Jump to content

Appear to have a nasty Malware Infection


Recommended Posts

Hello, first of all I feel rather foolish, normally I'm the "go to guy" when something goes wrong with the family laptops pcs and now i've caused a large problem on my own pc.

I'm not sure where the infection came from, It wasn't there before i cooked dinner for the family and when i returned I was having all sorts of problems.

I was not able to run GMER Rootkit Scanner as it bluescreen'd my pc first of all after about 10 minutes, attempting to run again caused it to blue screen instantly.

The malware appeared to disable virtually all helpful functions. regedit, restore etc. It also appears to recognise certain search terms such as "malware infection" when searching in a web browser causing it to divert the page to ebay or false virus scanners.

I managed to re-activate them and run malwarebyte which cleared up a lot of the issues.

I've attached the DDS log, malwarebytes log

Any help would be much much apprecaited.

Anthony

No replies after two days so replying, attaching malwarebyte log

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6776

Windows 6.1.7600 (Safe Mode)

Internet Explorer 8.0.7600.16385

05/06/2011 19:55:39

mbam-log-2011-06-05 (19-55-39).txt

Scan type: Quick scan

Objects scanned: 161234

Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 12

Registry Values Infected: 139

Registry Data Items Infected: 0

Folders Infected: 1

Files Infected: 100

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{B2A123C3-A500-90BD-A120-04B53A2C8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2A123C3-A500-90BD-A120-04B53A2C8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2A123C3-A500-90BD-A120-04B53A2C8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{0554F458-BC72-486D-9AAE-F5D719A933EF} (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\chkavwqhhst.chkavwqhhst.1.0 (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\chkavwqhhst.chkavwqhhst (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$XNTUninstall643$ (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{E178638F-36F7-48D5-B0ED-C653EBF17380} (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\brumavwqhgrm.brumavwqhgrm.1.0 (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\brumavwqhgrm.brumavwqhgrm (Adware.AdRotator) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlpe (Malware.Packer.Gen) -> Value: LvScPiejlpe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlpe (Malware.Packer.Gen) -> Value: LvScPiejlpe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvpe (Malware.Packer.Gen) -> Value: Mqvpe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvpe (Malware.Packer.Gen) -> Value: Mqvpe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlpsc (Malware.Packer.Gen) -> Value: LvScPiejlpsc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlpsc (Malware.Packer.Gen) -> Value: LvScPiejlpsc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqW (Malware.Packer.Gen) -> Value: LvScPiejlqW -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqW (Malware.Packer.Gen) -> Value: LvScPiejlqW -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquta (Malware.Packer.Gen) -> Value: Mquta -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquta (Malware.Packer.Gen) -> Value: Mquta -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqug (Malware.Packer.Gen) -> Value: Mqug -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqug (Malware.Packer.Gen) -> Value: Mqug -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejloc (Malware.Packer.Gen) -> Value: LvScPiejloc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejloc (Malware.Packer.Gen) -> Value: LvScPiejloc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqsuc (Malware.Packer.Gen) -> Value: Mqsuc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqsuc (Malware.Packer.Gen) -> Value: Mqsuc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlo+ (Malware.Packer.Gen) -> Value: LvScPiejlo+ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlo+ (Malware.Packer.Gen) -> Value: LvScPiejlo+ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Malware.Packer.Gen) -> Value: Mquse -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Malware.Packer.Gen) -> Value: Mquse -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlotc (Malware.Packer.Gen) -> Value: LvScPiejlotc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlotc (Malware.Packer.Gen) -> Value: LvScPiejlotc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquwe (Malware.Packer.Gen) -> Value: Mquwe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquwe (Malware.Packer.Gen) -> Value: Mquwe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlub (Malware.Packer.Gen) -> Value: LvScPiejlub -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlub (Malware.Packer.Gen) -> Value: LvScPiejlub -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPc (Malware.Packer.Gen) -> Value: MqvPc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPc (Malware.Packer.Gen) -> Value: MqvPc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqurb (Malware.Packer.Gen) -> Value: Mqurb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqurb (Malware.Packer.Gen) -> Value: Mqurb -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Malware.Packer.Gen) -> Value: