Jump to content

MB Constantly Blocking IP Addresses


Recommended Posts

Hello Scott! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

Please, uninstall the following applications:

  1. Adobe Acrobat 5.0
  2. Adobe Reader 8.2.2

You can read, how to this here:

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. MalwareBytes' Anti-Malware log
  2. a new fresh DDS log only

Link to post
Share on other sites

First of all, thank you for the reply:

Here is the MBAM log:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4267

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

07/02/2010 11:31:28 AM

mbam-log-2010-07-02 (11-31-28).txt

Scan type: Quick scan

Objects scanned: 163803

Time elapsed: 12 minute(s), 47 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

00:02:55 lenaes IP-BLOCK 94.228.209.200

00:02:58 lenaes IP-BLOCK 94.228.209.200

00:03:04 lenaes IP-BLOCK 94.228.209.200

00:06:00 lenaes IP-BLOCK 91.212.226.59

00:06:03 lenaes IP-BLOCK 91.212.226.59

00:06:09 lenaes IP-BLOCK 91.212.226.59

00:18:16 lenaes IP-BLOCK 94.228.209.200

00:18:19 lenaes IP-BLOCK 94.228.209.200

00:18:25 lenaes IP-BLOCK 94.228.209.200

00:48:37 lenaes IP-BLOCK 94.228.209.200

00:48:40 lenaes IP-BLOCK 94.228.209.200

00:48:46 lenaes IP-BLOCK 94.228.209.200

01:08:58 lenaes IP-BLOCK 94.228.209.200

01:09:01 lenaes IP-BLOCK 94.228.209.200

01:09:07 lenaes IP-BLOCK 94.228.209.200

01:28:19 lenaes IP-BLOCK 94.228.209.200

01:28:22 lenaes IP-BLOCK 94.228.209.200

01:28:28 lenaes IP-BLOCK 94.228.209.200

01:35:05 lenaes IP-BLOCK 91.212.226.67

01:35:08 lenaes IP-BLOCK 91.212.226.67

01:35:14 lenaes IP-BLOCK 91.212.226.67

01:45:26 lenaes IP-BLOCK 91.212.226.59

01:45:29 lenaes IP-BLOCK 91.212.226.59

01:45:35 lenaes IP-BLOCK 91.212.226.59

01:55:47 lenaes IP-BLOCK 195.170.178.55

01:55:50 lenaes IP-BLOCK 195.170.178.55

01:55:56 lenaes IP-BLOCK 195.170.178.55

01:56:40 lenaes IP-BLOCK 94.228.209.200

01:56:43 lenaes IP-BLOCK 94.228.209.200

01:56:49 lenaes IP-BLOCK 94.228.209.200

02:03:01 lenaes IP-BLOCK 94.228.209.200

02:03:04 lenaes IP-BLOCK 94.228.209.200

02:03:10 lenaes IP-BLOCK 94.228.209.200

02:06:08 lenaes IP-BLOCK 91.212.226.59

02:06:11 lenaes IP-BLOCK 91.212.226.59

02:06:17 lenaes IP-BLOCK 91.212.226.59

02:32:22 lenaes IP-BLOCK 94.228.209.200

02:32:25 lenaes IP-BLOCK 94.228.209.200

02:32:31 lenaes IP-BLOCK 94.228.209.200

02:58:43 lenaes IP-BLOCK 94.228.209.200

02:58:46 lenaes IP-BLOCK 94.228.209.200

02:58:52 lenaes IP-BLOCK 94.228.209.200

03:05:04 lenaes IP-BLOCK 94.228.209.200

03:05:07 lenaes IP-BLOCK 94.228.209.200

03:05:13 lenaes IP-BLOCK 94.228.209.200

03:35:18 lenaes IP-BLOCK 91.212.226.67

03:35:21 lenaes IP-BLOCK 91.212.226.67

03:35:27 lenaes IP-BLOCK 91.212.226.67

03:37:25 lenaes IP-BLOCK 94.228.209.200

03:37:28 lenaes IP-BLOCK 94.228.209.200

03:37:34 lenaes IP-BLOCK 94.228.209.200

