47 AM - System Checkpoint

RP761: 2/13/2012 1:10:51 AM - System Checkpoint

RP762: 2/14/2012 2:10:48 AM - System Checkpoint

.

==== Installed Programs ======================

.

.

2007 Microsoft Office Suite Service Pack 1 (SP1)

32 Bit HP CIO Components Installer

Acer Crystal Eye webcam

Acer ScreenSaver

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0

Atheros for Acer Driver v7.6.0.224_Foxconn Installation Program

Google Earth Plug-in

Google Update Helper

GoToMeeting 4.1.0.366

Hitman Pro 3.5

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Photosmart C6300 All-In-One Driver 12.0 Rel .4

iLinc Client

Intel® Graphics Media Accelerator Driver

InterVideo Register Manager

InterVideo WinDVD

IrfanView (remove only)

Java Auto Updater

Java 6 Update 23

JMicron JMB38X Flash Media Controller

Launch Manager

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office Home and Student 2007 Trial

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Software Update for Web Folders (English) 12

Microsoft Works

Mozilla Firefox 10.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network

OpenOffice.org 3.1

PS_AIO_04_C6300_Software_Min

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Spelling Dictionaries Support For Adobe Reader 9

Synaptics Pointing Device Driver

Toolbox

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Office 2007 (KB946691)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB898461)

Update for Windows XP (KB942763)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Internet Explorer 7

WOT for Internet Explorer

.

==== Event Viewer Messages From Past Week ========

.

2/8/2012 3:10:25 PM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible.

.

==== End Of File ===========================

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_23

Run by Kim at 12:08:42 on 2012-02-14

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.536 [GMT -5:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\Documents and Settings\Kim\Desktop\Tcpview.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

uInternet Connection Wizard,ShellNext = iexplore

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

mRun: [LaunchApp] Alaunch

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE

mRun: [PLFSetL] c:\windows\PLFSetL.exe

mRun: [snp2uvc] c:\windows\vsnp2uvc.exe

mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll

Notify: igfxcui - igfxdev.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\kim\application data\mozilla\firefox\profiles\gk5r9vw6.default\

FF - prefs.js: browser.startup.homepage - WWW.YAHOO.COM

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-7-10 652360]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-7-10 20464]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-10 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-10 136176]

S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-6-16 96856]

.

=============== Created Last 30 ================

.

.

==================== Find3M ====================

.

2012-02-10 03:39:40 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-19 13:13:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe

.

============= FINISH: 12:09:07.34 ===============

Sorry if I got the cart before the horse.

Link to post
Share on other sites

RogueKiller V7.0.4 [02/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Kim [Admin rights]

Mode: Scan -- Date : 02/14/2012 17:58:24

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] Tcpview.exe -- C:\Documents and Settings\Kim\Desktop\Tcpview.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543216L9A300 +++++

--- User ---

[MBR] 7cb3943294ecd87e39cd94dc8f24b530

[bSP] 0639599f9f10526a8845373803eb7b9b : Acer tatooed MBR Code

Partition table:

0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 4996 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 10233405 | Size: 147628 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

No...nothing to delete!

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...howtopic=104821

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Post back the log, MrC

Link to post
Share on other sites

0781 3412 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52

18:43:24.0125 3412 ============================================================

18:43:24.0125 3412 Current date / time: 2012/02/14 18:43:24.0125

18:43:24.0125 3412 SystemInfo:

18:43:24.0125 3412

18:43:24.0125 3412 OS Version: 5.1.2600 ServicePack: 3.0

18:43:24.0125 3412 Product type: Workstation

18:43:24.0125 3412 ComputerName: ACER-6E40E97492

18:43:24.0125 3412 UserName: Kim

18:43:24.0125 3412 Windows directory: C:\WINDOWS

18:43:24.0125 3412 System windows directory: C:\WINDOWS

18:43:24.0125 3412 Processor architecture: Intel x86

18:43:24.0125 3412 Number of processors: 2

18:43:24.0125 3412 Page size: 0x1000

18:43:24.0125 3412 Boot type: Normal boot

18:43:24.0125 3412 ============================================================

18:43:25.0984 3412 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:43:25.0984 3412 \Device\Harddisk0\DR0:

18:43:25.0984 3412 MBR used

18:43:25.0984 3412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x12056484

18:43:26.0046 3412 Initialize success

18:43:26.0046 3412 ============================================================

18:43:27.0796 2256 ============================================================

18:43:27.0796 2256 Scan started

18:43:27.0796 2256 Mode: Manual;

18:43:27.0796 2256 ============================================================

18:43:28.0609 2256 Abiosdsk - ok

18:43:28.0687 2256 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

18:43:28.0687 2256 abp480n5 - ok

18:43:28.0796 2256 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:43:28.0796 2256 ACPI - ok

18:43:28.0859 2256 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:43:28.0859 2256 ACPIEC - ok

18:43:28.0968 2256 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

18:43:28.0968 2256 adpu160m - ok

18:43:29.0062 2256 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:43:29.0062 2256 aec - ok

18:43:29.0171 2256 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

18:43:29.0171 2256 AFD - ok

18:43:29.0234 2256 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

18:43:29.0250 2256 agp440 - ok

18:43:29.0328 2256 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

18:43:29.0343 2256 agpCPQ - ok

18:43:29.0406 2256 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

18:43:29.0421 2256 Aha154x - ok

18:43:29.0437 2256 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

18:43:29.0453 2256 aic78u2 - ok

18:43:29.0515 2256 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

18:43:29.0515 2256 aic78xx - ok

18:43:29.0578 2256 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

18:43:29.0593 2256 AliIde - ok

18:43:29.0609 2256 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

18:43:29.0609 2256 alim1541 - ok

18:43:29.0640 2256 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

18:43:29.0640 2256 amdagp - ok

18:43:29.0703 2256 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

18:43:29.0718 2256 amsint - ok

18:43:29.0828 2256 AR5416 (7cae93fe5511d0c0688cfa56cf241e31) C:\WINDOWS\system32\DRIVERS\athw.sys