MqsZ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Malware.Packer.Gen) -> Value: MqsZ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqqoc (Malware.Packer.Gen) -> Value: Mqqoc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqqoc (Malware.Packer.Gen) -> Value: Mqqoc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqZ (Malware.Packer.Gen) -> Value: LvScPiejlqZ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqZ (Malware.Packer.Gen) -> Value: LvScPiejlqZ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqvc (Malware.Packer.Gen) -> Value: LvScPiejlqvc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqvc (Malware.Packer.Gen) -> Value: LvScPiejlqvc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlna (Malware.Packer.Gen) -> Value: LvScPiejlna -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlna (Malware.Packer.Gen) -> Value: LvScPiejlna -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvre (Malware.Packer.Gen) -> Value: Mqvre -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvre (Malware.Packer.Gen) -> Value: Mqvre -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquxe (Malware.Packer.Gen) -> Value: Mquxe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquxe (Malware.Packer.Gen) -> Value: Mquxe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlupc (Malware.Packer.Gen) -> Value: LvScPiejlupc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlupc (Malware.Packer.Gen) -> Value: LvScPiejlupc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqrMc (Malware.Packer.Gen) -> Value: MqrMc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqrMc (Malware.Packer.Gen) -> Value: MqrMc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlkc (Malware.Packer.Gen) -> Value: LvScPiejlkc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlkc (Malware.Packer.Gen) -> Value: LvScPiejlkc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlbrf (Malware.Packer.Gen) -> Value: LvScPiejlbrf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlbrf (Malware.Packer.Gen) -> Value: LvScPiejlbrf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqf (Malware.Packer.Gen) -> Value: LvScPiejlqf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqf (Malware.Packer.Gen) -> Value: LvScPiejlqf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlq+ (Malware.Packer.Gen) -> Value: LvScPiejlq+ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlq+ (Malware.Packer.Gen) -> Value: LvScPiejlq+ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqrta (Malware.Packer.Gen) -> Value: Mqrta -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqrta (Malware.Packer.Gen) -> Value: Mqrta -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlrxc (Malware.Packer.Gen) -> Value: LvScPiejlrxc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlrxc (Malware.Packer.Gen) -> Value: LvScPiejlrxc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlsPc (Malware.Packer.Gen) -> Value: LvScPiejlsPc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlsPc (Malware.Packer.Gen) -> Value: LvScPiejlsPc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqrtc (Malware.Packer.Gen) -> Value: Mqrtc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqrtc (Malware.Packer.Gen) -> Value: Mqrtc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqe (Malware.Packer.Gen) -> Value: LvScPiejlqe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqe (Malware.Packer.Gen) -> Value: LvScPiejlqe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqruqc (Malware.Packer.Gen) -> Value: Mqruqc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqruqc (Malware.Packer.Gen) -> Value: Mqruqc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqb (Malware.Packer.Gen) -> Value: LvScPiejlqb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqb (Malware.Packer.Gen) -> Value: LvScPiejlqb -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mque (Malware.Packer.Gen) -> Value: Mque -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mque (Malware.Packer.Gen) -> Value: Mque -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqc (Malware.Packer.Gen) -> Value: LvScPiejlqc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqc (Malware.Packer.Gen) -> Value: LvScPiejlqc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlppf (Malware.Packer.Gen) -> Value: LvScPiejlppf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlppf (Malware.Packer.Gen) -> Value: LvScPiejlppf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqse (Malware.Packer.Gen) -> Value: LvScPiejlqse -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlqse (Malware.Packer.Gen) -> Value: LvScPiejlqse -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqqyc (Malware.Packer.Gen) -> Value: Mqqyc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqqyc (Malware.Packer.Gen) -> Value: Mqqyc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlud (Malware.Packer.Gen) -> Value: LvScPiejlud -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlud (Malware.Packer.Gen) -> Value: LvScPiejlud -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlne (Malware.Packer.Gen) -> Value: LvScPiejlne -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlne (Malware.Packer.Gen) -> Value: LvScPiejlne -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejljGc (Malware.Packer.Gen) -> Value: LvScPiejljGc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejljGc (Malware.Packer.Gen) -> Value: LvScPiejljGc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlhb (Malware.Packer.Gen) -> Value: LvScPiejlhb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlhb (Malware.Packer.Gen) -> Value: LvScPiejlhb -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlora (Malware.Packer.Gen) -> Value: LvScPiejlora -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlora (Malware.Packer.Gen) -> Value: LvScPiejlora -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqtw+ (Malware.Packer.Gen) -> Value: Mqtw+ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqtw+ (Malware.Packer.Gen) -> Value: Mqtw+ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqva (Malware.Packer.Gen) -> Value: Mqva -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqva (Malware.Packer.Gen) -> Value: Mqva -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlk+ (Malware.Packer.Gen) -> Value: LvScPiejlk+ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlk+ (Malware.Packer.Gen) -> Value: LvScPiejlk+ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvsc (Malware.Packer.Gen) -> Value: Mqvsc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqvsc (Malware.Packer.Gen) -> Value: Mqvsc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlprc (Malware.Packer.Gen) -> Value: LvScPiejlprc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlprc (Malware.Packer.Gen) -> Value: LvScPiejlprc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqqZ (Malware.Packer.Gen) -> Value: MqqZ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqqZ (Malware.Packer.Gen) -> Value: MqqZ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquvc (Malware.Packer.Gen) -> Value: Mquvc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquvc (Malware.Packer.Gen) -> Value: Mquvc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlmc (Malware.Packer.Gen) -> Value: LvScPiejlmc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvScPiejlmc (Malware.Packer.Gen) -> Value: LvScPiejlmc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqpe (Malware.Packer.Gen) -> Value: Mqpe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqpe (Malware.Packer.Gen) -> Value: Mqpe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqutc (Malware.Packer.Gen) -> Value: Mqutc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqutc (Malware.Packer.Gen) -> Value: Mqutc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquuf (Malware.Packer.Gen) -> Value: Mquuf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquuf (Malware.Packer.Gen) -> Value: Mquuf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqstc (Malware.Packer.Gen) -> Value: Mqstc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqstc (Malware.Packer.Gen) -> Value: Mqstc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqpSc (Malware.Packer.Gen) -> Value: MqpSc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqpSc (Malware.Packer.Gen) -> Value: MqpSc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPb (Malware.Packer.Gen) -> Value: MqmPb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPb (Malware.Packer.Gen) -> Value: MqmPb -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwpc (Malware.Packer.Gen) -> Value: MqmPwpc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwpc (Malware.Packer.Gen) -> Value: MqmPwpc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqsrc (Malware.Packer.Gen) -> Value: Mqsrc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqsrc (Malware.Packer.Gen) -> Value: Mqsrc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtpf (Malware.Packer.Gen) -> Value: MqmPtpf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtpf (Malware.Packer.Gen) -> Value: MqmPtpf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwg (Malware.Packer.Gen) -> Value: MqmPwg -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwg (Malware.Packer.Gen) -> Value: MqmPwg -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwe (Malware.Packer.Gen) -> Value: MqmPwe -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwe (Malware.Packer.Gen) -> Value: MqmPwe -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPrc (Malware.Packer.Gen) -> Value: MqmPrc -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPrc (Malware.Packer.Gen) -> Value: MqmPrc -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPf (Malware.Packer.Gen) -> Value: MqmPf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPf (Malware.Packer.Gen) -> Value: MqmPf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPvZ (Malware.Packer.Gen) -> Value: MqmPvZ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPvZ (Malware.Packer.Gen) -> Value: MqmPvZ -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4ECYTQ9SIC (Trojan.Downloader) -> Value: 4ECYTQ9SIC -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Value: WINID -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Value: idstrf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Value: NoFolderOptions -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bipro (Trojan.Agent.Gen) -> Value: bipro -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\Windows\$xntuninstall643$ (Adware.AdRotator) -> Quarantined and deleted successfully.

