Jump to content

Google redirect/Malwarebytes gets terminated during scan


psa188

Recommended Posts

Good evening:

I have this google redirect/Malwarebytes gets terminated problem that everyone seems to be referring to. I tried doing the various steps here:

http://forums.malwarebytes.org/index.php?showtopic=85715

but to no avail.

I ran hijackthis and got the following log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:35:49 AM, on 9/25/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17099)

Boot mode: Safe mode

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\WINDOWS\Explorer.EXE

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

G:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2384137

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=25040

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O2 - BHO: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110924170404.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: compliance0615 Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIOb2.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll

O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe

O23 - Service: InCD File System Service (InCDsrv) - Unknown owner - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

O23 - Service: PanelSvc - Unknown owner - C:\Program Files\SurfBoard\PanelApp\PanelSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 8489 bytes

Can you provide assistance?

Thanks in advance.

Link to post
Share on other sites

  • Staff

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Link to post
Share on other sites

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Thanks.

The TDSSKiller log is here:

19:34:27.0906 1400 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

19:34:29.0921 1400 ============================================================

19:34:29.0921 1400 Current date / time: 2011/09/28 19:34:29.0921

19:34:29.0921 1400 SystemInfo:

19:34:29.0921 1400

19:34:29.0921 1400 OS Version: 5.1.2600 ServicePack: 3.0

19:34:29.0921 1400 Product type: Workstation

19:34:29.0921 1400 ComputerName: LAPTOP

19:34:29.0921 1400 UserName: Thanh 'Vivien'

19:34:29.0921 1400 Windows directory: C:\WINDOWS

19:34:29.0921 1400 System windows directory: C:\WINDOWS

19:34:29.0921 1400 Processor architecture: Intel x86

19:34:29.0921 1400 Number of processors: 1

19:34:29.0921 1400 Page size: 0x1000

19:34:29.0921 1400 Boot type: Safe boot with network

19:34:29.0921 1400 ============================================================

19:34:31.0750 1400 Initialize success

19:34:37.0671 0184 ============================================================

19:34:37.0671 0184 Scan started

19:34:37.0671 0184 Mode: Manual;

19:34:37.0671 0184 ============================================================

19:34:39.0234 0184 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe

19:34:39.0265 0184 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

19:34:39.0265 0184 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

19:34:39.0265 0184 1cf6efbe - detected HiddenFile.Multi.Generic (1)

19:34:39.0453 0184 Abiosdsk - ok

19:34:39.0515 0184 abp480n5 - ok

19:34:39.0640 0184 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:34:39.0640 0184 ACPI - ok

19:34:39.0718 0184 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

19:34:39.0718 0184 ACPIEC - ok

19:34:39.0796 0184 adpu160m - ok

19:34:39.0921 0184 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

19:34:39.0921 0184 aec - ok

19:34:40.0078 0184 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

19:34:40.0093 0184 AFD - ok

19:34:40.0156 0184 Aha154x - ok

19:34:40.0218 0184 aic78u2 - ok

19:34:40.0281 0184 aic78xx - ok

19:34:40.0390 0184 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

19:34:40.0406 0184 AliIde - ok

19:34:40.0515 0184 amsint - ok

19:34:40.0625 0184 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:34:40.0640 0184 Arp1394 - ok

19:34:40.0765 0184 asc - ok

19:34:40.0828 0184 asc3350p - ok

19:34:40.0890 0184 asc3550 - ok

19:34:41.0000 0184 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:34:41.0000 0184 AsyncMac - ok

19:34:41.0093 0184 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

19:34:41.0093 0184 atapi - ok

19:34:41.0187 0184 Atdisk - ok

19:34:41.0281 0184 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:34:41.0281 0184 Atmarpc - ok

19:34:41.0546 0184 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

19:34:41.0546 0184 audstub - ok

19:34:41.0656 0184 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

19:34:41.0656 0184 Beep - ok

19:34:41.0765 0184 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys

19:34:41.0781 0184 CAMCAUD - ok

19:34:41.0921 0184 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys

19:34:41.0937 0184 CAMCHALA - ok

19:34:42.0031 0184 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

19:34:42.0031 0184 cbidf2k - ok

19:34:42.0171 0184 cd20xrnt - ok

19:34:42.0281 0184 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

19:34:42.0281 0184 Cdaudio - ok

19:34:42.0390 0184 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

19:34:42.0406 0184 Cdfs - ok

19:34:42.0515 0184 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:34:42.0515 0184 Cdrom - ok

19:34:42.0609 0184 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys

19:34:42.0609 0184 cfwids - ok

19:34:42.0671 0184 Changer - ok

19:34:42.0843 0184 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

19:34:42.0843 0184 CmBatt - ok

19:34:42.0890 0184 CmdIde - ok

19:34:43.0000 0184 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

19:34:43.0000 0184 Compbatt - ok

19:34:43.0125 0184 Cpqarray - ok

19:34:43.0187 0184 dac2w2k - ok

19:34:43.0250 0184 dac960nt - ok

19:34:43.0328 0184 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

19:34:43.0328 0184 Disk - ok

19:34:43.0578 0184 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

19:34:43.0593 0184 dmboot - ok

19:34:43.0703 0184 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

19:34:43.0703 0184 dmio - ok

19:34:43.0843 0184 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

19:34:43.0843 0184 dmload - ok

19:34:43.0921 0184 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

19:34:43.0921 0184 DMusic - ok

19:34:44.0000 0184 dpti2o - ok

19:34:44.0093 0184 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

19:34:44.0109 0184 drmkaud - ok

19:34:44.0250 0184 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys

19:34:44.0250 0184 eabfiltr - ok

19:34:44.0328 0184 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys

19:34:44.0328 0184 eabusb - ok

19:34:44.0578 0184 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

19:34:44.0578 0184 Fastfat - ok

19:34:44.0656 0184 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

19:34:44.0656 0184 Fdc - ok

19:34:44.0859 0184 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys

19:34:44.0859 0184 FileMonitor - ok

19:34:44.0984 0184 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

19:34:44.0984 0184 Fips - ok

19:34:45.0046 0184 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:34:45.0046 0184 Flpydisk - ok