18:43:29.0859 2256 AR5416 - ok

18:43:29.0968 2256 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

18:43:29.0968 2256 asc - ok

18:43:30.0031 2256 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

18:43:30.0031 2256 asc3350p - ok

18:43:30.0125 2256 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

18:43:30.0140 2256 asc3550 - ok

18:43:30.0265 2256 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:43:30.0265 2256 AsyncMac - ok

18:43:30.0390 2256 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:43:30.0390 2256 atapi - ok

18:43:30.0453 2256 Atdisk - ok

18:43:30.0500 2256 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:43:30.0500 2256 Atmarpc - ok

18:43:30.0531 2256 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:43:30.0546 2256 audstub - ok

18:43:30.0656 2256 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:43:30.0656 2256 Beep - ok

18:43:30.0765 2256 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

18:43:30.0765 2256 cbidf - ok

18:43:30.0875 2256 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:43:30.0875 2256 cbidf2k - ok

18:43:30.0953 2256 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

18:43:30.0953 2256 CCDECODE - ok

18:43:31.0015 2256 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

18:43:31.0015 2256 cd20xrnt - ok

18:43:31.0062 2256 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:43:31.0062 2256 Cdaudio - ok

18:43:31.0109 2256 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:43:31.0109 2256 Cdfs - ok

18:43:31.0140 2256 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:43:31.0140 2256 Cdrom - ok

18:43:31.0171 2256 Changer - ok

18:43:31.0218 2256 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:43:31.0234 2256 CmBatt - ok

18:43:31.0265 2256 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

18:43:31.0265 2256 CmdIde - ok

18:43:31.0359 2256 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:43:31.0359 2256 Compbatt - ok

18:43:31.0421 2256 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

18:43:31.0421 2256 Cpqarray - ok

18:43:31.0484 2256 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

18:43:31.0484 2256 dac2w2k - ok

18:43:31.0546 2256 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

18:43:31.0546 2256 dac960nt - ok

18:43:31.0609 2256 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:43:31.0609 2256 Disk - ok

18:43:31.0656 2256 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys

18:43:31.0656 2256 DKbFltr - ok

18:43:31.0781 2256 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

18:43:31.0796 2256 dmboot - ok

18:43:31.0921 2256 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

18:43:31.0921 2256 dmio - ok

18:43:32.0000 2256 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:43:32.0000 2256 dmload - ok

18:43:32.0109 2256 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:43:32.0109 2256 DMusic - ok

18:43:32.0187 2256 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

18:43:32.0203 2256 dpti2o - ok

18:43:32.0296 2256 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:43:32.0296 2256 drmkaud - ok

18:43:32.0406 2256 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:43:32.0421 2256 Fastfat - ok

18:43:32.0546 2256 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

18:43:32.0546 2256 Fdc - ok

18:43:32.0625 2256 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

18:43:32.0625 2256 Fips - ok

18:43:32.0718 2256 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

18:43:32.0734 2256 Flpydisk - ok

18:43:32.0812 2256 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

18:43:32.0812 2256 FltMgr - ok

18:43:32.0921 2256 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:43:32.0921 2256 Fs_Rec - ok

18:43:33.0015 2256 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:43:33.0015 2256 Ftdisk - ok

18:43:33.0109 2256 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:43:33.0125 2256 Gpc - ok

18:43:33.0218 2256 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:43:33.0234 2256 HDAudBus - ok

18:43:33.0359 2256 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

18:43:33.0359 2256 hpn - ok

18:43:33.0484 2256 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:43:33.0500 2256 HTTP - ok

18:43:33.0531 2256 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

18:43:33.0531 2256 i2omgmt - ok

18:43:33.0640 2256 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

18:43:33.0640 2256 i2omp - ok

18:43:33.0734 2256 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:43:33.0734 2256 i8042prt - ok

18:43:34.0046 2256 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

18:43:34.0156 2256 ialm - ok

18:43:34.0281 2256 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:43:34.0281 2256 Imapi - ok

18:43:34.0343 2256 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

18:43:34.0343 2256 ini910u - ok

18:43:34.0453 2256 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys

18:43:34.0453 2256 int15.sys - ok

18:43:34.0703 2256 IntcAzAudAddService (19afbb8427ce65042599555e578170df) C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:43:34.0796 2256 IntcAzAudAddService - ok

18:43:34.0968 2256 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

18:43:34.0968 2256 IntelIde - ok

18:43:35.0046 2256 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:43:35.0046 2256 intelppm - ok

18:43:35.0156 2256 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

18:43:35.0156 2256 Ip6Fw - ok

18:43:35.0234 2256 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:43:35.0234 2256 IpFilterDriver - ok

18:43:35.0343 2256 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:43:35.0343 2256 IpInIp - ok

18:43:35.0437 2256 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:43:35.0437 2256 IpNat - ok

18:43:35.0531 2256 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:43:35.0531 2256 IPSec - ok

18:43:35.0562 2256 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:43:35.0562 2256 IRENUM - ok

18:43:35.0656 2256 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:43:35.0656 2256 isapnp - ok

18:43:35.0781 2256 JMCR (da971cfc625d13636e04c405948e9d62) C:\WINDOWS\system32\DRIVERS\jmcr.sys

18:43:35.0781 2256 JMCR - ok

18:43:35.0875 2256 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:43:35.0875 2256 Kbdclass - ok

18:43:35.0984 2256 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:43:35.0984 2256 kmixer - ok

18:43:36.0078 2256 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:43:36.0078 2256 KSecDD - ok

18:43:36.0187 2256 lbrtfdc - ok

18:43:36.0296 2256 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

18:43:36.0312 2256 MBAMProtector - ok

18:43:36.0375 2256 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

18:43:36.0390 2256 MBAMSwissArmy - ok

18:43:36.0437 2256 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:43:36.0453 2256 mnmdd - ok