Files Infected:

c:\Users\koultunami\AppData\Local\Temp\csrss.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\winamp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\taskmgr.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\drweb.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\services.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\smss.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\avp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\lsass.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\avp32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\svchost.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\hexdump.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\sysmgm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\sysmgm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\win32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\taskmgr.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\mdm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\debug.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\msmgm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\wininst.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\login.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\wininst.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\system.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\sysedit.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\gdi32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\cmd.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\oj9ubgor.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\user.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\win16.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\install.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\spoolsv.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\nvsvc32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\hexdump.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\setup.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\iexplarer.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\winamp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\user.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\win.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\services.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\winlogon.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\csrss.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\system.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\lsass.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\jbe279w.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\debug.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\iexplarer.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\nvsvc32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\win.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\gdi32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\winlogon.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\install.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\cmd.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\setup.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\mdm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\avp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\sysedit.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\spoolsv.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\msmgm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\avp32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\mdm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\services.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\login.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\iexplarer.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\spoolsv.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\setup.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\winamp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\win.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\install.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\Vm1.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\System32\rvdm8su.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.

c:\programdata\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\1107785648.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\125041760.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\1471813056.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\2232193648.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\2543225056.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\3.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\3156862944.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\3248649648.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\4044422944.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\483725648.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\dagqyv.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\gymcnq6neuqsdj3.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\kocu21izhviy2.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\svchost.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\Vm0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\Vm2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\Vm3.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Users\koultunami\AppData\Local\Temp\win32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\1806689760.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Windows\Temp\dgfn\setup.exe (Adware.BHO) -> Quarantined and deleted successfully.

c:\Windows\Vnodoa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\win16.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\koultunami\local settings\temporary internet files\udRemove.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.

c:\Windows\$xntuninstall643$\wktly.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

c:\Windows\$xntuninstall643$\apuninstall.exe (Adware.AdRotator) -> Quarantined and deleted successfully.

c:\Windows\$xntuninstall643$\buomo.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

c:\Windows\$xntuninstall643$\zrpt.xml (Adware.AdRotator) -> Quarantined and deleted successfully.

c:\Users\koultunami\downloads\explorer.exe.crdownload (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Attach.zip

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

Hello LDTate and thank you for replying, below is my TDSSKiller log

2011/06/09 16:56:53.0392 5208 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48

2011/06/09 16:56:53.0548 5208 ================================================================================

2011/06/09 16:56:53.0548 5208 SystemInfo:

2011/06/09 16:56:53.0548 5208

2011/06/09 16:56:53.0548 5208 OS Version: 6.1.7600 ServicePack: 0.0

2011/06/09 16:56:53.0548 5208 Product type: Workstation

2011/06/09 16:56:53.0548 5208 ComputerName: JESSICA

2011/06/09 16:56:53.0548 5208 UserName: Koultunami

2011/06/09 16:56:53.0548 5208 Windows directory: C:\Windows

2011/06/09 16:56:53.0548 5208 System windows directory: C:\Windows

2011/06/09 16:56:53.0548 5208 Processor architecture: Intel x86

2011/06/09 16:56:53.0548 5208 Number of processors: 4

2011/06/09 16:56:53.0548 5208 Page size: 0x1000

2011/06/09 16:56:53.0548 5208 Boot type: Normal boot

2011/06/09 16:56:53.0548 5208 ================================================================================

2011/06/09 16:56:54.0313 5208 Initialize success

2011/06/09 16:57:04.0952 3572 ================================================================================

2011/06/09 16:57:04.0952 3572 Scan started

2011/06/09 16:57:04.0952 3572 Mode: Manual;

2011/06/09 16:57:04.0952 3572 ================================================================================

2011/06/09 16:57:05.0857 3572 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/06/09 16:57:05.0903 3572 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

2011/06/09 16:57:05.0935 3572 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/06/09 16:57:05.0981 3572 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/06/09 16:57:06.0028 3572 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

2011/06/09 16:57:06.0059 3572 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