19:34:45.0140 0184 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

19:34:45.0140 0184 FltMgr - ok

19:34:45.0281 0184 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:34:45.0281 0184 Fs_Rec - ok

19:34:45.0375 0184 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:34:45.0375 0184 Ftdisk - ok

19:34:45.0484 0184 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys

19:34:45.0500 0184 ggflt - ok

19:34:45.0640 0184 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

19:34:45.0656 0184 ggsemc - ok

19:34:45.0781 0184 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:34:45.0781 0184 Gpc - ok

19:34:45.0890 0184 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:34:45.0890 0184 HidUsb - ok

19:34:46.0000 0184 hpn - ok

19:34:46.0125 0184 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

19:34:46.0125 0184 HSFHWICH - ok

19:34:46.0234 0184 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

19:34:46.0265 0184 HSF_DP - ok

19:34:46.0421 0184 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

19:34:46.0437 0184 HTTP - ok

19:34:46.0500 0184 i2omgmt - ok

19:34:46.0593 0184 i2omp - ok

19:34:46.0687 0184 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:34:46.0687 0184 i8042prt - ok

19:34:46.0828 0184 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

19:34:46.0843 0184 ialm - ok

19:34:46.0921 0184 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

19:34:46.0921 0184 Imapi - ok

19:34:47.0078 0184 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys

19:34:47.0093 0184 InCDfs - ok

19:34:47.0140 0184 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys

19:34:47.0140 0184 InCDPass - ok

19:34:47.0234 0184 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys

19:34:47.0234 0184 InCDrec - ok

19:34:47.0296 0184 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys

19:34:47.0296 0184 incdrm - ok

19:34:47.0406 0184 ini910u - ok

19:34:47.0531 0184 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

19:34:47.0531 0184 IntelIde - ok

19:34:47.0593 0184 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:34:47.0593 0184 intelppm - ok

19:34:47.0718 0184 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

19:34:47.0718 0184 Ip6Fw - ok

19:34:47.0828 0184 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:34:47.0828 0184 IpFilterDriver - ok

19:34:47.0937 0184 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:34:47.0937 0184 IpInIp - ok

19:34:48.0046 0184 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:34:48.0062 0184 IpNat - ok

19:34:48.0156 0184 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:34:48.0156 0184 IPSec - ok

19:34:48.0265 0184 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys

19:34:48.0265 0184 IPVNMon - ok

19:34:48.0390 0184 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

19:34:48.0390 0184 IRENUM - ok

19:34:48.0484 0184 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:34:48.0500 0184 isapnp - ok

19:34:48.0640 0184 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys

19:34:48.0640 0184 Iviaspi - ok

19:34:48.0734 0184 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:34:48.0734 0184 Kbdclass - ok

19:34:48.0796 0184 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:34:48.0796 0184 kbdhid - ok

19:34:48.0890 0184 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

19:34:48.0890 0184 kmixer - ok

19:34:49.0015 0184 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

19:34:49.0031 0184 KSecDD - ok

19:34:49.0250 0184 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys

19:34:49.0250 0184 Lbd - ok

19:34:49.0437 0184 lbrtfdc - ok

19:34:49.0656 0184 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys

19:34:49.0656 0184 MDC8021X - ok

19:34:49.0765 0184 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

19:34:49.0765 0184 mdmxsdk - ok

19:34:49.0859 0184 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys

19:34:49.0875 0184 mfeapfk - ok

19:34:49.0953 0184 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys

19:34:49.0953 0184 mfeavfk - ok

19:34:50.0140 0184 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys

19:34:50.0140 0184 mfebopk - ok

19:34:50.0265 0184 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys

19:34:50.0265 0184 mfefirek - ok

19:34:50.0359 0184 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys

19:34:50.0359 0184 mfehidk - ok

19:34:50.0468 0184 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

19:34:50.0468 0184 mfendisk - ok

19:34:50.0484 0184 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

19:34:50.0484 0184 mfendiskmp - ok

19:34:50.0609 0184 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys

19:34:50.0609 0184 mferkdet - ok

19:34:50.0796 0184 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

19:34:50.0796 0184 mferkdk - ok

19:34:50.0921 0184 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys

19:34:50.0921 0184 mfesmfk - ok

19:34:51.0015 0184 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys

19:34:51.0015 0184 mfetdi2k - ok

19:34:51.0125 0184 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

19:34:51.0125 0184 mnmdd - ok

19:34:51.0234 0184 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

19:34:51.0234 0184 Modem - ok

19:34:51.0437 0184 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:34:51.0437 0184 Mouclass - ok

19:34:51.0515 0184 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:34:51.0515 0184 mouhid - ok

19:34:51.0578 0184 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

19:34:51.0578 0184 MountMgr - ok

19:34:51.0640 0184 mraid35x - ok

19:34:51.0734 0184 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:34:51.0750 0184 MRxDAV - ok

19:34:51.0890 0184 MRxSmb (ee34615ff9d99612d41354bedd0ce11e) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:34:51.0890 0184 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: ee34615ff9d99612d41354bedd0ce11e, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0

19:34:51.0890 0184 MRxSmb ( Rootkit.Win32.ZAccess.e ) - infected

19:34:51.0890 0184 MRxSmb - detected Rootkit.Win32.ZAccess.e (0)

19:34:52.0109 0184 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

19:34:52.0109 0184 Msfs - ok

19:34:52.0203 0184 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:34:52.0218 0184 MSKSSRV - ok

19:34:52.0296 0184 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:34:52.0296 0184 MSPCLOCK - ok

19:34:52.0375 0184 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

19:34:52.0375 0184 MSPQM - ok

19:34:52.0484 0184 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:34:52.0484 0184 mssmbios - ok

19:34:52.0593 0184 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

19:34:52.0593 0184 Mup - ok

19:34:52.0671 0184 NAVAP - ok

19:34:52.0687 0184 NAVAPEL - ok

19:34:52.0781 0184 NAVENG - ok

19:34:52.0796 0184 NAVEX15 - ok

19:34:53.0015 0184 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

19:34:53.0015 0184 NDIS - ok

19:34:53.0125 0184 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:34:53.0125 0184 NdisTapi - ok

