Can't run malwarebytes or any other scan

[Yuukimaru]

So this started today and I've been trying to find a solution with no luck, so I DLed DDS and got the logs and zipped them here. If anyone can help you'd be my hero. Thanks in advance!

dds.rar

[screen317]

Hi and welcome to Malwarebytes.

In the future, please post all logs directly into your reply instead of attaching them unless otherwise indicated.

• Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  
• Execute the file TDSSKiller.exe by double-clicking on it.
  
• Wait for the scan and disinfection process to be over.
  
• When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

[Yuukimaru]

These are the 2 logs I recieved, posted as requested thanks again for the help.

01:12:57.0500 2588 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

01:12:57.0882 2588 ============================================================

01:12:57.0882 2588 Current date / time: 2011/09/28 01:12:57.0882

01:12:57.0882 2588 SystemInfo:

01:12:57.0882 2588

01:12:57.0882 2588 OS Version: 6.0.6002 ServicePack: 2.0

01:12:57.0883 2588 Product type: Workstation

01:12:57.0883 2588 ComputerName: GILLIUM

01:12:57.0883 2588 UserName: Inuki

01:12:57.0883 2588 Windows directory: C:\Windows

01:12:57.0883 2588 System windows directory: C:\Windows

01:12:57.0883 2588 Processor architecture: Intel x86

01:12:57.0883 2588 Number of processors: 2

01:12:57.0883 2588 Page size: 0x1000

01:12:57.0883 2588 Boot type: Normal boot

01:12:57.0883 2588 ============================================================

01:12:59.0697 2588 Initialize success

01:13:01.0183 6356 ============================================================

01:13:01.0183 6356 Scan started

01:13:01.0183 6356 Mode: Manual;

01:13:01.0183 6356 ============================================================

01:13:03.0385 6356 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

01:13:03.0400 6356 ACPI - ok

01:13:03.0565 6356 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

01:13:03.0574 6356 adp94xx - ok

01:13:03.0649 6356 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

01:13:03.0656 6356 adpahci - ok

01:13:03.0714 6356 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

01:13:03.0719 6356 adpu160m - ok

01:13:03.0741 6356 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

01:13:03.0746 6356 adpu320 - ok

01:13:03.0921 6356 AFD (fbff315793b8bb09c5ba0ff5d1c5b0c7) C:\Windows\system32\drivers\afd.sys

01:13:03.0931 6356 AFD ( Rootkit.Win32.ZAccess.e ) - infected

01:13:03.0931 6356 AFD - detected Rootkit.Win32.ZAccess.e (0)

01:13:04.0016 6356 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

01:13:04.0020 6356 agp440 - ok

01:13:04.0040 6356 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

01:13:04.0044 6356 aic78xx - ok

01:13:04.0113 6356 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

01:13:04.0116 6356 aliide - ok

01:13:04.0148 6356 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

01:13:04.0151 6356 amdagp - ok

01:13:04.0169 6356 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

01:13:04.0172 6356 amdide - ok

01:13:04.0279 6356 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

01:13:04.0283 6356 AmdK7 - ok

01:13:04.0331 6356 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

01:13:04.0335 6356 AmdK8 - ok

01:13:04.0414 6356 androidusb (e94e2ea7faaa05c776a711edb198b9fd) C:\Windows\system32\Drivers\androidusb.sys

01:13:04.0455 6356 androidusb - ok

01:13:04.0561 6356 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

01:13:04.0576 6356 arc - ok

01:13:04.0624 6356 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

01:13:04.0645 6356 arcsas - ok

01:13:04.0709 6356 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

01:13:04.0720 6356 AsyncMac - ok

01:13:04.0767 6356 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

01:13:04.0768 6356 atapi - ok

01:13:05.0591 6356 atikmdag (18f4c1c503f1cdd39ad006aa54b79ea8) C:\Windows\system32\DRIVERS\atikmdag.sys

01:13:05.0708 6356 atikmdag - ok

01:13:05.0861 6356 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\system32\Drivers\avgldx86.sys

01:13:05.0881 6356 AvgLdx86 - ok

01:13:05.0954 6356 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\Windows\system32\Drivers\avgmfx86.sys

01:13:05.0957 6356 AvgMfx86 - ok

01:13:06.0049 6356 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\Windows\system32\Drivers\avgtdix.sys