2011/06/09 16:57:06.0106 3572 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys

2011/06/09 16:57:06.0137 3572 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

2011/06/09 16:57:06.0184 3572 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

2011/06/09 16:57:06.0215 3572 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

2011/06/09 16:57:06.0247 3572 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

2011/06/09 16:57:06.0262 3572 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

2011/06/09 16:57:06.0309 3572 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

2011/06/09 16:57:06.0387 3572 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys

2011/06/09 16:57:06.0418 3572 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

2011/06/09 16:57:06.0449 3572 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys

2011/06/09 16:57:06.0496 3572 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/06/09 16:57:06.0527 3572 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys

2011/06/09 16:57:06.0574 3572 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

2011/06/09 16:57:06.0652 3572 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

2011/06/09 16:57:06.0683 3572 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

2011/06/09 16:57:06.0761 3572 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\Windows\system32\drivers\aswFsBlk.sys

2011/06/09 16:57:06.0839 3572 aswMonFlt (9bdc8e9ce17b773f69d2c6696c768c4f) C:\Windows\system32\drivers\aswMonFlt.sys

2011/06/09 16:57:06.0855 3572 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\Windows\system32\drivers\aswRdr.sys

2011/06/09 16:57:06.0949 3572 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\Windows\system32\drivers\aswSnx.sys

2011/06/09 16:57:07.0058 3572 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\Windows\system32\drivers\aswSP.sys

2011/06/09 16:57:07.0120 3572 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\Windows\system32\drivers\aswTdi.sys

2011/06/09 16:57:07.0167 3572 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/06/09 16:57:07.0245 3572 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

2011/06/09 16:57:07.0339 3572 athur (d79a49fc67421c7bb7dcbd188a442288) C:\Windows\system32\DRIVERS\athur.sys

2011/06/09 16:57:07.0463 3572 atksgt (70f72c50d39f5afa76c17f86223a7c4f) C:\Windows\system32\DRIVERS\atksgt.sys

2011/06/09 16:57:07.0573 3572 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys

2011/06/09 16:57:07.0619 3572 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys

2011/06/09 16:57:07.0666 3572 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

2011/06/09 16:57:07.0697 3572 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

2011/06/09 16:57:07.0744 3572 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

2011/06/09 16:57:07.0791 3572 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/06/09 16:57:07.0869 3572 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

2011/06/09 16:57:07.0900 3572 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/06/09 16:57:07.0931 3572 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/06/09 16:57:07.0963 3572 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

2011/06/09 16:57:07.0994 3572 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/06/09 16:57:08.0009 3572 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/06/09 16:57:08.0041 3572 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/06/09 16:57:08.0072 3572 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/06/09 16:57:08.0181 3572 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

2011/06/09 16:57:08.0243 3572 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

2011/06/09 16:57:08.0275 3572 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

2011/06/09 16:57:08.0306 3572 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

2011/06/09 16:57:08.0353 3572 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/06/09 16:57:08.0368 3572 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

2011/06/09 16:57:08.0415 3572 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

2011/06/09 16:57:08.0446 3572 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

2011/06/09 16:57:08.0477 3572 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/06/09 16:57:08.0509 3572 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/06/09 16:57:08.0571 3572 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

2011/06/09 16:57:08.0633 3572 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys

2011/06/09 16:57:08.0727 3572 CVPNDRVA (26deef07394624247d1f549bd94f0b15) C:\Windows\system32\Drivers\CVPNDRVA.sys

2011/06/09 16:57:08.0789 3572 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\Windows\system32\Drivers\SQcaptur.sys

2011/06/09 16:57:08.0836 3572 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys

2011/06/09 16:57:08.0867 3572 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

2011/06/09 16:57:08.0930 3572 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

2011/06/09 16:57:08.0992 3572 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys

2011/06/09 16:57:09.0055 3572 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

2011/06/09 16:57:09.0133 3572 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys

2011/06/09 16:57:09.0289 3572 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

2011/06/09 16:57:09.0429 3572 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

2011/06/09 16:57:09.0460 3572 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