19:34:53.0187 0184 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:34:53.0187 0184 Ndisuio - ok

19:34:53.0265 0184 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:34:53.0265 0184 NdisWan - ok

19:34:53.0343 0184 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

19:34:53.0343 0184 NDProxy - ok

19:34:53.0421 0184 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

19:34:53.0421 0184 NetBIOS - ok

19:34:53.0609 0184 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

19:34:53.0609 0184 NetBT - ok

19:34:53.0718 0184 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:34:53.0718 0184 NIC1394 - ok

19:34:53.0796 0184 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

19:34:53.0812 0184 Npfs - ok

19:34:53.0906 0184 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

19:34:53.0921 0184 Ntfs - ok

19:34:54.0031 0184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

19:34:54.0031 0184 Null - ok

19:34:54.0125 0184 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:34:54.0125 0184 NwlnkFlt - ok

19:34:54.0343 0184 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:34:54.0343 0184 NwlnkFwd - ok

19:34:54.0546 0184 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:34:54.0546 0184 ohci1394 - ok

19:34:54.0671 0184 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

19:34:54.0671 0184 Parport - ok

19:34:54.0765 0184 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

19:34:54.0765 0184 PartMgr - ok

19:34:54.0859 0184 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

19:34:54.0859 0184 ParVdm - ok

19:34:55.0031 0184 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

19:34:55.0031 0184 PCI - ok

19:34:55.0093 0184 PCIDump - ok

19:34:55.0171 0184 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

19:34:55.0171 0184 PCIIde - ok

19:34:55.0296 0184 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

19:34:55.0296 0184 Pcmcia - ok

19:34:55.0359 0184 PDCOMP - ok

19:34:55.0437 0184 PDFRAME - ok

19:34:55.0500 0184 PDRELI - ok

19:34:55.0671 0184 PDRFRAME - ok

19:34:55.0734 0184 perc2 - ok

19:34:55.0796 0184 perc2hib - ok

19:34:55.0937 0184 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

19:34:55.0937 0184 Pfc - ok

19:34:56.0062 0184 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:34:56.0062 0184 PptpMiniport - ok

19:34:56.0156 0184 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

19:34:56.0156 0184 PSched - ok

19:34:56.0359 0184 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:34:56.0359 0184 Ptilink - ok

19:34:56.0515 0184 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys

19:34:56.0515 0184 PxHelp20 - ok

19:34:56.0562 0184 ql1080 - ok

19:34:56.0640 0184 Ql10wnt - ok

19:34:56.0703 0184 ql12160 - ok

19:34:56.0765 0184 ql1240 - ok

19:34:56.0937 0184 ql1280 - ok

19:34:57.0031 0184 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:34:57.0031 0184 RasAcd - ok

19:34:57.0109 0184 Rasirda - ok

19:34:57.0218 0184 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:34:57.0218 0184 Rasl2tp - ok

19:34:57.0296 0184 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:34:57.0296 0184 RasPppoe - ok

19:34:57.0375 0184 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

19:34:57.0375 0184 Raspti - ok

19:34:57.0562 0184 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:34:57.0578 0184 Rdbss - ok

19:34:57.0671 0184 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:34:57.0687 0184 RDPCDD - ok

19:34:57.0812 0184 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

19:34:57.0812 0184 RDPWD - ok

19:34:57.0937 0184 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

19:34:57.0937 0184 redbook - ok

19:34:58.0125 0184 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys

19:34:58.0125 0184 RegFilter - ok

19:34:58.0359 0184 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

19:34:58.0359 0184 RTL8023xp - ok

19:34:58.0468 0184 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

19:34:58.0468 0184 sdbus - ok

19:34:58.0546 0184 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:34:58.0546 0184 Secdrv - ok

19:34:58.0656 0184 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

19:34:58.0656 0184 serenum - ok

19:34:58.0765 0184 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

19:34:58.0765 0184 Serial - ok

19:34:58.0921 0184 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

19:34:58.0937 0184 Sfloppy - ok

19:34:59.0093 0184 Simbad - ok

19:34:59.0203 0184 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

19:34:59.0203 0184 SMCIRDA - ok

19:34:59.0281 0184 Sparrow - ok

19:34:59.0359 0184 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

19:34:59.0359 0184 splitter - ok

19:34:59.0515 0184 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

19:34:59.0515 0184 sr - ok

19:34:59.0656 0184 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

19:34:59.0656 0184 Srv - ok

19:34:59.0828 0184 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

19:34:59.0828 0184 swenum - ok

19:34:59.0890 0184 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

19:34:59.0890 0184 swmidi - ok

19:34:59.0968 0184 symc810 - ok

19:35:00.0109 0184 symc8xx - ok

19:35:00.0203 0184 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys

19:35:00.0203 0184 symlcbrd - ok

19:35:00.0250 0184 sym_hi - ok

19:35:00.0328 0184 sym_u3 - ok

19:35:00.0500 0184 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys

19:35:00.0500 0184 SynTP - ok

19:35:00.0593 0184 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

19:35:00.0593 0184 sysaudio - ok

19:35:00.0687 0184 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:35:00.0703 0184 Tcpip - ok

19:35:00.0765 0184 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

19:35:00.0765 0184 TDPIPE - ok

19:35:00.0843 0184 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

19:35:00.0843 0184 TDTCP - ok

19:35:00.0937 0184 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

19:35:00.0937 0184 TermDD - ok

19:35:01.0125 0184 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys

19:35:01.0140 0184 tifm21 - ok

19:35:01.0187 0184 TosIde - ok

19:35:01.0281 0184 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

19:35:01.0281 0184 Udfs - ok

19:35:01.0343 0184 ultra - ok

19:35:01.0468 0184 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

19:35:01.0468 0184 Update - ok

19:35:01.0656 0184 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys

19:35:01.0656 0184 UrlFilter - ok

19:35:01.0796 0184 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:35:01.0796 0184 usbccgp - ok

19:35:01.0859 0184 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:35:01.0875 0184 usbehci - ok

19:35:01.0953 0184 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:35:01.0953 0184 usbhub - ok

19:35:02.0015 0184 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:35:02.0015 0184 usbprint - ok