01:13:06.0084 6356 AvgTdiX - ok

01:13:06.0202 6356 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

01:13:06.0221 6356 Beep - ok

01:13:06.0309 6356 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

01:13:06.0313 6356 blbdrive - ok

01:13:06.0554 6356 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

01:13:06.0585 6356 bowser - ok

01:13:06.0693 6356 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

01:13:06.0707 6356 BrFiltLo - ok

01:13:06.0751 6356 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

01:13:06.0754 6356 BrFiltUp - ok

01:13:06.0823 6356 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

01:13:06.0828 6356 Brserid - ok

01:13:06.0844 6356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

01:13:06.0848 6356 BrSerWdm - ok

01:13:06.0871 6356 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

01:13:06.0875 6356 BrUsbMdm - ok

01:13:06.0895 6356 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

01:13:06.0898 6356 BrUsbSer - ok

01:13:07.0000 6356 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

01:13:07.0021 6356 BTHMODEM - ok

01:13:07.0109 6356 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

01:13:07.0113 6356 cdfs - ok

01:13:07.0191 6356 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

01:13:07.0196 6356 cdrom - ok

01:13:07.0239 6356 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

01:13:07.0243 6356 circlass - ok

01:13:07.0275 6356 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

01:13:07.0282 6356 CLFS - ok

01:13:07.0333 6356 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

01:13:07.0336 6356 cmdide - ok

01:13:07.0368 6356 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

01:13:07.0382 6356 Compbatt - ok

01:13:07.0411 6356 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

01:13:07.0414 6356 crcdisk - ok

01:13:07.0439 6356 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

01:13:07.0443 6356 Crusoe - ok

01:13:07.0516 6356 da1adca9 (57a75a1cdb14a4854dee1681f653a242) C:\Windows\2849774298:635773782.exe

01:13:07.0532 6356 Suspicious file (Hidden): C:\Windows\2849774298:635773782.exe. md5: 57a75a1cdb14a4854dee1681f653a242

01:13:07.0532 6356 da1adca9 ( HiddenFile.Multi.Generic ) - warning

01:13:07.0532 6356 da1adca9 - detected HiddenFile.Multi.Generic (1)