2011/06/09 16:57:09.0507 3572 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

2011/06/09 16:57:09.0538 3572 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

2011/06/09 16:57:09.0569 3572 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

2011/06/09 16:57:09.0601 3572 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

2011/06/09 16:57:09.0616 3572 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

2011/06/09 16:57:09.0647 3572 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/06/09 16:57:09.0694 3572 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

2011/06/09 16:57:09.0725 3572 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

2011/06/09 16:57:09.0741 3572 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

2011/06/09 16:57:09.0788 3572 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys

2011/06/09 16:57:09.0835 3572 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/06/09 16:57:09.0897 3572 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/06/09 16:57:09.0991 3572 glancedrv (1e6c235714a42b2edc0cfa93d0ea66d3) C:\Windows\system32\DRIVERS\glancedrv.sys

2011/06/09 16:57:10.0053 3572 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys

2011/06/09 16:57:10.0100 3572 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

2011/06/09 16:57:10.0147 3572 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys

2011/06/09 16:57:10.0193 3572 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/06/09 16:57:10.0209 3572 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/06/09 16:57:10.0240 3572 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

2011/06/09 16:57:10.0271 3572 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

2011/06/09 16:57:10.0318 3572 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

2011/06/09 16:57:10.0365 3572 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/06/09 16:57:10.0412 3572 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

2011/06/09 16:57:10.0443 3572 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

2011/06/09 16:57:10.0474 3572 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/06/09 16:57:10.0505 3572 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys

2011/06/09 16:57:10.0552 3572 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

2011/06/09 16:57:10.0583 3572 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

2011/06/09 16:57:10.0630 3572 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

2011/06/09 16:57:10.0661 3572 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/06/09 16:57:10.0708 3572 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/06/09 16:57:10.0724 3572 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

2011/06/09 16:57:10.0786 3572 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

2011/06/09 16:57:10.0817 3572 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

2011/06/09 16:57:10.0833 3572 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/06/09 16:57:10.0880 3572 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/06/09 16:57:10.0911 3572 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/06/09 16:57:10.0942 3572 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

2011/06/09 16:57:10.0989 3572 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

2011/06/09 16:57:11.0083 3572 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys

2011/06/09 16:57:11.0098 3572 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys

2011/06/09 16:57:11.0176 3572 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys

2011/06/09 16:57:11.0223 3572 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/06/09 16:57:11.0270 3572 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/06/09 16:57:11.0301 3572 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/06/09 16:57:11.0317 3572 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/06/09 16:57:11.0348 3572 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/06/09 16:57:11.0379 3572 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

2011/06/09 16:57:11.0441 3572 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

2011/06/09 16:57:11.0473 3572 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/06/09 16:57:11.0519 3572 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

2011/06/09 16:57:11.0582 3572 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

2011/06/09 16:57:11.0613 3572 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

2011/06/09 16:57:11.0644 3572 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

2011/06/09 16:57:11.0675 3572 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

2011/06/09 16:57:11.0753 3572 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys

2011/06/09 16:57:11.0785 3572 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

2011/06/09 16:57:11.0972 3572 MpKsle90f38e0 (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF544BF0-0E73-4452-9ACA-42795E058EB3}\MpKsle90f38e0.sys

2011/06/09 16:57:12.0128 3572 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys

2011/06/09 16:57:12.0175 3572 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

2011/06/09 16:57:12.0206 3572 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

2011/06/09 16:57:12.0253 3572 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/06/09 16:57:12.0284 3572 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/06/09 16:57:12.0331 3572 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/06/09 16:57:12.0362 3572 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

2011/06/09 16:57:12.0393 3572 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

2011/06/09 16:57:12.0424 3572 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

2011/06/09 16:57:12.0455 3572 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

2011/06/09 16:57:12.0471 3572 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/06/09 16:57:12.0518 3572 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

2011/06/09 16:57:12.0565 3572 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/06/09 16:57:12.0580 3572 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

2011/06/09 16:57:12.0611 3572 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