19:35:02.0078 0184 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:35:02.0078 0184 usbscan - ok

19:35:02.0187 0184 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:35:02.0187 0184 USBSTOR - ok

19:35:02.0312 0184 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:35:02.0312 0184 usbuhci - ok

19:35:02.0375 0184 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

19:35:02.0375 0184 VgaSave - ok

19:35:02.0453 0184 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

19:35:02.0468 0184 ViaIde - ok

19:35:02.0546 0184 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

19:35:02.0546 0184 VolSnap - ok

19:35:02.0734 0184 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys

19:35:02.0812 0184 w29n51 - ok

19:35:02.0984 0184 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:35:02.0984 0184 Wanarp - ok

19:35:03.0093 0184 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

19:35:03.0109 0184 Wdf01000 - ok

19:35:03.0171 0184 WDICA - ok

19:35:03.0265 0184 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

19:35:03.0265 0184 wdmaud - ok

19:35:03.0375 0184 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

19:35:03.0390 0184 winachsf - ok

19:35:03.0500 0184 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

19:35:03.0500 0184 WmiAcpi - ok

19:35:03.0718 0184 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

19:35:03.0734 0184 WS2IFSL - ok

19:35:03.0828 0184 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:35:03.0828 0184 WudfPf - ok

19:35:03.0906 0184 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:35:03.0906 0184 WudfRd - ok

19:35:03.0968 0184 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0

19:35:04.0062 0184 \Device\Harddisk0\DR0 - ok

19:35:04.0062 0184 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0

19:35:04.0062 0184 \Device\Harddisk0\DR0\Partition0 - ok

19:35:04.0062 0184 ============================================================

19:35:04.0062 0184 Scan finished

19:35:04.0062 0184 ============================================================

19:35:04.0078 1732 Detected object count: 2

19:35:04.0078 1732 Actual detected object count: 2

19:36:02.0656 1732 C:\WINDOWS\3203397148:3809022017.exe - copied to quarantine

19:36:02.0656 1732 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Quarantine

19:36:03.0937 1732 Backup copy found, using it..

19:36:03.0984 1732 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured on reboot

19:36:03.0984 1732 MRxSmb ( Rootkit.Win32.ZAccess.e ) - User select action: Cure

19:36:33.0468 2024 Deinitialize success

During the DDS scan, my computer froze twice. I will keep trying and will post the log when it runs.

Link to post
Share on other sites

Grab a fresh copy of TDSSKiller, run it, and post its log.

Reboot and try DDS with a fresh copy.

Did it. Here's the new TDSSKiller log:

18:53:19.0125 1456 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

18:53:20.0000 1456 ============================================================

18:53:20.0000 1456 Current date / time: 2011/09/29 18:53:20.0000

18:53:20.0000 1456 SystemInfo:

18:53:20.0000 1456

18:53:20.0000 1456 OS Version: 5.1.2600 ServicePack: 3.0

18:53:20.0000 1456 Product type: Workstation

18:53:20.0000 1456 ComputerName: LAPTOP

18:53:20.0000 1456 UserName: Thanh 'Vivien'

18:53:20.0000 1456 Windows directory: C:\WINDOWS

18:53:20.0000 1456 System windows directory: C:\WINDOWS

18:53:20.0000 1456 Processor architecture: Intel x86

18:53:20.0000 1456 Number of processors: 1

18:53:20.0000 1456 Page size: 0x1000

18:53:20.0000 1456 Boot type: Safe boot with network

18:53:20.0000 1456 ============================================================

18:53:21.0593 1456 Initialize success

18:53:24.0968 1768 ============================================================

18:53:24.0968 1768 Scan started

18:53:24.0968 1768 Mode: Manual;

18:53:24.0968 1768 ============================================================

18:53:26.0468 1768 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe

18:53:27.0437 1768 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

18:53:27.0437 1768 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

18:53:27.0437 1768 1cf6efbe - detected HiddenFile.Multi.Generic (1)

18:53:27.0593 1768 Abiosdsk - ok

18:53:27.0656 1768 abp480n5 - ok

18:53:27.0781 1768 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:53:27.0781 1768 ACPI - ok

18:53:27.0859 1768 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:53:27.0875 1768 ACPIEC - ok

18:53:27.0921 1768 adpu160m - ok

18:53:28.0015 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:53:28.0015 1768 aec - ok

18:53:28.0218 1768 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

18:53:28.0218 1768 AFD - ok

18:53:28.0281 1768 Aha154x - ok

18:53:28.0375 1768 aic78u2 - ok

18:53:28.0437 1768 aic78xx - ok

18:53:28.0546 1768 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

18:53:28.0546 1768 AliIde - ok

18:53:28.0609 1768 amsint - ok

18:53:28.0828 1768 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:53:28.0828 1768 Arp1394 - ok

18:53:28.0890 1768 asc - ok

18:53:28.0953 1768 asc3350p - ok

18:53:29.0031 1768 asc3550 - ok

18:53:29.0156 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:53:29.0156 1768 AsyncMac - ok

18:53:29.0234 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:53:29.0234 1768 atapi - ok

18:53:29.0390 1768 Atdisk - ok

18:53:29.0500 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:53:29.0515 1768 Atmarpc - ok

18:53:29.0625 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:53:29.0625 1768 audstub - ok

18:53:29.0734 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:53:29.0750 1768 Beep - ok

18:53:29.0843 1768 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys

18:53:29.0859 1768 CAMCAUD - ok

18:53:30.0062 1768 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys

18:53:30.0078 1768 CAMCHALA - ok

18:53:30.0171 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:53:30.0187 1768 cbidf2k - ok

18:53:30.0250 1768 cd20xrnt - ok

18:53:30.0359 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:53:30.0359 1768 Cdaudio - ok

18:53:30.0468 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:53:30.0468 1768 Cdfs - ok

18:53:30.0515 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:53:30.0515 1768 Cdrom - ok

18:53:30.0703 1768 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys

18:53:30.0703 1768 cfwids - ok

18:53:30.0765 1768 Changer - ok

18:53:30.0875 1768 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:53:30.0875 1768 CmBatt - ok

18:53:30.0921 1768 CmdIde - ok

18:53:31.0046 1768 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:53:31.0046 1768 Compbatt - ok