01:13:07.0618 6356 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

01:13:07.0651 6356 DfsC - ok

01:13:07.0802 6356 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

01:13:07.0821 6356 disk - ok

01:13:07.0906 6356 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

01:13:07.0911 6356 Dot4 - ok

01:13:08.0068 6356 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

01:13:08.0088 6356 Dot4Print - ok

01:13:08.0153 6356 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

01:13:08.0157 6356 dot4usb - ok

01:13:08.0272 6356 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

01:13:08.0285 6356 drmkaud - ok

01:13:08.0550 6356 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

01:13:08.0568 6356 DXGKrnl - ok

01:13:08.0724 6356 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

01:13:08.0749 6356 e1express - ok

01:13:08.0805 6356 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

01:13:08.0811 6356 E1G60 - ok

01:13:09.0198 6356 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

01:13:09.0207 6356 Ecache - ok

01:13:09.0299 6356 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

01:13:09.0307 6356 elxstor - ok

01:13:09.0370 6356 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

01:13:09.0373 6356 ErrDev - ok

01:13:09.0544 6356 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

01:13:09.0564 6356 exfat - ok

01:13:09.0698 6356 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

01:13:09.0703 6356 fastfat - ok

01:13:09.0752 6356 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

01:13:09.0770 6356 fdc - ok

01:13:09.0818 6356 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

01:13:09.0821 6356 FileInfo - ok

01:13:09.0840 6356 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

01:13:09.0843 6356 Filetrace - ok

01:13:09.0868 6356 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

01:13:09.0872 6356 flpydisk - ok

01:13:10.0062 6356 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

01:13:10.0090 6356 FltMgr - ok

01:13:10.0346 6356 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

01:13:10.0349 6356 Fs_Rec - ok

01:13:10.0497 6356 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

01:13:10.0501 6356 gagp30kx - ok

01:13:10.0772 6356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

01:13:10.0780 6356 GEARAspiWDM - ok

01:13:10.0943 6356 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys

01:13:10.0952 6356 HdAudAddService - ok

01:13:11.0050 6356 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

01:13:11.0087 6356 HDAudBus - ok

01:13:11.0126 6356 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

01:13:11.0140 6356 HidBth - ok

01:13:11.0189 6356 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

01:13:11.0194 6356 HidIr - ok

01:13:11.0323 6356 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

01:13:11.0347 6356 HidUsb - ok

01:13:11.0403 6356 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

01:13:11.0407 6356 HpCISSs - ok

01:13:11.0538 6356 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

01:13:11.0580 6356 HTTP - ok

01:13:11.0662 6356 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

01:13:11.0666 6356 i2omp - ok

01:13:11.0882 6356 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

01:13:11.0912 6356 i8042prt - ok

01:13:12.0117 6356 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

01:13:12.0137 6356 iaStorV - ok

01:13:12.0281 6356 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

01:13:12.0289 6356 iirsp - ok

01:13:12.0374 6356 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

01:13:12.0400 6356 intelide - ok

01:13:12.0513 6356 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

01:13:12.0539 6356 intelppm - ok

01:13:12.0620 6356 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:13:12.0624 6356 IpFilterDriver - ok

01:13:12.0668 6356 IpInIp - ok

01:13:12.0710 6356 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

01:13:12.0715 6356 IPMIDRV - ok

01:13:12.0763 6356 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

01:13:12.0767 6356 IPNAT - ok

01:13:12.0968 6356 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

01:13:12.0992 6356 IRENUM - ok

01:13:13.0047 6356 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

01:13:13.0064 6356 isapnp - ok

01:13:13.0112 6356 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

01:13:13.0117 6356 iScsiPrt - ok

01:13:13.0148 6356 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

01:13:13.0151 6356 iteatapi - ok

01:13:13.0194 6356 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

01:13:13.0197 6356 iteraid - ok

01:13:13.0225 6356 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

01:13:13.0229 6356 kbdclass - ok

01:13:13.0307 6356 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

01:13:13.0338 6356 kbdhid - ok

01:13:13.0416 6356 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

01:13:13.0428 6356 KSecDD - ok

01:13:13.0507 6356 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

01:13:13.0511 6356 lltdio - ok

01:13:13.0581 6356 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

01:13:13.0587 6356 LSI_FC - ok

01:13:13.0639 6356 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

01:13:13.0657 6356 LSI_SAS - ok

01:13:13.0706 6356 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

01:13:13.0711 6356 LSI_SCSI - ok

01:13:13.0798 6356 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

01:13:13.0821 6356 luafv - ok

01:13:13.0875 6356 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

01:13:13.0878 6356 megasas - ok

01:13:14.0021 6356 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

01:13:14.0030 6356 MegaSR - ok

01:13:14.0082 6356 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

01:13:14.0086 6356 Modem - ok

01:13:14.0133 6356 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

01:13:14.0137 6356 monitor - ok

01:13:14.0165 6356 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

01:13:14.0168 6356 mouclass - ok

01:13:14.0210 6356 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

01:13:14.0213 6356 mouhid - ok

01:13:14.0243 6356 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

01:13:14.0246 6356 MountMgr - ok

01:13:14.0307 6356 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

01:13:14.0311 6356 mpio - ok

01:13:14.0339 6356 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

01:13:14.0343 6356 mpsdrv - ok

01:13:14.0390 6356 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

01:13:14.0393 6356 Mraid35x - ok

01:13:14.0414 6356 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

01:13:14.0433 6356 MRxDAV - ok

01:13:14.0498 6356 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

01:13:14.0521 6356 mrxsmb - ok

01:13:14.0640 6356 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:13:14.0666 6356 mrxsmb10 - ok

01:13:14.0755 6356 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:13:14.0761 6356 mrxsmb20 - ok