18:43:36.0562 2256 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

18:43:36.0562 2256 Modem - ok

18:43:36.0640 2256 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:43:36.0640 2256 Mouclass - ok

18:43:36.0671 2256 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:43:36.0671 2256 MountMgr - ok

18:43:36.0703 2256 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

18:43:36.0703 2256 mraid35x - ok

18:43:36.0796 2256 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:43:36.0796 2256 MRxDAV - ok

18:43:36.0859 2256 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:43:36.0875 2256 MRxSmb - ok

18:43:36.0968 2256 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:43:36.0968 2256 Msfs - ok

18:43:37.0015 2256 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:43:37.0015 2256 MSKSSRV - ok

18:43:37.0031 2256 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:43:37.0046 2256 MSPCLOCK - ok

18:43:37.0062 2256 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:43:37.0062 2256 MSPQM - ok

18:43:37.0140 2256 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:43:37.0140 2256 mssmbios - ok

18:43:37.0203 2256 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

18:43:37.0203 2256 MSTEE - ok

18:43:37.0250 2256 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:43:37.0250 2256 Mup - ok

18:43:37.0328 2256 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:43:37.0328 2256 NABTSFEC - ok

18:43:37.0421 2256 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:43:37.0421 2256 NDIS - ok

18:43:37.0453 2256 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:43:37.0453 2256 NdisIP - ok

18:43:37.0500 2256 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:43:37.0500 2256 NdisTapi - ok

18:43:37.0593 2256 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:43:37.0593 2256 Ndisuio - ok

18:43:37.0640 2256 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:43:37.0640 2256 NdisWan - ok

18:43:37.0687 2256 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:43:37.0687 2256 NDProxy - ok

18:43:37.0734 2256 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:43:37.0734 2256 NetBIOS - ok

18:43:37.0828 2256 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:43:37.0828 2256 NetBT - ok

18:43:37.0953 2256 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:43:37.0953 2256 Npfs - ok

18:43:37.0984 2256 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:43:38.0000 2256 Ntfs - ok

18:43:38.0125 2256 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:43:38.0125 2256 Null - ok

18:43:38.0187 2256 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:43:38.0203 2256 NwlnkFlt - ok

18:43:38.0281 2256 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:43:38.0281 2256 NwlnkFwd - ok

18:43:38.0375 2256 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

18:43:38.0375 2256 Parport - ok

18:43:38.0406 2256 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:43:38.0421 2256 PartMgr - ok

18:43:38.0453 2256 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

18:43:38.0453 2256 ParVdm - ok

18:43:38.0468 2256 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

18:43:38.0468 2256 PCI - ok

18:43:38.0500 2256 PCIDump - ok

18:43:38.0531 2256 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:43:38.0531 2256 PCIIde - ok

18:43:38.0593 2256 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

18:43:38.0593 2256 Pcmcia - ok

18:43:38.0656 2256 PDCOMP - ok

18:43:38.0687 2256 PDFRAME - ok

18:43:38.0718 2256 PDRELI - ok

18:43:38.0750 2256 PDRFRAME - ok

18:43:38.0796 2256 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

18:43:38.0796 2256 perc2 - ok

18:43:38.0828 2256 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

18:43:38.0828 2256 perc2hib - ok

18:43:39.0000 2256 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:43:39.0000 2256 PptpMiniport - ok

18:43:39.0062 2256 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:43:39.0062 2256 PSched - ok

18:43:39.0078 2256 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:43:39.0078 2256 Ptilink - ok

18:43:39.0125 2256 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

18:43:39.0125 2256 ql1080 - ok

18:43:39.0234 2256 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

18:43:39.0234 2256 Ql10wnt - ok

18:43:39.0281 2256 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

18:43:39.0281 2256 ql12160 - ok

18:43:39.0312 2256 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

18:43:39.0312 2256 ql1240 - ok

18:43:39.0375 2256 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

18:43:39.0375 2256 ql1280 - ok

18:43:39.0406 2256 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:43:39.0406 2256 RasAcd - ok

18:43:39.0500 2256 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:43:39.0500 2256 Rasl2tp - ok

18:43:39.0546 2256 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:43:39.0546 2256 RasPppoe - ok

18:43:39.0578 2256 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:43:39.0578 2256 Raspti - ok

18:43:39.0609 2256 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:43:39.0609 2256 Rdbss - ok

18:43:39.0640 2256 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:43:39.0640 2256 RDPCDD - ok

18:43:39.0750 2256 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:43:39.0750 2256 rdpdr - ok

18:43:39.0796 2256 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:43:39.0796 2256 RDPWD - ok

18:43:39.0890 2256 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:43:39.0890 2256 redbook - ok

18:43:39.0984 2256 RTLE8023xp (f0a21c62b9b835e1c96268eaae31d239) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

18:43:39.0984 2256 RTLE8023xp - ok

18:43:40.0062 2256 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:43:40.0062 2256 Secdrv - ok

18:43:40.0171 2256 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

18:43:40.0171 2256 Serial - ok

18:43:40.0250 2256 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

18:43:40.0250 2256 Sfloppy - ok

18:43:40.0296 2256 Simbad - ok

18:43:40.0343 2256 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

18:43:40.0343 2256 sisagp - ok

18:43:40.0390 2256 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:43:40.0390 2256 SLIP - ok

18:43:40.0625 2256 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys

18:43:40.0656 2256 SNP2UVC - ok

18:43:40.0781 2256 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

18:43:40.0781 2256 Sparrow - ok

18:43:40.0875 2256 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:43:40.0875 2256 splitter - ok

18:43:40.0984 2256 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

18:43:40.0984 2256 sr - ok

18:43:41.0078 2256 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:43:41.0093 2256 Srv - ok

18:43:41.0218 2256 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

18:43:41.0218 2256 StillCam - ok

18:43:41.0312 2256 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:43:41.0312 2256 streamip - ok

18:43:41.0406 2256 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:43:41.0406 2256 swenum - ok

18:43:41.0453 2256 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:43:41.0453 2256 swmidi - ok