18:53:31.0140 1768 Cpqarray - ok

18:53:31.0281 1768 dac2w2k - ok

18:53:31.0359 1768 dac960nt - ok

18:53:31.0437 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:53:31.0437 1768 Disk - ok

18:53:31.0546 1768 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

18:53:31.0546 1768 dmboot - ok

18:53:31.0640 1768 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

18:53:31.0640 1768 dmio - ok

18:53:31.0765 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:53:31.0765 1768 dmload - ok

18:53:31.0937 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:53:31.0937 1768 DMusic - ok

18:53:32.0015 1768 dpti2o - ok

18:53:32.0125 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:53:32.0125 1768 drmkaud - ok

18:53:32.0234 1768 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys

18:53:32.0234 1768 eabfiltr - ok

18:53:32.0343 1768 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys

18:53:32.0359 1768 eabusb - ok

18:53:32.0484 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:53:32.0500 1768 Fastfat - ok

18:53:32.0687 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

18:53:32.0687 1768 Fdc - ok

18:53:32.0875 1768 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys

18:53:32.0875 1768 FileMonitor - ok

18:53:33.0015 1768 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

18:53:33.0015 1768 Fips - ok

18:53:33.0093 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:53:33.0093 1768 Flpydisk - ok

18:53:33.0171 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

18:53:33.0187 1768 FltMgr - ok

18:53:33.0390 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:53:33.0390 1768 Fs_Rec - ok

18:53:33.0468 1768 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:53:33.0468 1768 Ftdisk - ok

18:53:33.0562 1768 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys

18:53:33.0578 1768 ggflt - ok

18:53:33.0687 1768 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

18:53:33.0687 1768 ggsemc - ok

18:53:33.0796 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:53:33.0796 1768 Gpc - ok

18:53:33.0906 1768 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:53:33.0906 1768 HidUsb - ok

18:53:34.0046 1768 hpn - ok

18:53:34.0187 1768 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

18:53:34.0187 1768 HSFHWICH - ok

18:53:34.0343 1768 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

18:53:34.0359 1768 HSF_DP - ok

18:53:34.0468 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:53:34.0484 1768 HTTP - ok

18:53:34.0562 1768 i2omgmt - ok

18:53:34.0703 1768 i2omp - ok

18:53:34.0781 1768 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:53:34.0781 1768 i8042prt - ok

18:53:34.0921 1768 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

18:53:34.0937 1768 ialm - ok

18:53:35.0000 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:53:35.0015 1768 Imapi - ok

18:53:35.0140 1768 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys

18:53:35.0140 1768 InCDfs - ok

18:53:35.0203 1768 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys

18:53:35.0203 1768 InCDPass - ok

18:53:35.0375 1768 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys

18:53:35.0375 1768 InCDrec - ok

18:53:35.0453 1768 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys

18:53:35.0453 1768 incdrm - ok

18:53:35.0546 1768 ini910u - ok

18:53:35.0640 1768 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

18:53:35.0640 1768 IntelIde - ok

18:53:35.0718 1768 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:53:35.0718 1768 intelppm - ok

18:53:35.0812 1768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

18:53:35.0812 1768 Ip6Fw - ok

18:53:35.0921 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:53:35.0921 1768 IpFilterDriver - ok

18:53:36.0046 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:53:36.0046 1768 IpInIp - ok

18:53:36.0140 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:53:36.0140 1768 IpNat - ok

18:53:36.0250 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:53:36.0250 1768 IPSec - ok

18:53:36.0390 1768 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys

18:53:36.0390 1768 IPVNMon - ok

18:53:36.0484 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:53:36.0484 1768 IRENUM - ok

18:53:36.0609 1768 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:53:36.0609 1768 isapnp - ok

18:53:36.0750 1768 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys

18:53:36.0765 1768 Iviaspi - ok

18:53:36.0859 1768 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:53:36.0859 1768 Kbdclass - ok

18:53:36.0921 1768 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:53:36.0921 1768 kbdhid - ok

18:53:37.0031 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:53:37.0046 1768 kmixer - ok

18:53:37.0140 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:53:37.0140 1768 KSecDD - ok

18:53:37.0312 1768 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys

18:53:37.0312 1768 Lbd - ok

18:53:37.0406 1768 lbrtfdc - ok

18:53:37.0640 1768 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys

18:53:37.0640 1768 MDC8021X - ok

18:53:37.0734 1768 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:53:37.0734 1768 mdmxsdk - ok

18:53:37.0843 1768 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys

18:53:37.0843 1768 mfeapfk - ok

18:53:37.0953 1768 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys

18:53:37.0953 1768 mfeavfk - ok

18:53:38.0031 1768 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys

18:53:38.0031 1768 mfebopk - ok

18:53:38.0203 1768 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys

18:53:38.0203 1768 mfefirek - ok

18:53:38.0281 1768 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys

18:53:38.0296 1768 mfehidk - ok

18:53:38.0453 1768 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

18:53:38.0453 1768 mfendisk - ok

18:53:38.0468 1768 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

18:53:38.0468 1768 mfendiskmp - ok

18:53:38.0609 1768 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys

18:53:38.0609 1768 mferkdet - ok

18:53:38.0703 1768 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

18:53:38.0703 1768 mferkdk - ok

18:53:38.0890 1768 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys

18:53:38.0890 1768 mfesmfk - ok

18:53:38.0984 1768 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys

18:53:38.0984 1768 mfetdi2k - ok

18:53:39.0156 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:53:39.0156 1768 mnmdd - ok

18:53:39.0265 1768 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

18:53:39.0265 1768 Modem - ok

18:53:39.0375 1768 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:53:39.0375 1768 Mouclass - ok

18:53:39.0515 1768 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:53:39.0515 1768 mouhid - ok

18:53:39.0593 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:53:39.0593 1768 MountMgr - ok

18:53:39.0656 1768 mraid35x - ok

18:53:39.0734 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:53:39.0734 1768 MRxDAV - ok

18:53:39.0875 1768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:53:39.0890 1768 MRxSmb - ok

18:53:40.0031 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:53:40.0046 1768 Msfs - ok