01:13:14.0788 6356 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

01:13:14.0790 6356 msahci - ok

01:13:14.0812 6356 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

01:13:14.0815 6356 msdsm - ok

01:13:14.0891 6356 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

01:13:14.0895 6356 Msfs - ok

01:13:14.0913 6356 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

01:13:14.0916 6356 msisadrv - ok

01:13:14.0980 6356 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

01:13:14.0982 6356 MSKSSRV - ok

01:13:15.0017 6356 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

01:13:15.0029 6356 MSPCLOCK - ok

01:13:15.0082 6356 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

01:13:15.0085 6356 MSPQM - ok

01:13:15.0132 6356 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

01:13:15.0137 6356 MsRPC - ok

01:13:15.0170 6356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

01:13:15.0173 6356 mssmbios - ok

01:13:15.0247 6356 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

01:13:15.0250 6356 MSTEE - ok

01:13:15.0318 6356 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

01:13:15.0322 6356 Mup - ok

01:13:15.0417 6356 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

01:13:15.0424 6356 NativeWifiP - ok

01:13:15.0539 6356 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

01:13:15.0549 6356 NDIS - ok

01:13:15.0573 6356 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

01:13:15.0577 6356 NdisTapi - ok

01:13:15.0600 6356 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

01:13:15.0603 6356 Ndisuio - ok

01:13:15.0666 6356 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

01:13:15.0677 6356 NdisWan - ok

01:13:15.0777 6356 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

01:13:15.0800 6356 NDProxy - ok

01:13:15.0892 6356 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

01:13:15.0895 6356 NetBIOS - ok

01:13:15.0962 6356 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

01:13:15.0968 6356 netbt - ok

01:13:16.0052 6356 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

01:13:16.0078 6356 nfrd960 - ok

01:13:16.0226 6356 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

01:13:16.0288 6356 Npfs - ok

01:13:16.0322 6356 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

01:13:16.0325 6356 nsiproxy - ok

01:13:16.0496 6356 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

01:13:16.0538 6356 Ntfs - ok

01:13:16.0630 6356 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

01:13:16.0634 6356 ntrigdigi - ok

01:13:16.0673 6356 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

01:13:16.0676 6356 Null - ok

01:13:16.0997 6356 nvlddmkm (a85091649861ae1a0c900105ea068a0d) C:\Windows\system32\DRIVERS\nvlddmkm.sys