03:45:39 lenaes IP-BLOCK 91.212.226.59

03:45:42 lenaes IP-BLOCK 91.212.226.59

03:45:48 lenaes IP-BLOCK 91.212.226.59

03:46:46 lenaes IP-BLOCK 94.228.209.200

03:46:49 lenaes IP-BLOCK 94.228.209.200

03:46:55 lenaes IP-BLOCK 94.228.209.200

03:56:00 lenaes IP-BLOCK 195.170.178.55

03:56:03 lenaes IP-BLOCK 195.170.178.55

03:56:09 lenaes IP-BLOCK 195.170.178.55

03:57:07 lenaes IP-BLOCK 94.228.209.200

03:57:10 lenaes IP-BLOCK 94.228.209.200

03:57:16 lenaes IP-BLOCK 94.228.209.200

04:00:00 lenaes MESSAGE Scheduled scan executed successfully

04:06:22 lenaes IP-BLOCK 91.212.226.59

04:06:25 lenaes IP-BLOCK 91.212.226.59

04:06:31 lenaes IP-BLOCK 91.212.226.59

04:07:28 lenaes IP-BLOCK 94.228.209.200

04:07:31 lenaes IP-BLOCK 94.228.209.200

04:07:37 lenaes IP-BLOCK 94.228.209.200

04:32:49 lenaes IP-BLOCK 94.228.209.200

04:32:52 lenaes IP-BLOCK 94.228.209.200

04:32:58 lenaes IP-BLOCK 94.228.209.200

04:55:10 lenaes IP-BLOCK 94.228.209.200

04:55:13 lenaes IP-BLOCK 94.228.209.200

04:55:19 lenaes IP-BLOCK 94.228.209.200

05:00:31 lenaes IP-BLOCK 94.228.209.200

05:00:34 lenaes IP-BLOCK 94.228.209.200

05:00:40 lenaes IP-BLOCK 94.228.209.200

05:23:52 lenaes IP-BLOCK 94.228.209.200

05:23:55 lenaes IP-BLOCK 94.228.209.200

05:24:01 lenaes IP-BLOCK 94.228.209.200

05:34:13 lenaes IP-BLOCK 94.228.209.200

05:34:16 lenaes IP-BLOCK 94.228.209.200

05:34:22 lenaes IP-BLOCK 94.228.209.200

05:35:36 lenaes IP-BLOCK 91.212.226.67

05:35:39 lenaes IP-BLOCK 91.212.226.67

05:35:45 lenaes IP-BLOCK 91.212.226.67

05:45:57 lenaes IP-BLOCK 91.212.226.59

05:46:00 lenaes IP-BLOCK 91.212.226.59

05:46:06 lenaes IP-BLOCK 91.212.226.59

05:56:18 lenaes IP-BLOCK 195.170.178.55

05:56:21 lenaes IP-BLOCK 195.170.178.55

05:56:27 lenaes IP-BLOCK 195.170.178.55

06:00:34 lenaes IP-BLOCK 94.228.209.200

06:00:37 lenaes IP-BLOCK 94.228.209.200

06:00:43 lenaes IP-BLOCK 94.228.209.200

06:06:40 lenaes IP-BLOCK 91.212.226.59

06:06:43 lenaes IP-BLOCK 91.212.226.59

06:06:49 lenaes IP-BLOCK 91.212.226.59

06:19:56 lenaes IP-BLOCK 94.228.209.200

06:19:59 lenaes IP-BLOCK 94.228.209.200

06:20:05 lenaes IP-BLOCK 94.228.209.200

06:27:17 lenaes IP-BLOCK 94.228.209.200

06:27:20 lenaes IP-BLOCK 94.228.209.200

06:27:26 lenaes IP-BLOCK 94.228.209.200

06:34:38 lenaes IP-BLOCK 94.228.209.200

06:34:41 lenaes IP-BLOCK 94.228.209.200

06:34:47 lenaes IP-BLOCK 94.228.209.200

06:41:59 lenaes IP-BLOCK 94.228.209.200

06:42:02 lenaes IP-BLOCK 94.228.209.200

06:42:08 lenaes IP-BLOCK 94.228.209.200

07:03:20 lenaes IP-BLOCK 94.228.209.200

07:03:23 lenaes IP-BLOCK 94.228.209.200

07:03:29 lenaes IP-BLOCK 94.228.209.200

07:21:41 lenaes IP-BLOCK 94.228.209.200

07:21:44 lenaes IP-BLOCK 94.228.209.200

07:21:50 lenaes IP-BLOCK 94.228.209.200

07:36:01 lenaes IP-BLOCK 91.212.226.67

07:36:04 lenaes IP-BLOCK 91.212.226.67

07:36:10 lenaes IP-BLOCK 91.212.226.67

