Jump to content

Recommended Posts

Hi there,

I am another victim of the RootKit.0Access.H virus. As with other posts on this forum my MalwareBytes (free version) can find the virus it but not successfully remove it. I am therefore looking for help to clear out this nasty from my system. I have started a new topic as it seems that the solution to this one is possibly custom case by case.

Per the information in thread http://forums.malwarebytes.org/index.php?showtopic=106088 I have downloaded the latest version of version of TDSSKiller and run it in the way described. The following is the contents of the log file that it created:

21:41:02.0500 5872 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

21:41:04.0250 5872 ============================================================

21:41:04.0250 5872 Current date / time: 2012/02/21 21:41:04.0250

21:41:04.0250 5872 SystemInfo:

21:41:04.0250 5872

21:41:04.0250 5872 OS Version: 5.1.2600 ServicePack: 3.0

21:41:04.0250 5872 Product type: Workstation

21:41:04.0250 5872 ComputerName: REUBEN

21:41:04.0250 5872 UserName: Graeme Swanson

21:41:04.0250 5872 Windows directory: C:\WINDOWS

21:41:04.0250 5872 System windows directory: C:\WINDOWS

21:41:04.0250 5872 Processor architecture: Intel x86

21:41:04.0250 5872 Number of processors: 2

21:41:04.0250 5872 Page size: 0x1000

21:41:04.0250 5872 Boot type: Normal boot

21:41:04.0250 5872 ============================================================

21:41:24.0578 5872 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

21:41:24.0593 5872 \Device\Harddisk0\DR0:

21:41:24.0593 5872 MBR used

21:41:24.0593 5872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0xD60FD94

21:41:24.0937 5872 Initialize success

21:41:24.0937 5872 ============================================================

21:41:35.0031 5296 ============================================================

21:41:35.0031 5296 Scan started

21:41:35.0031 5296 Mode: Manual; SigCheck; TDLFS;

21:41:35.0031 5296 ============================================================

21:41:36.0234 5296 Abiosdsk - ok

21:41:36.0390 5296 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

21:41:42.0171 5296 abp480n5 - ok

21:41:42.0406 5296 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:41:42.0656 5296 ACPI - ok

21:41:42.0687 5296 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

21:41:42.0890 5296 ACPIEC - ok

21:41:42.0953 5296 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

21:41:43.0156 5296 adpu160m - ok

21:41:43.0203 5296 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:41:43.0390 5296 aec - ok

21:41:43.0468 5296 AFD (0d602e296ac08711fb4cf1ef896b0685) C:\WINDOWS\System32\drivers\afd.sys

21:41:43.0500 5296 AFD ( Virus.Win32.ZAccess.c ) - infected

21:41:43.0500 5296 AFD - detected Virus.Win32.ZAccess.c (0)

21:41:43.0546 5296 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

21:41:43.0734 5296 agp440 - ok

21:41:43.0796 5296 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

21:41:43.0984 5296 agpCPQ - ok

21:41:44.0031 5296 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

21:41:44.0125 5296 Aha154x - ok

21:41:44.0187 5296 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

21:41:44.0421 5296 aic78u2 - ok

21:41:44.0453 5296 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

21:41:44.0656 5296 aic78xx - ok

21:41:44.0718 5296 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

21:41:44.0921 5296 AliIde - ok

21:41:44.0968 5296 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

21:41:45.0140 5296 alim1541 - ok

21:41:45.0171 5296 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

21:41:45.0375 5296 amdagp - ok

21:41:45.0437 5296 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

21:41:45.0546 5296 AmdK8 - ok

21:41:45.0593 5296 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

21:41:45.0718 5296 amsint - ok

21:41:45.0812 5296 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

21:41:45.0828 5296 APPDRV ( UnsignedFile.Multi.Generic ) - warning

21:41:45.0828 5296 APPDRV - detected UnsignedFile.Multi.Generic (1)

21:41:45.0875 5296 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

21:41:46.0093 5296 asc - ok

21:41:46.0125 5296 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

21:41:46.0234 5296 asc3350p - ok

21:41:46.0281 5296 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

21:41:46.0500 5296 asc3550 - ok

21:41:46.0593 5296 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

21:41:46.0609 5296 ASCTRM ( UnsignedFile.Multi.Generic ) - warning

21:41:46.0609 5296 ASCTRM - detected UnsignedFile.Multi.Generic (1)