18:43:41.0500 2256 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

18:43:41.0500 2256 symc810 - ok

18:43:41.0562 2256 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

18:43:41.0562 2256 symc8xx - ok

18:43:41.0625 2256 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

18:43:41.0625 2256 sym_hi - ok

18:43:41.0687 2256 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

18:43:41.0687 2256 sym_u3 - ok

18:43:41.0734 2256 SynTP (409f7eeb079d6154ccb26a02e6e27844) C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:43:41.0750 2256 SynTP - ok

18:43:41.0796 2256 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:43:41.0812 2256 sysaudio - ok

18:43:41.0921 2256 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:43:41.0921 2256 Tcpip - ok

18:43:41.0984 2256 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:43:41.0984 2256 TDPIPE - ok

18:43:42.0062 2256 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:43:42.0062 2256 TDTCP - ok

18:43:42.0093 2256 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:43:42.0093 2256 TermDD - ok

18:43:42.0156 2256 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

18:43:42.0156 2256 TosIde - ok

18:43:42.0234 2256 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

18:43:42.0234 2256 TrueSight - ok

18:43:42.0312 2256 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:43:42.0312 2256 Udfs - ok

18:43:42.0390 2256 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

18:43:42.0390 2256 ultra - ok

18:43:42.0468 2256 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:43:42.0484 2256 Update - ok

18:43:42.0546 2256 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:43:42.0562 2256 usbccgp - ok

18:43:42.0625 2256 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:43:42.0625 2256 usbehci - ok

18:43:42.0703 2256 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:43:42.0703 2256 usbhub - ok

18:43:42.0765 2256 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:43:42.0781 2256 usbprint - ok

18:43:42.0843 2256 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:43:42.0843 2256 usbscan - ok

18:43:42.0921 2256 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:43:42.0921 2256 USBSTOR - ok

18:43:42.0968 2256 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:43:42.0968 2256 usbuhci - ok

18:43:43.0046 2256 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:43:43.0046 2256 VgaSave - ok

18:43:43.0093 2256 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

18:43:43.0093 2256 viaagp - ok

18:43:43.0125 2256 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

18:43:43.0140 2256 ViaIde - ok

18:43:43.0218 2256 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

18:43:43.0218 2256 VolSnap - ok

18:43:43.0328 2256 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:43:43.0328 2256 Wanarp - ok

18:43:43.0359 2256 WDICA - ok

18:43:43.0390 2256 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:43:43.0406 2256 wdmaud - ok

18:43:43.0546 2256 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:43:43.0546 2256 WmiAcpi - ok

18:43:43.0640 2256 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:43:43.0640 2256 WSTCODEC - ok

18:43:43.0703 2256 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

18:43:51.0093 2256 \Device\Harddisk0\DR0 - ok

18:43:51.0125 2256 Boot (0x1200) (8bb9ec9910c5ff61e7067c45061e938f) \Device\Harddisk0\DR0\Partition0

18:43:51.0125 2256 \Device\Harddisk0\DR0\Partition0 - ok

18:43:51.0125 2256 ============================================================

18:43:51.0125 2256 Scan finished

18:43:51.0125 2256 ============================================================

18:43:51.0156 4056 Detected object count: 0

18:43:51.0156 4056 Actual detected object count: 0

18:44:06.0265 0368 ============================================================

18:44:06.0265 0368 Scan started

18:44:06.0265 0368 Mode: Manual; SigCheck; TDLFS;

18:44:06.0265 0368 ============================================================

18:44:06.0734 0368 Abiosdsk - ok

18:44:06.0828 0368 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

18:44:07.0390 0368 abp480n5 - ok

18:44:07.0500 0368 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:44:07.0796 0368 ACPI - ok

18:44:07.0921 0368 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:44:08.0140 0368 ACPIEC - ok

18:44:08.0281 0368 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

18:44:08.0515 0368 adpu160m - ok

18:44:08.0625 0368 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:44:08.0843 0368 aec - ok

18:44:08.0968 0368 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

18:44:09.0015 0368 AFD - ok

18:44:09.0093 0368 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

18:44:09.0406 0368 agp440 - ok

18:44:09.0484 0368 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

18:44:09.0703 0368 agpCPQ - ok

18:44:09.0812 0368 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

18:44:09.0906 0368 Aha154x - ok

18:44:09.0984 0368 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

18:44:10.0187 0368 aic78u2 - ok

18:44:10.0281 0368 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

18:44:10.0562 0368 aic78xx - ok

18:44:10.0671 0368 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

18:44:10.0890 0368 AliIde - ok

18:44:10.0984 0368 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

18:44:11.0218 0368 alim1541 - ok

18:44:11.0250 0368 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

18:44:11.0484 0368 amdagp - ok

18:44:11.0593 0368 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

18:44:11.0687 0368 amsint - ok

18:44:11.0812 0368 AR5416 (7cae93fe5511d0c0688cfa56cf241e31) C:\WINDOWS\system32\DRIVERS\athw.sys

18:44:11.0921 0368 AR5416 - ok

18:44:12.0046 0368 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

18:44:12.0343 0368 asc - ok

18:44:12.0390 0368 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

18:44:12.0468 0368 asc3350p - ok

18:44:12.0484 0368 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

18:44:12.0718 0368 asc3550 - ok

18:44:12.0890 0368 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:44:13.0109 0368 AsyncMac - ok

18:44:13.0203 0368 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:44:13.0421 0368 atapi - ok

18:44:13.0500 0368 Atdisk - ok

18:44:13.0562 0368 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:44:13.0796 0368 Atmarpc - ok

18:44:13.0906 0368 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:44:14.0171 0368 audstub - ok

18:44:14.0281 0368 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:44:14.0500 0368 Beep - ok

18:44:14.0578 0368 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

18:44:14.0812 0368 cbidf - ok

18:44:14.0906 0368 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:44:15.0156 0368 cbidf2k - ok