07:43:02 lenaes IP-BLOCK 94.228.209.200

07:43:05 lenaes IP-BLOCK 94.228.209.200

07:43:11 lenaes IP-BLOCK 94.228.209.200

07:46:22 lenaes IP-BLOCK 91.212.226.59

07:46:25 lenaes IP-BLOCK 91.212.226.59

07:46:31 lenaes IP-BLOCK 91.212.226.59

07:49:23 lenaes IP-BLOCK 94.228.209.200

07:49:26 lenaes IP-BLOCK 94.228.209.200

07:49:32 lenaes IP-BLOCK 94.228.209.200

07:56:43 lenaes IP-BLOCK 195.170.178.55

07:56:46 lenaes IP-BLOCK 195.170.178.55

07:56:52 lenaes IP-BLOCK 195.170.178.55

07:59:44 lenaes IP-BLOCK 94.228.209.200

07:59:47 lenaes IP-BLOCK 94.228.209.200

07:59:53 lenaes IP-BLOCK 94.228.209.200

08:07:05 lenaes IP-BLOCK 91.212.226.59

08:07:08 lenaes IP-BLOCK 91.212.226.59

08:07:14 lenaes IP-BLOCK 91.212.226.59

08:14:05 lenaes IP-BLOCK 94.228.209.200

08:14:08 lenaes IP-BLOCK 94.228.209.200

08:14:14 lenaes IP-BLOCK 94.228.209.200

08:47:26 lenaes IP-BLOCK 94.228.209.200

08:47:29 lenaes IP-BLOCK 94.228.209.200

08:47:35 lenaes IP-BLOCK 94.228.209.200

09:10:47 lenaes IP-BLOCK 94.228.209.200

09:10:50 lenaes IP-BLOCK 94.228.209.200

09:10:56 lenaes IP-BLOCK 94.228.209.200

09:22:08 lenaes IP-BLOCK 94.228.209.200

09:22:11 lenaes IP-BLOCK 94.228.209.200

09:22:17 lenaes IP-BLOCK 94.228.209.200

09:36:10 lenaes IP-BLOCK 91.212.226.67

09:36:13 lenaes IP-BLOCK 91.212.226.67

09:36:19 lenaes IP-BLOCK 91.212.226.67

09:36:31 lenaes IP-BLOCK 94.228.209.200

09:36:34 lenaes IP-BLOCK 94.228.209.200

09:36:40 lenaes IP-BLOCK 94.228.209.200

09:46:31 lenaes IP-BLOCK 91.212.226.59

09:46:34 lenaes IP-BLOCK 91.212.226.59

09:46:40 lenaes IP-BLOCK 91.212.226.59

09:52:06 lenaes MESSAGE Scheduled update executed successfully

09:52:06 lenaes MESSAGE IP Protection stopped

09:52:24 lenaes MESSAGE Database updated successfully

09:52:30 lenaes MESSAGE IP Protection started successfully

09:56:52 lenaes IP-BLOCK 195.170.178.55

09:56:55 lenaes IP-BLOCK 195.170.178.55

09:57:01 lenaes IP-BLOCK 195.170.178.55

10:03:52 lenaes IP-BLOCK 94.228.209.200

10:03:55 lenaes IP-BLOCK 94.228.209.200

10:04:01 lenaes IP-BLOCK 94.228.209.200

10:07:13 lenaes IP-BLOCK 91.212.226.59

10:07:16 lenaes IP-BLOCK 91.212.226.59

10:07:22 lenaes IP-BLOCK 91.212.226.59

10:37:13 lenaes IP-BLOCK 94.228.209.200

10:37:16 lenaes IP-BLOCK 94.228.209.200

10:37:22 lenaes IP-BLOCK 94.228.209.200

11:04:34 lenaes IP-BLOCK 94.228.209.200

11:04:37 lenaes IP-BLOCK 94.228.209.200

11:04:43 lenaes IP-BLOCK 94.228.209.200

11:26:55 lenaes IP-BLOCK 94.228.209.200

11:26:58 lenaes IP-BLOCK 94.228.209.200

11:27:04 lenaes IP-BLOCK 94.228.209.200

Here is the DDS log:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 12/02/2003 2:02:03 PM

System Uptime: 07/01/2010 1:30:23 PM (22 hours ago)

Motherboard: | | P4M266A-8235

Processor: Intel® Pentium® 4 CPU 2.66GHz | Socket 478 | 2664/133mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 37 GiB total, 20.505 GiB free.