21:41:46.0687 5296 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:41:46.0859 5296 AsyncMac - ok

21:41:46.0906 5296 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:41:47.0093 5296 atapi - ok

21:41:47.0140 5296 Atdisk - ok

21:41:47.0265 5296 ati2mtag (9e050c4e49a26ff181b70bec61ae048e) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

21:41:47.0484 5296 ati2mtag - ok

21:41:47.0562 5296 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:41:47.0750 5296 Atmarpc - ok

21:41:47.0781 5296 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:41:48.0000 5296 audstub - ok

21:41:48.0046 5296 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

21:41:48.0203 5296 BCM43XX - ok

21:41:48.0343 5296 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

21:41:48.0421 5296 bcm4sbxp - ok

21:41:48.0468 5296 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:41:48.0687 5296 Beep - ok

21:41:48.0718 5296 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

21:41:48.0953 5296 cbidf - ok

21:41:49.0000 5296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:41:49.0171 5296 cbidf2k - ok

21:41:49.0218 5296 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

21:41:49.0343 5296 cd20xrnt - ok

21:41:49.0359 5296 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:41:49.0578 5296 Cdaudio - ok

21:41:49.0640 5296 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:41:49.0812 5296 Cdfs - ok

21:41:49.0859 5296 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:41:50.0015 5296 Cdrom - ok

21:41:50.0093 5296 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys

21:41:50.0359 5296 cfwids - ok

21:41:50.0375 5296 Changer - ok

21:41:50.0406 5296 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

21:41:50.0562 5296 CmBatt - ok

21:41:50.0609 5296 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

21:41:50.0796 5296 CmdIde - ok

21:41:50.0812 5296 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

21:41:51.0000 5296 Compbatt - ok

21:41:51.0125 5296 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

21:41:51.0359 5296 Cpqarray - ok

21:41:51.0468 5296 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

21:41:51.0671 5296 dac2w2k - ok

21:41:51.0703 5296 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

21:41:51.0890 5296 dac960nt - ok

21:41:52.0000 5296 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\WINDOWS\system32\DRIVERS\ssudbus.sys

21:41:52.0015 5296 dg_ssudbus - ok

21:41:52.0031 5296 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:41:52.0171 5296 Disk - ok

21:41:52.0250 5296 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

21:41:52.0265 5296 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0265 5296 DLABOIOM - detected UnsignedFile.Multi.Generic (1)

21:41:52.0281 5296 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

21:41:52.0296 5296 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0296 5296 DLACDBHM - detected UnsignedFile.Multi.Generic (1)

21:41:52.0328 5296 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS

21:41:52.0343 5296 DLADResN ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0343 5296 DLADResN - detected UnsignedFile.Multi.Generic (1)

21:41:52.0390 5296 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

21:41:52.0406 5296 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0406 5296 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)

21:41:52.0421 5296 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

21:41:52.0437 5296 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0437 5296 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)

21:41:52.0453 5296 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

21:41:52.0468 5296 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0468 5296 DLAPoolM - detected UnsignedFile.Multi.Generic (1)

21:41:52.0484 5296 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

21:41:52.0500 5296 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0500 5296 DLARTL_N - detected UnsignedFile.Multi.Generic (1)

21:41:52.0515 5296 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

21:41:52.0531 5296 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0531 5296 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)

21:41:52.0546 5296 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

21:41:52.0562 5296 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning

21:41:52.0562 5296 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)

21:41:52.0640 5296 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

21:41:52.0812 5296 dmboot - ok

21:41:52.0890 5296 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

21:41:53.0093 5296 dmio - ok

21:41:53.0109 5296 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:41:53.0296 5296 dmload - ok

21:41:53.0343 5296 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:41:53.0515 5296 DMusic - ok

21:41:53.0546 5296 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

21:41:53.0750 5296 dpti2o - ok

21:41:53.0796 5296 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:41:53.0937 5296 drmkaud - ok

21:41:54.0000 5296 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

21:41:54.0031 5296 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning

21:41:54.0031 5296 DRVMCDB - detected UnsignedFile.Multi.Generic (1)