18:44:15.0265 0368 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

18:44:15.0500 0368 CCDECODE - ok

18:44:15.0578 0368 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

18:44:15.0671 0368 cd20xrnt - ok

18:44:15.0781 0368 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:44:16.0000 0368 Cdaudio - ok

18:44:16.0093 0368 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:44:16.0375 0368 Cdfs - ok

18:44:16.0484 0368 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:44:16.0718 0368 Cdrom - ok

18:44:16.0843 0368 Changer - ok

18:44:16.0953 0368 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:44:17.0250 0368 CmBatt - ok

18:44:17.0296 0368 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

18:44:17.0500 0368 CmdIde - ok

18:44:17.0531 0368 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:44:17.0750 0368 Compbatt - ok

18:44:17.0875 0368 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

18:44:18.0093 0368 Cpqarray - ok

18:44:18.0203 0368 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

18:44:18.0453 0368 dac2w2k - ok

18:44:18.0562 0368 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

18:44:18.0828 0368 dac960nt - ok

18:44:18.0937 0368 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:44:19.0140 0368 Disk - ok

18:44:19.0296 0368 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys

18:44:19.0343 0368 DKbFltr - ok

18:44:19.0484 0368 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

18:44:19.0781 0368 dmboot - ok

18:44:19.0906 0368 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

18:44:20.0234 0368 dmio - ok

18:44:20.0359 0368 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:44:20.0578 0368 dmload - ok

18:44:20.0640 0368 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:44:20.0859 0368 DMusic - ok

18:44:20.0906 0368 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

18:44:21.0140 0368 dpti2o - ok

18:44:21.0250 0368 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:44:21.0484 0368 drmkaud - ok

18:44:21.0562 0368 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:44:21.0750 0368 Fastfat - ok

18:44:21.0796 0368 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

18:44:22.0015 0368 Fdc - ok

18:44:22.0140 0368 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

18:44:22.0375 0368 Fips - ok

18:44:22.0421 0368 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

18:44:22.0656 0368 Flpydisk - ok

18:44:22.0687 0368 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

18:44:22.0953 0368 FltMgr - ok

18:44:23.0046 0368 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:44:23.0265 0368 Fs_Rec - ok

18:44:23.0312 0368 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:44:23.0562 0368 Ftdisk - ok

18:44:23.0656 0368 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:44:23.0906 0368 Gpc - ok

18:44:23.0984 0368 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:44:24.0250 0368 HDAudBus - ok

18:44:24.0359 0368 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

18:44:24.0593 0368 hpn - ok

18:44:24.0656 0368 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:44:24.0703 0368 HTTP - ok

18:44:24.0812 0368 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

18:44:25.0046 0368 i2omgmt - ok

18:44:25.0109 0368 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

18:44:25.0359 0368 i2omp - ok

18:44:25.0406 0368 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:44:25.0609 0368 i8042prt - ok

18:44:25.0921 0368 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

18:44:26.0171 0368 ialm - ok

18:44:26.0296 0368 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:44:26.0515 0368 Imapi - ok

18:44:26.0656 0368 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

18:44:26.0875 0368 ini910u - ok

18:44:26.0953 0368 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys

18:44:26.0984 0368 int15.sys ( UnsignedFile.Multi.Generic ) - warning

18:44:26.0984 0368 int15.sys - detected UnsignedFile.Multi.Generic (1)

18:44:27.0265 0368 IntcAzAudAddService (19afbb8427ce65042599555e578170df) C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:44:27.0640 0368 IntcAzAudAddService - ok

18:44:27.0750 0368 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

18:44:28.0062 0368 IntelIde - ok

18:44:28.0156 0368 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:44:28.0359 0368 intelppm - ok

18:44:28.0468 0368 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

18:44:28.0703 0368 Ip6Fw - ok

18:44:28.0781 0368 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:44:29.0031 0368 IpFilterDriver - ok

18:44:29.0156 0368 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:44:29.0375 0368 IpInIp - ok

18:44:29.0468 0368 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:44:29.0703 0368 IpNat - ok

18:44:29.0843 0368 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:44:30.0078 0368 IPSec - ok

18:44:30.0156 0368 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:44:30.0265 0368 IRENUM - ok

18:44:30.0421 0368 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:44:30.0687 0368 isapnp - ok

18:44:30.0796 0368 JMCR (da971cfc625d13636e04c405948e9d62) C:\WINDOWS\system32\DRIVERS\jmcr.sys

18:44:30.0859 0368 JMCR - ok

18:44:30.0968 0368 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:44:31.0187 0368 Kbdclass - ok

18:44:31.0312 0368 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:44:31.0609 0368 kmixer - ok

18:44:31.0656 0368 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:44:31.0687 0368 KSecDD - ok

18:44:31.0796 0368 lbrtfdc - ok

18:44:31.0890 0368 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

18:44:32.0062 0368 MBAMProtector - ok

18:44:32.0203 0368 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

18:44:32.0250 0368 MBAMSwissArmy - ok

18:44:32.0343 0368 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:44:32.0625 0368 mnmdd - ok

18:44:32.0734 0368 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

18:44:32.0968 0368 Modem - ok

18:44:33.0015 0368 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:44:33.0250 0368 Mouclass - ok

18:44:33.0359 0368 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:44:33.0609 0368 MountMgr - ok

18:44:33.0703 0368 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

18:44:33.0953 0368 mraid35x - ok

18:44:34.0062 0368 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:44:34.0343 0368 MRxDAV - ok

18:44:34.0453 0368 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:44:34.0500 0368 MRxSmb - ok

18:44:34.0640 0368 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:44:34.0843 0368 Msfs - ok

18:44:34.0937 0368 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:44:35.0265 0368 MSKSSRV - ok

18:44:35.0312 0368 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:44:35.0625 0368 MSPCLOCK - ok

18:44:35.0718 0368 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:44:35.0937 0368 MSPQM - ok

18:44:36.0046 0368 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:44:36.0265 0368 mssmbios - ok

18:44:36.0343 0368 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

18:44:36.0609 0368 MSTEE - ok

18:44:36.0734 0368 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:44:36.0781 0368 Mup - ok