18:53:40.0203 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:53:40.0203 1768 MSKSSRV - ok

18:53:40.0312 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:53:40.0312 1768 MSPCLOCK - ok

18:53:40.0406 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:53:40.0406 1768 MSPQM - ok

18:53:40.0484 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:53:40.0484 1768 mssmbios - ok

18:53:40.0593 1768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:53:40.0609 1768 Mup - ok

18:53:40.0671 1768 NAVAP - ok

18:53:40.0687 1768 NAVAPEL - ok

18:53:40.0781 1768 NAVENG - ok

18:53:40.0796 1768 NAVEX15 - ok

18:53:40.0984 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:53:40.0984 1768 NDIS - ok

18:53:41.0109 1768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:53:41.0109 1768 NdisTapi - ok

18:53:41.0156 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:53:41.0156 1768 Ndisuio - ok

18:53:41.0234 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:53:41.0234 1768 NdisWan - ok

18:53:41.0375 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:53:41.0375 1768 NDProxy - ok

18:53:41.0437 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:53:41.0437 1768 NetBIOS - ok

18:53:41.0640 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:53:41.0640 1768 NetBT - ok

18:53:41.0750 1768 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:53:41.0750 1768 NIC1394 - ok

18:53:41.0843 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:53:41.0843 1768 Npfs - ok

18:53:41.0921 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:53:41.0937 1768 Ntfs - ok

18:53:42.0046 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:53:42.0062 1768 Null - ok

18:53:42.0156 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:53:42.0156 1768 NwlnkFlt - ok

18:53:42.0343 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:53:42.0359 1768 NwlnkFwd - ok

18:53:42.0468 1768 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:53:42.0468 1768 ohci1394 - ok

18:53:42.0578 1768 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

18:53:42.0593 1768 Parport - ok

18:53:42.0671 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:53:42.0671 1768 PartMgr - ok

18:53:42.0765 1768 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

18:53:42.0765 1768 ParVdm - ok

18:53:42.0828 1768 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

18:53:42.0828 1768 PCI - ok

18:53:42.0984 1768 PCIDump - ok

18:53:43.0078 1768 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:53:43.0078 1768 PCIIde - ok

18:53:43.0187 1768 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:53:43.0187 1768 Pcmcia - ok

18:53:43.0250 1768 PDCOMP - ok

18:53:43.0359 1768 PDFRAME - ok

18:53:43.0421 1768 PDRELI - ok

18:53:43.0500 1768 PDRFRAME - ok

18:53:43.0640 1768 perc2 - ok

18:53:43.0718 1768 perc2hib - ok

18:53:43.0859 1768 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

18:53:43.0859 1768 Pfc - ok

18:53:43.0968 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:53:43.0968 1768 PptpMiniport - ok

18:53:44.0062 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:53:44.0062 1768 PSched - ok

18:53:44.0203 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:53:44.0203 1768 Ptilink - ok

18:53:44.0406 1768 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:53:44.0406 1768 PxHelp20 - ok

18:53:44.0468 1768 ql1080 - ok

18:53:44.0531 1768 Ql10wnt - ok

18:53:44.0593 1768 ql12160 - ok

18:53:44.0656 1768 ql1240 - ok

18:53:44.0734 1768 ql1280 - ok

18:53:44.0828 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:53:44.0828 1768 RasAcd - ok

18:53:44.0984 1768 Rasirda - ok

18:53:45.0093 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:53:45.0093 1768 Rasl2tp - ok

18:53:45.0171 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:53:45.0171 1768 RasPppoe - ok

18:53:45.0250 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:53:45.0250 1768 Raspti - ok

18:53:45.0343 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:53:45.0359 1768 Rdbss - ok

18:53:45.0468 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:53:45.0468 1768 RDPCDD - ok

18:53:45.0671 1768 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:53:45.0687 1768 RDPWD - ok

18:53:45.0812 1768 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:53:45.0812 1768 redbook - ok

18:53:46.0000 1768 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys

18:53:46.0000 1768 RegFilter - ok

18:53:46.0156 1768 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

18:53:46.0171 1768 RTL8023xp - ok

18:53:46.0296 1768 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:53:46.0296 1768 sdbus - ok

18:53:46.0390 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:53:46.0390 1768 Secdrv - ok

18:53:46.0546 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

18:53:46.0562 1768 serenum - ok

18:53:46.0671 1768 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

18:53:46.0671 1768 Serial - ok

18:53:46.0812 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

18:53:46.0812 1768 Sfloppy - ok

18:53:46.0890 1768 Simbad - ok

18:53:46.0984 1768 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

18:53:47.0000 1768 SMCIRDA - ok

18:53:47.0093 1768 Sparrow - ok

18:53:47.0265 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:53:47.0265 1768 splitter - ok

18:53:47.0406 1768 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

18:53:47.0406 1768 sr - ok

18:53:47.0531 1768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:53:47.0531 1768 Srv - ok

18:53:47.0609 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:53:47.0609 1768 swenum - ok

18:53:47.0671 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:53:47.0671 1768 swmidi - ok

18:53:47.0781 1768 symc810 - ok

18:53:47.0921 1768 symc8xx - ok

18:53:48.0046 1768 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys

18:53:48.0046 1768 symlcbrd - ok

18:53:48.0109 1768 sym_hi - ok

18:53:48.0171 1768 sym_u3 - ok

18:53:48.0296 1768 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:53:48.0296 1768 SynTP - ok

18:53:48.0421 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:53:48.0421 1768 sysaudio - ok

18:53:48.0625 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:53:48.0625 1768 Tcpip - ok

18:53:48.0718 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:53:48.0718 1768 TDPIPE - ok

18:53:48.0812 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:53:48.0812 1768 TDTCP - ok

18:53:48.0875 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:53:48.0890 1768 TermDD - ok

18:53:49.0000 1768 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys

18:53:49.0000 1768 tifm21 - ok

18:53:49.0078 1768 TosIde - ok

18:53:49.0281 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:53:49.0296 1768 Udfs - ok

18:53:49.0375 1768 ultra - ok

18:53:49.0468 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:53:49.0484 1768 Update - ok