D: is CDROM ()

F: is NetworkDisk (NTFS) - 224 GiB total, 206.654 GiB free.

G: is NetworkDisk (NTFS) - 224 GiB total, 206.654 GiB free.

H: is NetworkDisk (NTFS) - 224 GiB total, 206.654 GiB free.

I: is NetworkDisk (NTFS) - 224 GiB total, 206.654 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

3ivx MPEG-4 5.0.3 (remove only)

Adobe Atmosphere Player for Acrobat and Adobe Reader

Adobe Flash Player 10 ActiveX

Adobe Photoshop Album 2.0 Starter Edition

AVG 9.0

Business Contact Manager for Outlook 2003

Compatibility Pack for the 2007 Office system

Connect3

Critical Update for Windows Media Player 11 (KB959772)

Crystal Reports 9 Run-Time Engine

GASB 34 Reporter

HASP4 Device Drivers

HighMAT Extension to Microsoft Windows XP CD Writing Wizard

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format SDK (KB902344)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

HSP56 MR Drivers

INCODE Client

Java Auto Updater

Java 6 Update 20

LAN-Fax Utilities

LogMeIn

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Data Access Components KB870669

Microsoft IntelliPoint 4.1

Microsoft IntelliType Pro 2.2

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Small Business Edition 2003

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Miltel Communications - GALAXYnet

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 6.0 Parser (KB933579)

muvee Plugin 1.0

Pervasive System Analyzer

Pervasive.SQL V8 Workgroup (v8.5)

ProcessGalaxy

ProSavageDDR and Utilities

Quick-TIF 11

Quick-TIF 6.0

Quick-TIF 7.0

Quick-TIF 7.0 (C:\Program Files\qt7\)

Quick-TIF 7.0 (g:\Apps\qt6\)

Quick-TIF 7.0 (g:\Apps\qt7\)

QuickTIF 10

QuickTIF 10 (C:\Program Files\qt10\)

QuickTIF 10 (C:\Program Files\qt10\) #3

QuickTIF 10 (C:\Program Files\qt10\) #4

QuickTIF 10 (C:\Program Files\qt10\) #5

QuickTIF 12.0

QuickTIF 8.0

QuickTIF 9.0

READCENTER

READCENTER Monitor Galaxy

READCENTER Monitor Service

S3Display

S3Gamma2

S3Info2

S3Overlay

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB973346)

SmartNetMonitor for Client

Time Zone Data Update Tool for Microsoft Office Outlook

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows XP (KB951978)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

VIA Audio Driver Setup Program

VIA Rhine-Family Fast-Ethernet Adapter

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Volo View Express

WebEx

WebFldrs XP

Windows Defender Signatures

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Connect

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Player 11

Windows Presentation Foundation

Windows XP Service Pack 3

WinZip

XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

06/28/2010 11:39:08 AM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.

06/28/2010 11:39:03 AM, error: SRService [104] - The System Restore initialization process failed.

06/28/2010 11:38:56 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.

06/28/2010 11:38:56 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

DDS (Ver_10-03-17.01) - NTFSx86

Run by lenaes at 11:33:26.13 on 07/02/2010

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1247.415 [GMT -5:00]

AV: AVG Internet Security Network Edition *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

svchost.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\LogMeIn\x86\LMIGuardian.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe

C:\Program Files\AVG\AVG9\avgam.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\LogMeIn\x86\LMIGuardian.exe

C:\PVSW\Bin\w3dbsmgr.exe

G:\Printkey.exe

C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\LogMeIn\x86\LMIGuardian.exe

C:\Documents and Settings\lenaes\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uStart Page = hxxp://google.com/