21:41:54.0046 5296 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

21:41:54.0062 5296 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning

21:41:54.0062 5296 DRVNDDM - detected UnsignedFile.Multi.Generic (1)

21:41:54.0234 5296 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

21:41:54.0265 5296 DSproct ( UnsignedFile.Multi.Generic ) - warning

21:41:54.0265 5296 DSproct - detected UnsignedFile.Multi.Generic (1)

21:41:54.0343 5296 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

21:41:54.0546 5296 E100B - ok

21:41:54.0609 5296 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:41:54.0765 5296 Fastfat - ok

21:41:54.0812 5296 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

21:41:54.0953 5296 Fdc - ok

21:41:55.0015 5296 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

21:41:55.0171 5296 Fips - ok

21:41:55.0218 5296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

21:41:55.0375 5296 Flpydisk - ok

21:41:55.0453 5296 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:41:55.0625 5296 FltMgr - ok

21:41:55.0703 5296 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:41:55.0890 5296 Fs_Rec - ok

21:41:55.0906 5296 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:41:56.0109 5296 Ftdisk - ok

21:41:56.0187 5296 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:41:56.0359 5296 Gpc - ok

21:41:56.0421 5296 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:41:56.0593 5296 HDAudBus - ok

21:41:56.0625 5296 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:41:56.0781 5296 HidUsb - ok

21:41:56.0953 5296 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

21:41:57.0187 5296 hpn - ok

21:41:57.0468 5296 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

21:41:57.0828 5296 HSF_DPV - ok

21:41:57.0921 5296 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

21:41:58.0015 5296 HSXHWAZL - ok

21:41:58.0125 5296 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:41:58.0265 5296 HTTP - ok

21:41:58.0375 5296 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

21:41:58.0531 5296 i2omgmt - ok

21:41:58.0578 5296 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

21:41:58.0750 5296 i2omp - ok

21:41:58.0890 5296 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

21:41:59.0046 5296 i8042prt - ok

21:41:59.0125 5296 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:41:59.0281 5296 Imapi - ok

21:41:59.0671 5296 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

21:41:59.0937 5296 ini910u - ok

21:42:00.0109 5296 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

21:42:00.0312 5296 IntelIde - ok

21:42:00.0421 5296 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:42:00.0640 5296 intelppm - ok

21:42:00.0718 5296 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:42:00.0937 5296 Ip6Fw - ok

21:42:01.0000 5296 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:42:01.0250 5296 IpFilterDriver - ok

21:42:01.0359 5296 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:42:01.0531 5296 IpInIp - ok

21:42:01.0640 5296 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:42:01.0812 5296 IpNat - ok

21:42:01.0859 5296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:42:02.0031 5296 IPSec - ok

21:42:02.0109 5296 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:42:02.0328 5296 IRENUM - ok

21:42:02.0359 5296 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:42:02.0531 5296 isapnp - ok

21:42:02.0593 5296 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:42:02.0765 5296 Kbdclass - ok

21:42:02.0812 5296 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:42:03.0062 5296 kmixer - ok

21:42:03.0093 5296 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:42:03.0281 5296 KSecDD - ok

21:42:03.0296 5296 lbrtfdc - ok

21:42:03.0375 5296 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

21:42:03.0390 5296 MBAMSwissArmy - ok

21:42:03.0562 5296 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

21:42:03.0625 5296 mdmxsdk - ok

21:42:03.0703 5296 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys

21:42:03.0734 5296 mfeapfk - ok

21:42:03.0812 5296 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys

21:42:03.0843 5296 mfeavfk - ok

21:42:03.0859 5296 mfeavfk01 - ok

21:42:03.0921 5296 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys

21:42:03.0937 5296 mfebopk - ok

21:42:04.0015 5296 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys

21:42:04.0046 5296 mfefirek - ok

21:42:04.0140 5296 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys

21:42:04.0187 5296 mfehidk - ok

21:42:04.0203 5296 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

21:42:04.0234 5296 mfendisk - ok

21:42:04.0234 5296 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

21:42:04.0250 5296 mfendiskmp - ok

21:42:04.0343 5296 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys

21:42:04.0359 5296 mferkdet - ok

21:42:04.0421 5296 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys

21:42:04.0437 5296 mfetdi2k - ok

21:42:04.0500 5296 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

21:42:04.0546 5296 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

21:42:04.0546 5296 MHNDRV - detected UnsignedFile.Multi.Generic (1)