18:53:49.0687 1768 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys

18:53:49.0687 1768 UrlFilter - ok

18:53:49.0765 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:53:49.0781 1768 usbccgp - ok

18:53:49.0859 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:53:49.0859 1768 usbehci - ok

18:53:50.0046 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:53:50.0046 1768 usbhub - ok

18:53:50.0093 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:53:50.0093 1768 usbprint - ok

18:53:50.0171 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:53:50.0171 1768 usbscan - ok

18:53:50.0250 1768 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:53:50.0250 1768 USBSTOR - ok

18:53:50.0359 1768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:53:50.0359 1768 usbuhci - ok

18:53:50.0421 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:53:50.0437 1768 VgaSave - ok

18:53:50.0609 1768 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

18:53:50.0609 1768 ViaIde - ok

18:53:50.0687 1768 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

18:53:50.0687 1768 VolSnap - ok

18:53:50.0890 1768 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys

18:53:50.0953 1768 w29n51 - ok

18:53:51.0031 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:53:51.0031 1768 Wanarp - ok

18:53:51.0125 1768 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:53:51.0140 1768 Wdf01000 - ok

18:53:51.0281 1768 WDICA - ok

18:53:51.0421 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:53:51.0421 1768 wdmaud - ok

18:53:51.0562 1768 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:53:51.0578 1768 winachsf - ok

18:53:51.0765 1768 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:53:51.0765 1768 WmiAcpi - ok

18:53:51.0906 1768 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:53:51.0906 1768 WS2IFSL - ok

18:53:52.0109 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:53:52.0109 1768 WudfPf - ok

18:53:52.0203 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:53:52.0203 1768 WudfRd - ok

18:53:52.0296 1768 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0

18:53:52.0406 1768 \Device\Harddisk0\DR0 - ok

18:53:52.0421 1768 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0

18:53:52.0421 1768 \Device\Harddisk0\DR0\Partition0 - ok

18:53:52.0437 1768 ============================================================

18:53:52.0437 1768 Scan finished

18:53:52.0437 1768 ============================================================

18:53:52.0453 0252 Detected object count: 1

18:53:52.0453 0252 Actual detected object count: 1

18:54:06.0984 0252 HKLM\SYSTEM\ControlSet002\services\1cf6efbe - will be deleted on reboot

18:54:07.0015 0252 HKLM\SYSTEM\ControlSet003\services\1cf6efbe - will be deleted on reboot

18:54:07.0031 0252 C:\WINDOWS\3203397148:3809022017.exe - will be deleted on reboot

18:54:07.0031 0252 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Delete

18:54:10.0687 1280 Deinitialize success

Unfortunately, dds.scr continutes 18:53:19.0125 1456 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

18:53:20.0000 1456 ============================================================

18:53:20.0000 1456 Current date / time: 2011/09/29 18:53:20.0000

18:53:20.0000 1456 SystemInfo:

18:53:20.0000 1456

18:53:20.0000 1456 OS Version: 5.1.2600 ServicePack: 3.0

18:53:20.0000 1456 Product type: Workstation

18:53:20.0000 1456 ComputerName: LAPTOP

18:53:20.0000 1456 UserName: Thanh 'Vivien'

18:53:20.0000 1456 Windows directory: C:\WINDOWS

18:53:20.0000 1456 System windows directory: C:\WINDOWS

18:53:20.0000 1456 Processor architecture: Intel x86

18:53:20.0000 1456 Number of processors: 1

18:53:20.0000 1456 Page size: 0x1000

18:53:20.0000 1456 Boot type: Safe boot with network

18:53:20.0000 1456 ============================================================

18:53:21.0593 1456 Initialize success

18:53:24.0968 1768 ============================================================

18:53:24.0968 1768 Scan started

18:53:24.0968 1768 Mode: Manual;

18:53:24.0968 1768 ============================================================

18:53:26.0468 1768 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\WINDOWS\3203397148:3809022017.exe

18:53:27.0437 1768 Suspicious file (Hidden): C:\WINDOWS\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

18:53:27.0437 1768 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

18:53:27.0437 1768 1cf6efbe - detected HiddenFile.Multi.Generic (1)

18:53:27.0593 1768 Abiosdsk - ok

18:53:27.0656 1768 abp480n5 - ok

18:53:27.0781 1768 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:53:27.0781 1768 ACPI - ok

18:53:27.0859 1768 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:53:27.0875 1768 ACPIEC - ok

18:53:27.0921 1768 adpu160m - ok

18:53:28.0015 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

18:53:28.0015 1768 aec - ok

18:53:28.0218 1768 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

18:53:28.0218 1768 AFD - ok

18:53:28.0281 1768 Aha154x - ok

18:53:28.0375 1768 aic78u2 - ok

18:53:28.0437 1768 aic78xx - ok

18:53:28.0546 1768 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

18:53:28.0546 1768 AliIde - ok

18:53:28.0609 1768 amsint - ok

18:53:28.0828 1768 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:53:28.0828 1768 Arp1394 - ok

18:53:28.0890 1768 asc - ok

18:53:28.0953 1768 asc3350p - ok

18:53:29.0031 1768 asc3550 - ok

18:53:29.0156 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:53:29.0156 1768 AsyncMac - ok

18:53:29.0234 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

18:53:29.0234 1768 atapi - ok

18:53:29.0390 1768 Atdisk - ok

18:53:29.0500 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:53:29.0515 1768 Atmarpc - ok

18:53:29.0625 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

18:53:29.0625 1768 audstub - ok

18:53:29.0734 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

18:53:29.0750 1768 Beep - ok

18:53:29.0843 1768 CAMCAUD (9ea1e669afbaab94e673cf68b37d1260) C:\WINDOWS\system32\drivers\camcaud.sys

18:53:29.0859 1768 CAMCAUD - ok

18:53:30.0062 1768 CAMCHALA (c05f17ee176399a49ef1fe74f02f7e93) C:\WINDOWS\system32\drivers\camchal.sys

18:53:30.0078 1768 CAMCHALA - ok

18:53:30.0171 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

18:53:30.0187 1768 cbidf2k - ok

18:53:30.0250 1768 cd20xrnt - ok

18:53:30.0359 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

18:53:30.0359 1768 Cdaudio - ok

18:53:30.0468 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

18:53:30.0468 1768 Cdfs - ok

18:53:30.0515 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:53:30.0515 1768 Cdrom - ok