01:13:17.0230 6356 nvlddmkm - ok

01:13:17.0312 6356 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

01:13:17.0316 6356 nvraid - ok

01:13:17.0360 6356 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

01:13:17.0364 6356 nvstor - ok

01:13:17.0422 6356 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

01:13:17.0427 6356 nv_agp - ok

01:13:17.0451 6356 NwlnkFlt - ok

01:13:17.0480 6356 NwlnkFwd - ok

01:13:17.0562 6356 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

01:13:17.0567 6356 ohci1394 - ok

01:13:17.0643 6356 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

01:13:17.0648 6356 Parport - ok

01:13:17.0685 6356 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

01:13:17.0689 6356 partmgr - ok

01:13:17.0715 6356 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

01:13:17.0720 6356 Parvdm - ok

01:13:17.0820 6356 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

01:13:17.0825 6356 pci - ok

01:13:17.0857 6356 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

01:13:17.0860 6356 pciide - ok

01:13:17.0919 6356 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

01:13:17.0924 6356 pcmcia - ok

01:13:17.0987 6356 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

01:13:18.0020 6356 PEAUTH - ok

01:13:18.0142 6356 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

01:13:18.0146 6356 PptpMiniport - ok

01:13:18.0176 6356 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

01:13:18.0180 6356 Processor - ok

01:13:18.0299 6356 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

01:13:18.0303 6356 PSched - ok

01:13:18.0387 6356 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

01:13:18.0420 6356 ql2300 - ok

01:13:18.0476 6356 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

01:13:18.0481 6356 ql40xx - ok

01:13:18.0530 6356 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

01:13:18.0546 6356 QWAVEdrv - ok

01:13:18.0583 6356 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

01:13:18.0586 6356 RasAcd - ok

01:13:18.0624 6356 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

01:13:18.0629 6356 Rasl2tp - ok

01:13:18.0679 6356 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

01:13:18.0682 6356 RasPppoe - ok

01:13:18.0724 6356 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

01:13:18.0728 6356 RasSstp - ok

01:13:18.0787 6356 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

01:13:18.0792 6356 rdbss - ok

01:13:18.0822 6356 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

01:13:18.0824 6356 RDPCDD - ok

01:13:18.0848 6356 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

01:13:18.0855 6356 rdpdr - ok

01:13:18.0883 6356 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

01:13:18.0886 6356 RDPENCDD - ok

01:13:18.0947 6356 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

01:13:18.0964 6356 RDPWD - ok

01:13:19.0016 6356 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

01:13:19.0019 6356 rspndr - ok

01:13:19.0048 6356 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

01:13:19.0051 6356 sbp2port - ok

01:13:19.0118 6356 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

01:13:19.0121 6356 secdrv - ok

01:13:19.0157 6356 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

01:13:19.0160 6356 Serenum - ok

01:13:19.0193 6356 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

01:13:19.0196 6356 Serial - ok

01:13:19.0234 6356 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

01:13:19.0237 6356 sermouse - ok

01:13:19.0286 6356 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

01:13:19.0289 6356 sffdisk - ok

01:13:19.0323 6356 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

01:13:19.0326 6356 sffp_mmc - ok

01:13:19.0357 6356 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

01:13:19.0360 6356 sffp_sd - ok

01:13:19.0382 6356 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

01:13:19.0386 6356 sfloppy - ok

01:13:19.0469 6356 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

01:13:19.0473 6356 sisagp - ok

01:13:19.0516 6356 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

01:13:19.0519 6356 SiSRaid2 - ok

01:13:19.0542 6356 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

01:13:19.0547 6356 SiSRaid4 - ok

01:13:19.0671 6356 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

01:13:19.0676 6356 Smb - ok

01:13:19.0730 6356 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

01:13:19.0733 6356 spldr - ok

01:13:19.0830 6356 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys

01:13:19.0830 6356 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

01:13:19.0833 6356 sptd ( LockedFile.Multi.Generic ) - warning

01:13:19.0833 6356 sptd - detected LockedFile.Multi.Generic (1)