21:42:04.0578 5296 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:42:04.0765 5296 mnmdd - ok

21:42:04.0859 5296 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

21:42:05.0031 5296 Modem - ok

21:42:05.0093 5296 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:42:05.0265 5296 Mouclass - ok

21:42:05.0312 5296 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:42:05.0609 5296 mouhid - ok

21:42:05.0656 5296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:42:05.0812 5296 MountMgr - ok

21:42:05.0890 5296 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

21:42:06.0093 5296 mraid35x - ok

21:42:06.0265 5296 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

21:42:06.0312 5296 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

21:42:06.0312 5296 MREMP50 - detected UnsignedFile.Multi.Generic (1)

21:42:06.0343 5296 MREMPR5 - ok

21:42:06.0375 5296 MRENDIS5 - ok

21:42:06.0437 5296 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

21:42:06.0468 5296 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

21:42:06.0468 5296 MRESP50 - detected UnsignedFile.Multi.Generic (1)

21:42:06.0593 5296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:42:06.0765 5296 MRxDAV - ok

21:42:06.0843 5296 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:42:07.0015 5296 MRxSmb - ok

21:42:07.0078 5296 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:42:08.0453 5296 Msfs - ok

21:42:08.0515 5296 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:42:08.0687 5296 MSKSSRV - ok

21:42:08.0796 5296 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:42:08.0968 5296 MSPCLOCK - ok

21:42:09.0125 5296 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:42:09.0328 5296 MSPQM - ok

21:42:10.0140 5296 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:42:10.0703 5296 mssmbios - ok

21:42:10.0859 5296 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

21:42:11.0015 5296 Mup - ok

21:42:11.0078 5296 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:42:11.0281 5296 NDIS - ok

21:42:11.0312 5296 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:42:11.0484 5296 NdisTapi - ok

21:42:11.0531 5296 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:42:11.0734 5296 Ndisuio - ok

21:42:11.0781 5296 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:42:11.0937 5296 NdisWan - ok

21:42:12.0140 5296 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:42:12.0250 5296 NDProxy - ok

21:42:12.0312 5296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:42:12.0484 5296 NetBIOS - ok

21:42:12.0562 5296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:42:12.0750 5296 NetBT - ok

21:42:12.0812 5296 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:42:12.0984 5296 Npfs - ok

21:42:13.0031 5296 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:42:13.0218 5296 Ntfs - ok

21:42:13.0281 5296 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:42:13.0484 5296 Null - ok

21:42:13.0671 5296 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:42:13.0859 5296 nv - ok

21:42:13.0984 5296 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:42:14.0187 5296 NwlnkFlt - ok

21:42:14.0234 5296 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:42:14.0421 5296 NwlnkFwd - ok

21:42:14.0484 5296 Packet (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys

21:42:14.0500 5296 Packet ( UnsignedFile.Multi.Generic ) - warning

21:42:14.0500 5296 Packet - detected UnsignedFile.Multi.Generic (1)

21:42:14.0562 5296 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

21:42:14.0750 5296 Parport - ok

21:42:14.0796 5296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:42:14.0968 5296 PartMgr - ok

21:42:15.0000 5296 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

21:42:15.0187 5296 ParVdm - ok

21:42:15.0203 5296 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

21:42:15.0375 5296 PCI - ok

21:42:15.0390 5296 PCIDump - ok

21:42:15.0406 5296 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:42:15.0593 5296 PCIIde - ok

21:42:15.0656 5296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:42:15.0812 5296 Pcmcia - ok

21:42:15.0828 5296 PDCOMP - ok

21:42:15.0843 5296 PDFRAME - ok

21:42:15.0843 5296 PDRELI - ok

21:42:15.0859 5296 PDRFRAME - ok

21:42:15.0890 5296 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

21:42:16.0109 5296 perc2 - ok

21:42:16.0140 5296 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

21:42:16.0359 5296 perc2hib - ok

21:42:16.0406 5296 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:42:16.0562 5296 PptpMiniport - ok

21:42:16.0593 5296 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

21:42:16.0765 5296 Processor - ok

21:42:16.0781 5296 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:42:16.0937 5296 PSched - ok