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

mRun: [intelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"

mRun: [POINTER] point32.exe

mRun: [JobHisInit] c:\program files\rmclient\JobHisInit.exe

mRun: [MplSetUp] c:\program files\rmclient\MplSetUp.exe

mRun: [VTPreset] VTPreset.exe

mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

mRun: [CountrySelection] pctptt.exe

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\galaxy~1.lnk - c:\galaxynet\magic\mgrntw.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pervas~1.lnk - c:\pvsw\bin\w3dbsmgr.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\readce~1.lnk - c:\windows\installer\{3d1ea1ae-5964-495a-ae96-2052086d71a4}\_08006182ABCC6C3890E4B8.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\shortc~1.lnk - g:\Printkey.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\shortc~2.lnk - c:\program files\badger meter, inc\readcenter monitor galaxy\ReadCenterMonitor1.exe

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37957.5211921296

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: {E3705978-71E7-438A-9930-C912EE13EAF6} = 192.168.168.2

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: LMIinit - LMIinit.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2010-5-24 25168]

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-4-15 52872]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-15 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-15 29584]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-15 243024]

R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]

R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-22 5897808]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-5-31 12856]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-5-31 47640]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-6-28 304464]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2007-2-28 104000]

R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2010-5-24 122448]

R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2010-5-24 30288]

R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2010-5-24 26192]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-28 20952]

S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-5-24 430152]

S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\35.tmp --> c:\windows\system32\35.tmp [?]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2010-06-30 22:18:23 0 ----a-w- c:\documents and settings\lenaes\defogger_reenable

2010-06-30 14:55:28 0 d-----w- c:\program files\Crystal Decisions

2010-06-28 20:50:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-28 20:50:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-28 20:50:49 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-23 19:25:05 221184 ----a-w- c:\windows\system32\wmpns.dll

2010-06-22 18:15:53 12536 ----a-w- c:\windows\system32\avgrsstx.dll

==================== Find3M ====================

2010-06-22 18:16:08 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-06-22 18:15:17 25168 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys

2010-06-22 18:13:26 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-06-09 13:26:53 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

2010-06-09 13:26:50 87424 ----a-w- c:\windows\system32\LMIinit.dll

2010-06-09 13:26:50 29568 ----a-w- c:\windows\system32\LMIport.dll

2010-05-27 23:55:15 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-05-24 23:57:49 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2010-05-06 15:36:38 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-04-12 22:29:19 411368 ----a-w- c:\windows\system32\deployJava1.dll

2009-04-16 01:34:57 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009041520090416\index.dat

============= FINISH: 11:35:40.65 ===============

The issue still exists. Thanks Again

Link to post
Share on other sites

Please read the following through carefully so that you understand what to do.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. (If Vista, click on the Vista Orb and copy and paste the following into the Search field. (make sure you include the quotation marks) Then press Ctrl+Shift+Enter.)
    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • It may ask you to reboot the computer to complete the process. Allow it to do so.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Link to post
Share on other sites

13:36:31:154 4804 TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49

13:36:31:154 4804 ================================================================================

13:36:31:154 4804 SystemInfo:

13:36:31:154 4804 OS Version: 5.1.2600 ServicePack: 3.0

13:36:31:154 4804 Product type: Workstation

13:36:31:154 4804 ComputerName: NEW5

13:36:31:154 4804 UserName: lenaes

13:36:31:154 4804 Windows directory: C:\WINDOWS

13:36:31:154 4804 System windows directory: C:\WINDOWS

13:36:31:154 4804 Processor architecture: Intel x86

13:36:31:154 4804 Number of processors: 1

13:36:31:154 4804 Page size: 0x1000

13:36:31:169 4804 Boot type: Normal boot

13:36:31:185 4804 ================================================================================

13:36:31:701 4804 Initialize success

13:36:31:701 4804

13:36:31:701 4804 Scanning Services ...

13:36:32:091 4804 Raw services enum returned 348 services

13:36:32:107 4804

13:36:32:107 4804 Scanning Drivers ...