2011/06/09 16:57:12.0643 3572 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/06/09 16:57:12.0658 3572 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

2011/06/09 16:57:12.0689 3572 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/06/09 16:57:12.0705 3572 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

2011/06/09 16:57:12.0767 3572 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

2011/06/09 16:57:12.0814 3572 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

2011/06/09 16:57:12.0861 3572 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/06/09 16:57:12.0892 3572 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/06/09 16:57:12.0939 3572 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/06/09 16:57:12.0955 3572 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/06/09 16:57:12.0986 3572 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

2011/06/09 16:57:13.0017 3572 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

2011/06/09 16:57:13.0079 3572 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

2011/06/09 16:57:13.0173 3572 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/06/09 16:57:13.0251 3572 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

2011/06/09 16:57:13.0298 3572 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

2011/06/09 16:57:13.0329 3572 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

2011/06/09 16:57:13.0391 3572 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys

2011/06/09 16:57:13.0438 3572 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

2011/06/09 16:57:13.0485 3572 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

2011/06/09 16:57:13.0766 3572 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/06/09 16:57:14.0000 3572 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys

2011/06/09 16:57:14.0031 3572 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys

2011/06/09 16:57:14.0062 3572 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/06/09 16:57:14.0109 3572 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/06/09 16:57:14.0156 3572 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

2011/06/09 16:57:14.0187 3572 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

2011/06/09 16:57:14.0218 3572 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

2011/06/09 16:57:14.0249 3572 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

2011/06/09 16:57:14.0281 3572 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

2011/06/09 16:57:14.0296 3572 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/06/09 16:57:14.0327 3572 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

2011/06/09 16:57:14.0374 3572 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

2011/06/09 16:57:14.0499 3572 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

2011/06/09 16:57:14.0530 3572 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

2011/06/09 16:57:14.0577 3572 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

2011/06/09 16:57:14.0639 3572 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

2011/06/09 16:57:14.0686 3572 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/06/09 16:57:14.0717 3572 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

2011/06/09 16:57:14.0733 3572 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

2011/06/09 16:57:14.0780 3572 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/06/09 16:57:14.0827 3572 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/06/09 16:57:14.0858 3572 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/06/09 16:57:14.0889 3572 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

2011/06/09 16:57:14.0920 3572 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

2011/06/09 16:57:14.0951 3572 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/06/09 16:57:14.0967 3572 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/06/09 16:57:15.0014 3572 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

2011/06/09 16:57:15.0061 3572 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

2011/06/09 16:57:15.0076 3572 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

2011/06/09 16:57:15.0123 3572 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

2011/06/09 16:57:15.0154 3572 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

2011/06/09 16:57:15.0201 3572 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

2011/06/09 16:57:15.0248 3572 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

2011/06/09 16:57:15.0404 3572 SbieDrv (2b12749cc05f32d217735770d2eeabe3) C:\Program Files\Sandboxie\SbieDrv.sys

2011/06/09 16:57:15.0513 3572 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/06/09 16:57:15.0607 3572 SCDEmu (16b1abe7f3e35f21dac57592b6c5d464) C:\Windows\system32\drivers\SCDEmu.sys

2011/06/09 16:57:15.0638 3572 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

2011/06/09 16:57:15.0685 3572 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/06/09 16:57:15.0731 3572 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

2011/06/09 16:57:15.0763 3572 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

2011/06/09 16:57:15.0794 3572 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

2011/06/09 16:57:15.0825 3572 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/06/09 16:57:15.0856 3572 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/06/09 16:57:15.0887 3572 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/06/09 16:57:15.0903 3572 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/06/09 16:57:15.0934 3572 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

2011/06/09 16:57:15.0981 3572 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/06/09 16:57:15.0997 3572 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/06/09 16:57:16.0043 3572 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

2011/06/09 16:57:16.0090 3572 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

2011/06/09 16:57:16.0184 3572 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys

2011/06/09 16:57:16.0184 3572 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

2011/06/09 16:57:16.0184 3572 sptd - detected LockedFile.Multi.Generic (1)