21:42:16.0953 5296 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:42:17.0156 5296 Ptilink - ok

21:42:17.0203 5296 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:42:17.0218 5296 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

21:42:17.0218 5296 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

21:42:17.0296 5296 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

21:42:17.0531 5296 ql1080 - ok

21:42:17.0562 5296 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

21:42:17.0734 5296 Ql10wnt - ok

21:42:17.0750 5296 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

21:42:17.0906 5296 ql12160 - ok

21:42:17.0953 5296 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

21:42:18.0156 5296 ql1240 - ok

21:42:18.0187 5296 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

21:42:18.0375 5296 ql1280 - ok

21:42:18.0640 5296 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys

21:42:18.0656 5296 RapportCerberus_34302 - ok

21:42:18.0843 5296 RapportEI (34992b59780a8a227a9eb54c97dc4608) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

21:42:18.0859 5296 RapportEI - ok

21:42:18.0937 5296 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys

21:42:18.0984 5296 RapportIaso - ok

21:42:19.0125 5296 RapportKELL (a231b5552148ade82ed3dfba25919b75) C:\WINDOWS\system32\Drivers\RapportKELL.sys

21:42:19.0171 5296 RapportKELL - ok

21:42:19.0218 5296 RapportPG (060f8e34707d68178a564935ce4546eb) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

21:42:19.0234 5296 RapportPG - ok

21:42:19.0265 5296 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:42:19.0453 5296 RasAcd - ok

21:42:19.0531 5296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:42:19.0750 5296 Rasl2tp - ok

21:42:19.0812 5296 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:42:19.0968 5296 RasPppoe - ok

21:42:20.0015 5296 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:42:20.0203 5296 Raspti - ok

21:42:20.0250 5296 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:42:20.0421 5296 Rdbss - ok

21:42:20.0437 5296 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:42:20.0640 5296 RDPCDD - ok

21:42:20.0656 5296 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:42:20.0843 5296 rdpdr - ok

21:42:20.0890 5296 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

21:42:21.0046 5296 RDPWD - ok

21:42:21.0078 5296 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

21:42:21.0234 5296 redbook - ok

21:42:21.0265 5296 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

21:42:21.0328 5296 rimmptsk - ok

21:42:21.0421 5296 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

21:42:21.0937 5296 sdbus - ok

21:42:22.0000 5296 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:42:22.0171 5296 Secdrv - ok

21:42:22.0218 5296 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

21:42:22.0406 5296 serenum - ok

21:42:22.0453 5296 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

21:42:22.0625 5296 Serial - ok

21:42:22.0671 5296 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

21:42:22.0843 5296 Sfloppy - ok

21:42:22.0859 5296 Simbad - ok

21:42:22.0984 5296 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

21:42:23.0187 5296 sisagp - ok

21:42:23.0265 5296 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

21:42:23.0453 5296 SONYPVU1 - ok

21:42:23.0484 5296 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

21:42:23.0593 5296 Sparrow - ok

21:42:23.0625 5296 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:42:23.0765 5296 splitter - ok

21:42:23.0812 5296 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

21:42:23.0984 5296 sr - ok

21:42:24.0062 5296 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

21:42:24.0171 5296 Srv - ok

21:42:24.0250 5296 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

21:42:24.0296 5296 ssudmdm - ok

21:42:24.0421 5296 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys

21:42:24.0640 5296 STHDA - ok

21:42:24.0703 5296 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:42:24.0875 5296 swenum - ok

21:42:24.0921 5296 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:42:25.0109 5296 swmidi - ok

21:42:25.0171 5296 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

21:42:25.0375 5296 symc810 - ok

21:42:25.0390 5296 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

21:42:25.0656 5296 symc8xx - ok

21:42:25.0703 5296 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

21:42:25.0890 5296 sym_hi - ok

21:42:25.0921 5296 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

21:42:26.0109 5296 sym_u3 - ok

21:42:26.0187 5296 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys

21:42:26.0296 5296 SynTP - ok

21:42:26.0343 5296 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:42:26.0515 5296 sysaudio - ok

21:42:26.0609 5296 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:42:26.0703 5296 Tcpip - ok

21:42:26.0734 5296 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:42:26.0890 5296 TDPIPE - ok

21:42:26.0906 5296 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:42:27.0093 5296 TDTCP - ok