13:36:33:123 4804 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:36:33:169 4804 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

13:36:33:263 4804 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

13:36:33:326 4804 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

13:36:33:498 4804 akshasp (d5987b854a62867d399a3d3d744547e5) C:\WINDOWS\system32\DRIVERS\akshasp.sys

13:36:33:591 4804 aksusb (25c07de96a774622001935e36693c9c2) C:\WINDOWS\system32\DRIVERS\aksusb.sys

13:36:33:951 4804 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:36:34:091 4804 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

13:36:34:357 4804 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:36:34:482 4804 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

13:36:34:685 4804 AVGIDSDriverxpx (97670687f6c8f35e7b611f2ce1f94472) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys

13:36:34:794 4804 AVGIDSErHrxpx (277fc6b0f0be23bae7e63f184034b2fe) C:\WINDOWS\system32\Drivers\AVGIDSxx.sys

13:36:34:982 4804 AVGIDSFilterxpx (dba65f23b686bdf043bbb54e55c72887) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys

13:36:35:076 4804 AVGIDSShimxpx (a552461aab7a36c2465ff19e59af08bf) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys

13:36:35:185 4804 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys

13:36:35:310 4804 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys

13:36:35:388 4804 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys

13:36:35:560 4804 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys

13:36:35:732 4804 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

13:36:35:810 4804 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

13:36:36:076 4804 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

13:36:36:169 4804 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

13:36:36:232 4804 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:36:37:232 4804 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

13:36:37:341 4804 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

13:36:37:576 4804 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

13:36:37:654 4804 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

13:36:37:716 4804 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

13:36:37:873 4804 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

13:36:37:951 4804 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

13:36:38:076 4804 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

13:36:38:232 4804 FET5X86V (491318d9061e80949988164ef973b315) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys

13:36:38:294 4804 FETND5BV (491318d9061e80949988164ef973b315) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys

13:36:38:373 4804 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys

13:36:38:451 4804 FETNDISB (693f6de7a06225ad242ffcacfe70800b) C:\WINDOWS\system32\DRIVERS\fetnd5b.sys

13:36:38:560 4804 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

13:36:38:685 4804 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

13:36:38:826 4804 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

13:36:39:029 4804 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:36:39:154 4804 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:36:39:216 4804 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

13:36:39:294 4804 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:36:39:419 4804 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\WINDOWS\system32\drivers\hardlock.sys

13:36:39:576 4804 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys

13:36:39:654 4804 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:36:39:748 4804 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys

13:36:39:904 4804 i8042prt (3c9333514a761ad8861bceeadeeba69f) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:36:39:904 4804 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\i8042prt.sys. Real md5: 3c9333514a761ad8861bceeadeeba69f, Fake md5: 4a0b06aa8943c1e332520f7440c0aa30

13:36:39:904 4804 File "C:\WINDOWS\system32\DRIVERS\i8042prt.sys" infected by TDSS rootkit ... 13:36:41:279 4804 Backup copy found, using it..

13:36:41:294 4804 will be cured on next reboot

13:36:41:404 4804 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

13:36:41:513 4804 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:36:41:544 4804 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

13:36:41:638 4804 IPFilter (9ea02e03ed52d25551a6e46cf3b94b01) C:\WINDOWS\system32\DRIVERS\IPFilter.sys

13:36:41:716 4804 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:36:41:810 4804 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:36:41:888 4804 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:36:41:982 4804 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:36:42:091 4804 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

13:36:42:169 4804 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:36:42:232 4804 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:36:42:294 4804 klmd23 (316353165feba3d0538eaa9c2f60c5b7) C:\WINDOWS\system32\drivers\klmd.sys

13:36:42:404 4804 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

13:36:42:513 4804 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys

13:36:42:591 4804 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys

13:36:42:669 4804 LMImirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\LMImirr.sys

13:36:42:763 4804 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

13:36:42:810 4804 MBAMProtector (67b48a903430c6d4fb58cbaca1866601) C:\WINDOWS\system32\drivers\mbam.sys

13:36:42:935 4804 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

13:36:42:998 4804 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

13:36:43:060 4804 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

13:36:43:107 4804 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:36:43:169 4804 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:36:43:232 4804 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

13:36:43:326 4804 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:36:43:435 4804 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:36:43:576 4804 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

13:36:43:623 4804 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:36:43:701 4804 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:36:43:779 4804 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