18:44:36.0859 0368 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:44:37.0125 0368 NABTSFEC - ok

18:44:37.0265 0368 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:44:37.0531 0368 NDIS - ok

18:44:37.0625 0368 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:44:37.0843 0368 NdisIP - ok

18:44:37.0953 0368 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:44:37.0984 0368 NdisTapi - ok

18:44:38.0046 0368 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:44:38.0265 0368 Ndisuio - ok

18:44:38.0359 0368 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:44:38.0671 0368 NdisWan - ok

18:44:38.0781 0368 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:44:38.0796 0368 NDProxy - ok

18:44:38.0906 0368 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:44:39.0234 0368 NetBIOS - ok

18:44:39.0312 0368 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:44:39.0640 0368 NetBT - ok

18:44:39.0750 0368 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:44:39.0984 0368 Npfs - ok

18:44:40.0078 0368 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:44:40.0328 0368 Ntfs - ok

18:44:40.0453 0368 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:44:40.0671 0368 Null - ok

18:44:40.0812 0368 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:44:41.0015 0368 NwlnkFlt - ok

18:44:41.0078 0368 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:44:41.0296 0368 NwlnkFwd - ok

18:44:41.0359 0368 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

18:44:41.0562 0368 Parport - ok

18:44:41.0640 0368 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:44:41.0859 0368 PartMgr - ok

18:44:41.0921 0368 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

18:44:42.0140 0368 ParVdm - ok

18:44:42.0203 0368 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

18:44:42.0437 0368 PCI - ok

18:44:42.0484 0368 PCIDump - ok

18:44:42.0500 0368 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:44:42.0734 0368 PCIIde - ok

18:44:42.0828 0368 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

18:44:43.0046 0368 Pcmcia - ok

18:44:43.0093 0368 PDCOMP - ok

18:44:43.0140 0368 PDFRAME - ok

18:44:43.0171 0368 PDRELI - ok

18:44:43.0187 0368 PDRFRAME - ok

18:44:43.0234 0368 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

18:44:43.0515 0368 perc2 - ok

18:44:43.0546 0368 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

18:44:43.0765 0368 perc2hib - ok

18:44:43.0859 0368 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:44:44.0078 0368 PptpMiniport - ok

18:44:44.0203 0368 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:44:44.0421 0368 PSched - ok

18:44:44.0484 0368 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:44:44.0703 0368 Ptilink - ok

18:44:44.0765 0368 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

18:44:45.0015 0368 ql1080 - ok

18:44:45.0093 0368 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

18:44:45.0343 0368 Ql10wnt - ok

18:44:45.0421 0368 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

18:44:45.0625 0368 ql12160 - ok

18:44:45.0687 0368 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

18:44:45.0906 0368 ql1240 - ok

18:44:46.0000 0368 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

18:44:46.0203 0368 ql1280 - ok

18:44:46.0250 0368 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:44:46.0468 0368 RasAcd - ok

18:44:46.0593 0368 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:44:46.0796 0368 Rasl2tp - ok

18:44:46.0875 0368 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:44:47.0109 0368 RasPppoe - ok

18:44:47.0156 0368 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:44:47.0390 0368 Raspti - ok

18:44:47.0500 0368 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:44:47.0734 0368 Rdbss - ok

18:44:47.0796 0368 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:44:48.0062 0368 RDPCDD - ok

18:44:48.0203 0368 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:44:48.0421 0368 rdpdr - ok

18:44:48.0500 0368 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:44:48.0515 0368 RDPWD - ok

18:44:48.0609 0368 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:44:48.0828 0368 redbook - ok

18:44:48.0937 0368 RTLE8023xp (f0a21c62b9b835e1c96268eaae31d239) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

18:44:49.0015 0368 RTLE8023xp - ok

18:44:49.0125 0368 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:44:49.0250 0368 Secdrv - ok

18:44:49.0328 0368 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

18:44:49.0593 0368 Serial - ok

18:44:49.0703 0368 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

18:44:49.0906 0368 Sfloppy - ok

18:44:49.0984 0368 Simbad - ok

18:44:50.0031 0368 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

18:44:50.0265 0368 sisagp - ok

18:44:50.0343 0368 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:44:50.0609 0368 SLIP - ok

18:44:50.0750 0368 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys

18:44:50.0843 0368 SNP2UVC - ok

18:44:50.0968 0368 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

18:44:51.0078 0368 Sparrow - ok

18:44:51.0125 0368 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:44:51.0375 0368 splitter - ok

18:44:51.0500 0368 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

18:44:51.0593 0368 sr - ok

18:44:51.0718 0368 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:44:51.0781 0368 Srv - ok

18:44:51.0906 0368 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

18:44:52.0203 0368 StillCam - ok

18:44:52.0296 0368 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:44:52.0515 0368 streamip - ok

18:44:52.0625 0368 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:44:52.0859 0368 swenum - ok

18:44:52.0953 0368 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:44:53.0156 0368 swmidi - ok

18:44:53.0281 0368 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

18:44:53.0500 0368 symc810 - ok

18:44:53.0546 0368 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

18:44:53.0812 0368 symc8xx - ok

18:44:53.0906 0368 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

18:44:54.0125 0368 sym_hi - ok

18:44:54.0218 0368 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

18:44:54.0421 0368 sym_u3 - ok

18:44:54.0531 0368 SynTP (409f7eeb079d6154ccb26a02e6e27844) C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:44:54.0578 0368 SynTP - ok

18:44:54.0671 0368 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:44:54.0890 0368 sysaudio - ok

18:44:55.0046 0368 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:44:55.0109 0368 Tcpip - ok

18:44:55.0171 0368 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:44:55.0468 0368 TDPIPE - ok

18:44:55.0562 0368 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:44:55.0781 0368 TDTCP - ok

18:44:55.0921 0368 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:44:56.0140 0368 TermDD - ok