01:13:20.0050 6356 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

01:13:20.0115 6356 srv - ok

01:13:20.0290 6356 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

01:13:20.0309 6356 srv2 - ok

01:13:20.0496 6356 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

01:13:20.0524 6356 srvnet - ok

01:13:20.0839 6356 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

01:13:20.0865 6356 swenum - ok

01:13:21.0185 6356 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

01:13:21.0212 6356 Symc8xx - ok

01:13:21.0295 6356 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

01:13:21.0298 6356 Sym_hi - ok

01:13:21.0322 6356 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

01:13:21.0325 6356 Sym_u3 - ok

01:13:21.0873 6356 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys

01:13:21.0949 6356 Tcpip - ok

01:13:22.0548 6356 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys

01:13:22.0558 6356 Tcpip6 - ok

01:13:23.0090 6356 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

01:13:23.0138 6356 tcpipreg - ok

01:13:23.0555 6356 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

01:13:23.0558 6356 TDPIPE - ok

01:13:23.0588 6356 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

01:13:23.0606 6356 TDTCP - ok

01:13:24.0132 6356 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

01:13:24.0155 6356 tdx - ok

01:13:24.0257 6356 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

01:13:24.0283 6356 TermDD - ok

01:13:24.0341 6356 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

01:13:24.0360 6356 tssecsrv - ok

01:13:24.0395 6356 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

01:13:24.0398 6356 tunmp - ok

01:13:24.0431 6356 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

01:13:24.0436 6356 tunnel - ok

01:13:24.0473 6356 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

01:13:24.0476 6356 uagp35 - ok

01:13:24.0524 6356 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

01:13:24.0532 6356 udfs - ok

01:13:24.0624 6356 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

01:13:24.0647 6356 uliagpkx - ok

01:13:24.0900 6356 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

01:13:24.0944 6356 uliahci - ok

01:13:25.0013 6356 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

01:13:25.0018 6356 UlSata - ok

01:13:25.0040 6356 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

01:13:25.0045 6356 ulsata2 - ok

01:13:25.0245 6356 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

01:13:25.0278 6356 umbus - ok

01:13:25.0403 6356 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys

01:13:25.0437 6356 USBAAPL - ok

01:13:25.0539 6356 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys

01:13:25.0543 6356 usbbus - ok

01:13:25.0575 6356 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

01:13:25.0597 6356 usbccgp - ok

01:13:25.0646 6356 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

01:13:25.0651 6356 usbcir - ok

01:13:25.0942 6356 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys

01:13:25.0966 6356 UsbDiag - ok

01:13:26.0141 6356 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

01:13:26.0174 6356 usbehci - ok

01:13:26.0302 6356 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

01:13:26.0313 6356 usbhub - ok

01:13:26.0543 6356 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys

01:13:26.0546 6356 USBModem - ok

01:13:27.0037 6356 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

01:13:27.0066 6356 usbohci - ok

01:13:27.0269 6356 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

01:13:27.0293 6356 usbprint - ok

01:13:27.0637 6356 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

01:13:27.0640 6356 usbscan - ok

01:13:28.0164 6356 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

01:13:28.0165 6356 USBSTOR - ok

01:13:28.0594 6356 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

01:13:28.0597 6356 usbuhci - ok

01:13:28.0843 6356 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

01:13:28.0864 6356 vga - ok

01:13:28.0948 6356 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

01:13:28.0957 6356 VgaSave - ok

01:13:29.0008 6356 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

01:13:29.0020 6356 viaagp - ok

01:13:29.0063 6356 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

01:13:29.0067 6356 ViaC7 - ok

01:13:29.0122 6356 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

01:13:29.0125 6356 viaide - ok

01:13:29.0145 6356 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

01:13:29.0149 6356 volmgr - ok

01:13:29.0273 6356 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

01:13:29.0292 6356 volmgrx - ok

01:13:29.0404 6356 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

01:13:29.0462 6356 volsnap - ok

01:13:29.0535 6356 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

01:13:29.0540 6356 vsmraid - ok

01:13:29.0618 6356 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys

01:13:29.0640 6356 wacommousefilter - ok

01:13:29.0665 6356 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

01:13:29.0681 6356 WacomPen - ok

01:13:29.0709 6356 wacomvhid (a45bc72e1bbf4286a58ef9b894871394) C:\Windows\system32\DRIVERS\wacomvhid.sys

01:13:29.0712 6356 wacomvhid - ok

01:13:29.0727 6356 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\Windows\system32\DRIVERS\WacomVKHid.sys

01:13:29.0730 6356 WacomVKHid - ok

01:13:29.0834 6356 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

01:13:29.0862 6356 Wanarp - ok

01:13:29.0888 6356 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

01:13:29.0890 6356 Wanarpv6 - ok

01:13:30.0134 6356 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

01:13:30.0182 6356 Wd - ok

01:13:30.0259 6356 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

01:13:30.0317 6356 Wdf01000 - ok

01:13:30.0650 6356 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

01:13:30.0686 6356 WmiAcpi - ok

01:13:30.0914 6356 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

01:13:30.0932 6356 WpdUsb - ok

01:13:31.0148 6356 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

01:13:31.0152 6356 ws2ifsl - ok

01:13:31.0432 6356 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

01:13:31.0439 6356 WUDFRd - ok

01:13:31.0470 6356 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

01:13:31.0486 6356 \Device\Harddisk0\DR0 - ok

01:13:31.0568 6356 MBR (0x1B8) (dd5d77e69c4f2c2edc48939ce05e13f4) \Device\Harddisk1\DR1

01:13:41.0426 6356 \Device\Harddisk1\DR1 - ok

01:13:41.0445 6356 Boot (0x1200) (e4d797dd258874f4303f8dc21e03d296) \Device\Harddisk0\DR0\Partition0

01:13:41.0472 6356 \Device\Harddisk0\DR0\Partition0 - ok

01:13:41.0497 6356 Boot (0x1200) (4a223fc6a1f5142c7a97ce0eb8ee2e5b) \Device\Harddisk0\DR0\Partition1

01:13:41.0517 6356 \Device\Harddisk0\DR0\Partition1 - ok

01:13:41.0517 6356 ============================================================

01:13:41.0517 6356 Scan finished

01:13:41.0517 6356 ============================================================

01:13:41.0537 3512 Detected object count: 3

01:13:41.0537 3512 Actual detected object count: 3

01:14:00.0417 3512 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\afd.sys) error 1813

01:14:06.0629 3512 Backup copy not found, trying to cure infected file..

01:14:06.0670 3512 Cure success, using it..

01:14:06.0679 3512 C:\Windows\system32\drivers\afd.sys - will be cured on reboot

01:14:06.0679 3512 AFD ( Rootkit.Win32.ZAccess.e ) - User select action: Cure

01:14:06.0680 3512 HKLM\SYSTEM\ControlSet001\services\da1adca9 - will be deleted on reboot

01:14:06.0754 3512 HKLM\SYSTEM\ControlSet002\services\da1adca9 - will be deleted on reboot

01:14:06.0772 3512 C:\Windows\2849774298:635773782.exe - will be deleted on reboot

01:14:06.0772 3512 da1adca9 ( HiddenFile.Multi.Generic ) - User select action: Delete

01:14:06.0776 3512 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot

01:14:06.0778 3512 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot

01:14:06.0780 3512 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot

01:14:06.0780 3512 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

01:14:11.0392 6408 Deinitialize success

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26

Run by Inuki at 1:17:00 on 2011-09-28

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1666 [GMT -4:00]

.

AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Windows\system32\lsm.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\Pen_Tablet.exe

C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WTablet\Pen_TabletUser.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: H - No File

mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - No File

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll

BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

LSP: mswsock.dll

Trusted Zone: square-enix.com\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A3EFFB71-BA93-409B-8694-F64E92AEF09C} : DhcpNameServer = 192.168.1.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: avgrsstx.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\inuki\appdata\roaming\mozilla\firefox\profiles\teuytkrf.default\

FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)

FF - prefs.js: browser.startup.homepage - Google.com

FF - component: c:\users\inuki\appdata\roaming\mozilla\firefox\profiles\teuytkrf.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

FF - component: c:\users\inuki\appdata\roaming\mozilla\firefox\profiles\teuytkrf.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll

FF - component: c:\users\inuki\appdata\roaming\mozilla\firefox\profiles\teuytkrf.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\users\inuki\appdata\roaming\facebook\npfbplugin_1_0_3.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-7-11 216400]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-7-11 29712]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-7-11 243152]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-4-29 176128]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-11 921952]

R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-11 308136]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-9-10 369256]

R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-2-11 3032360]

R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2009-9-4 25728]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2074-05-18 22:44:52 607296 ----a-w- c:\program files\microsoft games\age of empires iii\deformerdllyD.dll

2011-09-26 01:58:50 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-09-26 01:58:24 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-26 01:26:31 -------- d-----w- c:\users\inuki\appdata\roaming\f-secure

2011-09-25 22:18:55 -------- d-----w- c:\programdata\F-Secure

2011-09-25 21:51:44 -------- d-----w- c:\users\inuki\Malwarebytes' Anti-Malware

2011-09-24 02:09:18 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-09-23 01:48:37 -------- d-----w- c:\users\inuki\appdata\local\Microsoft Games

2011-09-07 01:40:51 -------- d-----w- c:\program files\StartNow Toolbar

2011-09-04 13:45:15 -------- d-----w- c:\windows\system32\xlive

2011-09-01 15:05:46 51472 ----a-w- c:\program files\microsoft games\age of empires online\rmdll\final\RandomMap.dll

2011-09-01 15:05:46 13584 ----a-w- c:\program files\microsoft games\age of empires online\rmdll\final\RandomMapBinder.dll

2011-09-01 15:05:45 19216 ----a-w- c:\program files\microsoft games\age of empires online\rmdll\final\CLRBinder.dll

2011-09-01 14:49:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-01 14:42:45 81998 ----a-w- c:\program files\microsoft games\age of empires online\RockallDLL.dll

2011-09-01 14:42:44 746496 ----a-w- c:\program files\microsoft games\age of empires online\granny2.dll

2011-09-01 14:42:41 139536 ----a-w- c:\program files\microsoft games\age of empires online\eulax.dll

2011-09-01 14:42:38 173408 ----a-w- c:\program files\microsoft games\age of empires online\pw32b.dll

2011-09-01 14:37:43 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE

2011-08-29 18:31:14 -------- d-----w- c:\users\inuki\appdata\roaming\Malwarebytes

2011-08-29 18:31:09 -------- d-----w- c:\programdata\Malwarebytes

2011-08-29 18:31:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-09-28 05:15:44 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-09-08 16:03:35 1682 --sha-w- c:\programdata\KGyGaAvL.sys

2011-07-22 13:54:40 1383424 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-18 00:32:49 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

============= FINISH: 1:19:43.79 ===============

[screen317]

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[Yuukimaru]

Combofix won't seem to run properly, I've disabled everything its asked me to and it just gets caught scanning for hours with no response then crashes out. =/

[Yuukimaru]

ok I noticed a program called "Catchme.3exe" appearing

[screen317]

Hi,

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet. Before you download it, rename it to sega.com

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Click Start --> Run, and enter this command exactly as shown:

"%userprofile%\desktop\sega.com" /killall /nombr

See if it will run successfully now. Stop it after half an hour of no activity.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!