13:36:43:857 4804 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:36:43:935 4804 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys

13:36:43:998 4804 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

13:36:44:076 4804 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

13:36:44:138 4804 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:36:44:201 4804 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:36:44:498 4804 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:36:44:560 4804 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

13:36:44:607 4804 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

13:36:44:669 4804 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

13:36:44:763 4804 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

13:36:44:841 4804 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

13:36:44:982 4804 NTSIM (7fd3e634852d13dbfc5e4097ac2ef66e) C:\WINDOWS\System32\ntsim.sys

13:36:45:076 4804 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

13:36:45:138 4804 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:36:45:201 4804 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:36:45:357 4804 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

13:36:45:435 4804 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

13:36:45:498 4804 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

13:36:45:560 4804 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

13:36:45:669 4804 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

13:36:45:904 4804 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:36:45:997 4804 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

13:36:46:076 4804 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

13:36:46:138 4804 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:36:46:216 4804 ptserial (f311eba7f1877e15f52181c192fdfec9) C:\WINDOWS\system32\DRIVERS\ptserial.sys

13:36:46:466 4804 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:36:46:654 4804 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:36:46:935 4804 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:36:47:247 4804 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

13:36:47:310 4804 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:36:47:357 4804 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:36:47:435 4804 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:36:47:497 4804 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

13:36:47:591 4804 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

13:36:47:669 4804 S3Psddr (f5c5903c601a193e659485cd8258fcb3) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys

13:36:47:747 4804 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:36:47:826 4804 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

13:36:47:857 4804 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

13:36:47:919 4804 SetupNT (549ea830a5d9edd9cd14311126c2849b) C:\WINDOWS\system32\SetupNT.sys

13:36:47:982 4804 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

13:36:48:107 4804 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

13:36:48:169 4804 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\System32\DRIVERS\sr.sys

13:36:48:279 4804 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys

13:36:48:341 4804 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

13:36:48:451 4804 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

13:36:48:622 4804 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

13:36:48:701 4804 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:36:48:841 4804 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

13:36:48:904 4804 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

13:36:48:997 4804 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

13:36:49:138 4804 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

13:36:49:294 4804 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

13:36:49:435 4804 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:36:49:497 4804 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:36:49:763 4804 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

13:36:49:857 4804 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:36:49:966 4804 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:36:50:044 4804 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

13:36:50:138 4804 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

13:36:50:185 4804 viaagp1 (0e3e3fae3a0a58b8d936a8e841a17d16) C:\WINDOWS\system32\DRIVERS\viaagp1.sys

13:36:50:232 4804 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

13:36:50:310 4804 VIAudio (df47d922e86f4c571d81221bfb5873b8) C:\WINDOWS\system32\drivers\vinyl97.sys

13:36:50:404 4804 Vmodem (4720f00c392020cfc1e114335363bee3) C:\WINDOWS\system32\DRIVERS\vmodem.sys

13:36:50:497 4804 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

13:36:50:607 4804 Vpctcom (810dc0245dd1958f6f14860f95419c52) C:\WINDOWS\system32\DRIVERS\vpctcom.sys

13:36:50:701 4804 vulfnths (16409c468ceee99b6b129fcaa5c0f206) C:\WINDOWS\System32\Drivers\vulfnth.sys

13:36:50:763 4804 vulfntrs (541447e05eddd1164a5ea925778b209d) C:\WINDOWS\System32\Drivers\vulfntr.sys

13:36:50:810 4804 Vvoice (35da45fcf141bd6070fad722528b828a) C:\WINDOWS\system32\DRIVERS\vvoice.sys

13:36:50:872 4804 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:36:50:997 4804 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

13:36:51:091 4804 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:36:51:294 4804 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:36:51:294 4804 Reboot required for cure complete..

13:36:51:779 4804 Cure on reboot scheduled successfully

13:36:51:779 4804

13:36:51:779 4804 Completed

13:36:51:779 4804

13:36:51:779 4804 Results:

13:36:51:779 4804 Registry objects infected / cured / cured on reboot: 0 / 0 / 0

13:36:51:779 4804 File objects infected / cured / cured on reboot: 1 / 0 / 1

13:36:51:779 4804

13:36:51:779 4804 KLMD(ARK) unloaded successfully

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.