18:44:56.0250 0368 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

18:44:56.0468 0368 TosIde - ok

18:44:56.0625 0368 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

18:44:56.0656 0368 TrueSight ( UnsignedFile.Multi.Generic ) - warning

18:44:56.0656 0368 TrueSight - detected UnsignedFile.Multi.Generic (1)

18:44:56.0750 0368 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:44:56.0968 0368 Udfs - ok

18:44:57.0015 0368 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

18:44:57.0109 0368 ultra - ok

18:44:57.0156 0368 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:44:57.0390 0368 Update - ok

18:44:57.0500 0368 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:44:57.0734 0368 usbccgp - ok

18:44:57.0781 0368 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:44:58.0015 0368 usbehci - ok

18:44:58.0109 0368 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:44:58.0375 0368 usbhub - ok

18:44:58.0437 0368 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:44:58.0671 0368 usbprint - ok

18:44:58.0812 0368 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:44:59.0015 0368 usbscan - ok

18:44:59.0078 0368 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:44:59.0359 0368 USBSTOR - ok

18:44:59.0437 0368 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:44:59.0671 0368 usbuhci - ok

18:44:59.0750 0368 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:44:59.0937 0368 VgaSave - ok

18:44:59.0984 0368 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

18:45:00.0203 0368 viaagp - ok

18:45:00.0296 0368 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

18:45:00.0500 0368 ViaIde - ok

18:45:00.0562 0368 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

18:45:00.0781 0368 VolSnap - ok

18:45:00.0906 0368 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:45:01.0156 0368 Wanarp - ok

18:45:01.0187 0368 WDICA - ok

18:45:01.0218 0368 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:45:01.0484 0368 wdmaud - ok

18:45:01.0625 0368 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:45:01.0828 0368 WmiAcpi - ok

18:45:01.0921 0368 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:45:02.0140 0368 WSTCODEC - ok

18:45:02.0218 0368 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

18:45:09.0562 0368 \Device\Harddisk0\DR0 - ok

18:45:09.0593 0368 Boot (0x1200) (8bb9ec9910c5ff61e7067c45061e938f) \Device\Harddisk0\DR0\Partition0

18:45:09.0609 0368 \Device\Harddisk0\DR0\Partition0 - ok

18:45:09.0609 0368 ============================================================

18:45:09.0609 0368 Scan finished

18:45:09.0609 0368 ============================================================

18:45:09.0718 3172 Detected object count: 2

18:45:09.0718 3172 Actual detected object count: 2

19:15:17.0328 3172 int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user

19:15:17.0328 3172 int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:15:17.0343 3172 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

19:15:17.0343 3172 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Those files are OK.

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

------------------------

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

ComboFix 12-02-13.01 - Kim 02/14/2012 21:50:38.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.530 [GMT -5:00]

Running from: c:\documents and settings\Kim\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Kim\g2mdlhlpx.exe

c:\windows\Tasks\At1.job

c:\windows\Tasks\At10.job

c:\windows\Tasks\At11.job

c:\windows\Tasks\At12.job

c:\windows\Tasks\At13.job

c:\windows\Tasks\At14.job

c:\windows\Tasks\At15.job

c:\windows\Tasks\At16.job

c:\windows\Tasks\At17.job

c:\windows\Tasks\At18.job

c:\windows\Tasks\At19.job

c:\windows\Tasks\At2.job

c:\windows\Tasks\At20.job

c:\windows\Tasks\At21.job

c:\windows\Tasks\At22.job

c:\windows\Tasks\At23.job

c:\windows\Tasks\At24.job

c:\windows\Tasks\At3.job

c:\windows\Tasks\At4.job

c:\windows\Tasks\At5.job

c:\windows\Tasks\At6.job

c:\windows\Tasks\At7.job

c:\windows\Tasks\At8.job

c:\windows\Tasks\At9.job

.

.

((((((((((((((((((((((((( Files Created from 2012-01-15 to 2012-02-15 )))))))))))))))))))))))))))))))

.

.

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-10 03:39 . 2011-02-09 00:48 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 20:24 . 2009-07-10 13:42 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2008-04-15 03:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 13:25 . 2008-04-15 03:00 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-19 13:13 . 2011-06-21 11:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-18 12:35 . 2008-04-15 03:00 60416 ----a-w- c:\windows\system32\packager.exe

2012-02-14 13:04 . 2011-03-24 23:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]

"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1044480]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-15 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-14 821768]

"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2008-05-22 425984]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-6-4 114688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

.

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/10/2009 8:42 AM 652360]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/10/2009 8:42 AM 20464]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [6/16/2009 3:21 PM 96856]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\Kim\Application Data\Mozilla\Firefox\Profiles\gk5r9vw6.default\

FF - prefs.js: browser.startup.homepage - WWW.YAHOO.COM

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-14 22:01

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]

"Pjadegohe"=hex:37,01,35,03,31,05,47,07,4b,09,48,0b,3a,0d,3a,0f,29,11,57,13,26,

15,23,17,2c,19,5c,1b,28,1d,29,1f,61,21,17,23,11,25,13,27,6d,29,1c,2b,1a,2d,\

.

Completion time: 2012-02-14 22:03:43

ComboFix-quarantined-files.txt 2012-02-15 03:03

.

Pre-Run: 139,317,538,816 bytes free

Post-Run: 139,548,803,072 bytes free

.

- - End Of File - - 77843576BA8A338E26483ACDA2E3820A

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.15.01

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Kim :: ACER-6E40E97492 [administrator]

Protection: Enabled

2/14/2012 10:25:18 PM

mbam-log-2012-02-14 (22-25-18).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 166269

Time elapsed: 5 minute(s), 33 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

How is it??

It's late where I'm at so I'll see you tomorrow am.

I have to investigate this from your ComboFix log:


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]
"Pjadegohe"=hex:37,01,35,03,31,05,47,07,4b,09,48,0b,3a,0d,3a,0f,29,11,57,13,26,
15,23,17,2c,19,5c,1b,28,1d,29,1f,61,21,17,23,11,25,13,27,6d,29,1c,2b,1a,2d,\

MrC

Link to post
Share on other sites

Regarding this registry entry......do you have any secret or hidden programs on the system?