2011/06/09 16:57:16.0246 3572 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys

2011/06/09 16:57:16.0277 3572 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys

2011/06/09 16:57:16.0309 3572 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys

2011/06/09 16:57:16.0371 3572 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

2011/06/09 16:57:16.0433 3572 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

2011/06/09 16:57:16.0480 3572 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

2011/06/09 16:57:16.0511 3572 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

2011/06/09 16:57:16.0527 3572 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

2011/06/09 16:57:16.0605 3572 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys

2011/06/09 16:57:16.0683 3572 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys

2011/06/09 16:57:16.0792 3572 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys

2011/06/09 16:57:16.0839 3572 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

2011/06/09 16:57:16.0870 3572 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

2011/06/09 16:57:16.0901 3572 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

2011/06/09 16:57:16.0933 3572 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

2011/06/09 16:57:16.0948 3572 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

2011/06/09 16:57:17.0011 3572 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/06/09 16:57:17.0042 3572 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

2011/06/09 16:57:17.0073 3572 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

2011/06/09 16:57:17.0104 3572 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

2011/06/09 16:57:17.0151 3572 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/06/09 16:57:17.0182 3572 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

2011/06/09 16:57:17.0213 3572 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

2011/06/09 16:57:17.0291 3572 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys

2011/06/09 16:57:17.0338 3572 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/06/09 16:57:17.0369 3572 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

2011/06/09 16:57:17.0401 3572 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys

2011/06/09 16:57:17.0432 3572 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys

2011/06/09 16:57:17.0463 3572 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

2011/06/09 16:57:17.0510 3572 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

2011/06/09 16:57:17.0541 3572 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/06/09 16:57:17.0557 3572 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/06/09 16:57:17.0588 3572 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/06/09 16:57:17.0635 3572 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/06/09 16:57:17.0650 3572 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

2011/06/09 16:57:17.0697 3572 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/06/09 16:57:17.0728 3572 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

2011/06/09 16:57:17.0759 3572 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

2011/06/09 16:57:17.0775 3572 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

2011/06/09 16:57:17.0822 3572 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

2011/06/09 16:57:17.0837 3572 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

2011/06/09 16:57:17.0869 3572 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/06/09 16:57:17.0900 3572 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

2011/06/09 16:57:17.0947 3572 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

2011/06/09 16:57:17.0993 3572 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/06/09 16:57:18.0025 3572 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

2011/06/09 16:57:18.0071 3572 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/06/09 16:57:18.0118 3572 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

2011/06/09 16:57:18.0165 3572 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

2011/06/09 16:57:18.0181 3572 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

2011/06/09 16:57:18.0243 3572 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

2011/06/09 16:57:18.0274 3572 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

2011/06/09 16:57:18.0352 3572 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/06/09 16:57:18.0383 3572 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

2011/06/09 16:57:18.0461 3572 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/06/09 16:57:18.0508 3572 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/06/09 16:57:18.0555 3572 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/06/09 16:57:18.0617 3572 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

2011/06/09 16:57:18.0649 3572 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/06/09 16:57:18.0727 3572 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk0\DR0

2011/06/09 16:57:18.0742 3572 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

2011/06/09 16:57:18.0758 3572 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR2

2011/06/09 16:57:18.0773 3572 ================================================================================

2011/06/09 16:57:18.0773 3572 Scan finished

2011/06/09 16:57:18.0773 3572 ================================================================================

2011/06/09 16:57:18.0773 3516 Detected object count: 1

2011/06/09 16:57:18.0773 3516 Actual detected object count: 1

2011/06/09 16:57:34.0217 3516 LockedFile.Multi.Generic(sptd) - User select action: Skip

My computer seems to be running... normally if not slightly noticeably slower. Also despite using a popup blocker occasional pop ups are appearing which never happened prior to the infection.

Thank you

Link to post
Share on other sites

Please run a new MBAM scan being sure to check for updates before scanning and post the results.

Please don't attach the scans / logs for these tools, use "copy/paste".

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.