21:42:27.0156 5296 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:42:27.0312 5296 TermDD - ok

21:42:27.0421 5296 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

21:42:27.0593 5296 TosIde - ok

21:42:27.0671 5296 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:42:27.0890 5296 Udfs - ok

21:42:27.0921 5296 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

21:42:28.0015 5296 ultra - ok

21:42:28.0093 5296 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:42:28.0328 5296 Update - ok

21:42:28.0406 5296 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:42:28.0578 5296 usbccgp - ok

21:42:28.0625 5296 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:42:28.0796 5296 usbehci - ok

21:42:28.0812 5296 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:42:28.0984 5296 usbhub - ok

21:42:29.0031 5296 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

21:42:29.0187 5296 usbohci - ok

21:42:29.0250 5296 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

21:42:29.0406 5296 usbprint - ok

21:42:29.0421 5296 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

21:42:29.0578 5296 usbscan - ok

21:42:29.0609 5296 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:42:29.0765 5296 USBSTOR - ok

21:42:29.0781 5296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:42:29.0953 5296 usbuhci - ok

21:42:30.0000 5296 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:42:30.0171 5296 VgaSave - ok

21:42:30.0218 5296 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

21:42:30.0359 5296 viaagp - ok

21:42:30.0406 5296 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

21:42:30.0578 5296 ViaIde - ok

21:42:30.0609 5296 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

21:42:30.0765 5296 VolSnap - ok

21:42:30.0781 5296 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:42:30.0953 5296 Wanarp - ok

21:42:31.0000 5296 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys

21:42:31.0062 5296 wanatw - ok

21:42:31.0078 5296 WDICA - ok

21:42:31.0125 5296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:42:31.0296 5296 wdmaud - ok

21:42:31.0406 5296 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

21:42:31.0546 5296 winachsf - ok

21:42:31.0656 5296 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

21:42:31.0859 5296 WpdUsb - ok

21:42:31.0953 5296 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:42:32.0031 5296 WudfPf - ok

21:42:32.0062 5296 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:42:32.0125 5296 WudfRd - ok

21:42:32.0171 5296 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0

21:42:32.0312 5296 \Device\Harddisk0\DR0 - ok

21:42:32.0343 5296 Boot (0x1200) (7e0e179fe3b5582b3e1aa4cff718d560) \Device\Harddisk0\DR0\Partition0

21:42:32.0359 5296 \Device\Harddisk0\DR0\Partition0 - ok

21:42:32.0359 5296 ============================================================

21:42:32.0359 5296 Scan finished

21:42:32.0359 5296 ============================================================

21:42:32.0500 5976 Detected object count: 20

21:42:32.0500 5976 Actual detected object count: 20

21:45:27.0875 5976 C:\WINDOWS\System32\drivers\afd.sys - copied to quarantine

21:47:01.0218 5976 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\afd.sys) error 1813

21:47:11.0187 5976 Backup copy found, using it..

21:47:11.0453 5976 C:\WINDOWS\System32\drivers\afd.sys - will be cured on reboot

21:47:55.0343 5976 AFD ( Virus.Win32.ZAccess.c ) - User select action: Cure

21:47:55.0343 5976 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0343 5976 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0359 5976 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0359 5976 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0359 5976 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0359 5976 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0359 5976 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0359 5976 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0359 5976 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0359 5976 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0359 5976 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0359 5976 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0375 5976 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0375 5976 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0390 5976 Packet ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0390 5976 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:47:55.0406 5976 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

21:47:55.0406 5976 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

22:13:51.0812 5632 Deinitialize success

I have not run ComboFix.exe yet based on the advice on bleepingcomputer.com to only use it if advised to do so by a experienced helper.

Looking forward to you assistance in removing this nasty,

Graeme.

Link to post
Share on other sites

  • Staff

Hello, and welcome to Malwarebytes.

If you think you are infected, here are the steps needed to get your computer cleaned....

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the

Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions here (http://www.malwarebytes.org/forums/index.php?showtopic=9573), skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
  • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home)

OPTION 3

If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site here (http://www.malwarebytes.org/premium-support.php)

Please be patient, someone will assist you as soon as possible.

PS: Please use the "ADDREPLY" Add-Reply.png button instead of other ones when you start replying. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.