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]
"Pjadegohe"=hex:37,01,35,03,31,05,47,07,4b,09,48,0b,3a,0d,3a,0f,29,11,57,13,26,
15,23,17,2c,19,5c,1b,28,1d,29,1f,61,21,17,23,11,25,13,27,6d,29,1c,2b,1a,2d,\

--------------------------------

If not we'll use ComboFix to delete it:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

4. If ComboFix wants to update.....please allow it to.

RegLockDel::

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

Link to post
Share on other sites

ComboFix 12-02-13.01 - Kim 02/15/2012 20:22:17.4.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.430 [GMT -5:00]

Running from: c:\documents and settings\Kim\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-01-16 to 2012-02-16 )))))))))))))))))))))))))))))))

.

.

2012-02-16 01:07 . 2012-02-16 01:07 -------- d-----w- c:\windows\LastGood

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-10 03:39 . 2011-02-09 00:48 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 20:24 . 2009-07-10 13:42 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2008-04-15 03:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 13:25 . 2008-04-15 03:00 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-19 13:13 . 2011-06-21 11:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-18 12:35 . 2008-04-15 03:00 60416 ----a-w- c:\windows\system32\packager.exe

2012-02-14 13:04 . 2011-03-24 23:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-15_03.01.46 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-15 04:24 . 2012-02-15 04:24 16384 c:\windows\Temp\Perflib_Perfdata_648.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]

"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1044480]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-15 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-14 821768]

"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2008-05-22 425984]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-6-4 114688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

.

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/10/2009 8:42 AM 652360]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/10/2009 8:42 AM 20464]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [6/16/2009 3:21 PM 96856]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

*Deregistered* - MBAMSwissArmy

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\Kim\Application Data\Mozilla\Firefox\Profiles\gk5r9vw6.default\

FF - prefs.js: browser.startup.homepage - WWW.YAHOO.COM

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-15 20:27

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]

"Pjadegohe"=hex:37,01,35,03,31,05,47,07,4b,09,48,0b,3a,0d,3a,0f,29,11,57,13,26,

15,23,17,2c,19,5c,1b,28,1d,29,1f,61,21,17,23,11,25,13,27,6d,29,1c,2b,1a,2d,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(708)

c:\windows\system32\igfxdev.dll

.

- - - - - - - > 'explorer.exe'(136)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

.

Completion time: 2012-02-15 20:29:55

ComboFix-quarantined-files.txt 2012-02-16 01:29

ComboFix2.txt 2012-02-16 00:43

ComboFix3.txt 2012-02-15 03:03

.

Pre-Run: 140,625,240,064 bytes free

Post-Run: 140,610,330,624 bytes free

.

- - End Of File - - F2FA1BA85F1F2E4A8A9C98767A0279FB

Link to post
Share on other sites

OK, I not sure what happened but you didn't run the ComboFix script:

Running from: c:\documents and settings\Kim\Desktop\ComboFix.exe

--------------------------

Please copy all of the blue text below into notepad:

RegLockDel::

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]

Close out notepad and save it as CFScript.txt, save to your desktop where ComboFix should be.

Now disable all your anti-virus programs and left click and hold on CFScript.txt, drag it on top of ComboFix and release

This will start ComboFix running.

When done, please copy back the log, MrC

Link to post
Share on other sites

ComboFix 12-02-13.01 - Kim 02/15/2012 22:04:51.5.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.441 [GMT -5:00]

Running from: c:\documents and settings\Kim\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Kim\Desktop\CFScript.txt

.

.

((((((((((((((((((((((((( Files Created from 2012-01-16 to 2012-02-16 )))))))))))))))))))))))))))))))

.

.

2012-02-16 01:07 . 2012-02-16 01:07 -------- d-----w- c:\windows\LastGood

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-10 03:39 . 2011-02-09 00:48 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 20:24 . 2009-07-10 13:42 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57 . 2008-04-15 03:00 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 13:25 . 2008-04-15 03:00 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-19 13:13 . 2011-06-21 11:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-18 12:35 . 2008-04-15 03:00 60416 ----a-w- c:\windows\system32\packager.exe

2012-02-14 13:04 . 2011-03-24 23:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-15_03.01.46 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-15 04:24 . 2012-02-15 04:24 16384 c:\windows\Temp\Perflib_Perfdata_648.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]

"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1044480]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-15 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]

"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-14 821768]

"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2008-05-22 425984]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-6-4 114688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

.

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/10/2009 8:42 AM 652360]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/10/2009 8:42 AM 20464]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2010 8:42 AM 136176]

S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [6/16/2009 3:21 PM 96856]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

*Deregistered* - MBAMSwissArmy

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 13:42]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0609&m=aoa150

uInternet Connection Wizard,ShellNext = iexplore

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\Kim\Application Data\Mozilla\Firefox\Profiles\gk5r9vw6.default\

FF - prefs.js: browser.startup.homepage - WWW.YAHOO.COM

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-15 22:10

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Khonokibofaxac]

"Pjadegohe"=hex:37,01,35,03,31,05,47,07,4b,09,48,0b,3a,0d,3a,0f,29,11,57,13,26,

15,23,17,2c,19,5c,1b,28,1d,29,1f,61,21,17,23,11,25,13,27,6d,29,1c,2b,1a,2d,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(708)

c:\windows\system32\igfxdev.dll

.

- - - - - - - > 'explorer.exe'(1096)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

.

Completion time: 2012-02-15 22:12:49

ComboFix-quarantined-files.txt 2012-02-16 03:12

ComboFix2.txt 2012-02-16 01:29

ComboFix3.txt 2012-02-16 00:43

ComboFix4.txt 2012-02-15 03:03

.

Pre-Run: 140,617,506,816 bytes free

Post-Run: 140,602,630,144 bytes free

.

- - End Of File - - EAF013E0B48CF46B76421E6E241916D5

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.