18:53:30.0703 1768 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys

18:53:30.0703 1768 cfwids - ok

18:53:30.0765 1768 Changer - ok

18:53:30.0875 1768 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:53:30.0875 1768 CmBatt - ok

18:53:30.0921 1768 CmdIde - ok

18:53:31.0046 1768 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:53:31.0046 1768 Compbatt - ok

18:53:31.0140 1768 Cpqarray - ok

18:53:31.0281 1768 dac2w2k - ok

18:53:31.0359 1768 dac960nt - ok

18:53:31.0437 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

18:53:31.0437 1768 Disk - ok

18:53:31.0546 1768 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

18:53:31.0546 1768 dmboot - ok

18:53:31.0640 1768 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

18:53:31.0640 1768 dmio - ok

18:53:31.0765 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

18:53:31.0765 1768 dmload - ok

18:53:31.0937 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

18:53:31.0937 1768 DMusic - ok

18:53:32.0015 1768 dpti2o - ok

18:53:32.0125 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

18:53:32.0125 1768 drmkaud - ok

18:53:32.0234 1768 eabfiltr (81b7808d3b5892388f33273119c2dc31) C:\WINDOWS\system32\drivers\EABFiltr.sys

18:53:32.0234 1768 eabfiltr - ok

18:53:32.0343 1768 eabusb (1ba14da377b66278335d4b9e8824cd42) C:\WINDOWS\system32\drivers\eabusb.sys

18:53:32.0359 1768 eabusb - ok

18:53:32.0484 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

18:53:32.0500 1768 Fastfat - ok

18:53:32.0687 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

18:53:32.0687 1768 Fdc - ok

18:53:32.0875 1768 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys

18:53:32.0875 1768 FileMonitor - ok

18:53:33.0015 1768 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

18:53:33.0015 1768 Fips - ok

18:53:33.0093 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:53:33.0093 1768 Flpydisk - ok

18:53:33.0171 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

18:53:33.0187 1768 FltMgr - ok

18:53:33.0390 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:53:33.0390 1768 Fs_Rec - ok

18:53:33.0468 1768 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:53:33.0468 1768 Ftdisk - ok

18:53:33.0562 1768 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys

18:53:33.0578 1768 ggflt - ok

18:53:33.0687 1768 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

18:53:33.0687 1768 ggsemc - ok

18:53:33.0796 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:53:33.0796 1768 Gpc - ok

18:53:33.0906 1768 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:53:33.0906 1768 HidUsb - ok

18:53:34.0046 1768 hpn - ok

18:53:34.0187 1768 HSFHWICH (eecf0c3b62040f26c62b6579794c702e) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

18:53:34.0187 1768 HSFHWICH - ok

18:53:34.0343 1768 HSF_DP (4683b5d9566b8653d4580c407c8d0fbc) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

18:53:34.0359 1768 HSF_DP - ok

18:53:34.0468 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:53:34.0484 1768 HTTP - ok

18:53:34.0562 1768 i2omgmt - ok

18:53:34.0703 1768 i2omp - ok

18:53:34.0781 1768 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:53:34.0781 1768 i8042prt - ok

18:53:34.0921 1768 ialm (7b46903f26a729e68dd73ff7955dfc83) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

18:53:34.0937 1768 ialm - ok

18:53:35.0000 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:53:35.0015 1768 Imapi - ok

18:53:35.0140 1768 InCDfs (77200902562a3ffd1812c2255bbb251a) C:\WINDOWS\system32\drivers\InCDfs.sys

18:53:35.0140 1768 InCDfs - ok

18:53:35.0203 1768 InCDPass (38f80b8d8c49a0807c77b6a5e08d7875) C:\WINDOWS\system32\DRIVERS\InCDPass.sys

18:53:35.0203 1768 InCDPass - ok

18:53:35.0375 1768 InCDrec (4b313bc2ba09c551b0fb795a16688e50) C:\WINDOWS\system32\drivers\InCDrec.sys

18:53:35.0375 1768 InCDrec - ok

18:53:35.0453 1768 incdrm (49bccead3ef74fb85e150638e5966992) C:\WINDOWS\system32\drivers\incdrm.sys

18:53:35.0453 1768 incdrm - ok

18:53:35.0546 1768 ini910u - ok

18:53:35.0640 1768 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

18:53:35.0640 1768 IntelIde - ok

18:53:35.0718 1768 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:53:35.0718 1768 intelppm - ok

18:53:35.0812 1768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

18:53:35.0812 1768 Ip6Fw - ok

18:53:35.0921 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:53:35.0921 1768 IpFilterDriver - ok

18:53:36.0046 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:53:36.0046 1768 IpInIp - ok

18:53:36.0140 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:53:36.0140 1768 IpNat - ok

18:53:36.0250 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:53:36.0250 1768 IPSec - ok

18:53:36.0390 1768 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys

18:53:36.0390 1768 IPVNMon - ok

18:53:36.0484 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:53:36.0484 1768 IRENUM - ok

18:53:36.0609 1768 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:53:36.0609 1768 isapnp - ok

18:53:36.0750 1768 Iviaspi (cd8abfff1387e0f42cf6c6d7cdc19f0d) C:\WINDOWS\system32\drivers\iviaspi.sys

18:53:36.0765 1768 Iviaspi - ok

18:53:36.0859 1768 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:53:36.0859 1768 Kbdclass - ok

18:53:36.0921 1768 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:53:36.0921 1768 kbdhid - ok

18:53:37.0031 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:53:37.0046 1768 kmixer - ok

18:53:37.0140 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:53:37.0140 1768 KSecDD - ok

18:53:37.0312 1768 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys

18:53:37.0312 1768 Lbd - ok

18:53:37.0406 1768 lbrtfdc - ok

18:53:37.0640 1768 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys

18:53:37.0640 1768 MDC8021X - ok

18:53:37.0734 1768 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:53:37.0734 1768 mdmxsdk - ok

18:53:37.0843 1768 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys

18:53:37.0843 1768 mfeapfk - ok

18:53:37.0953 1768 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys

18:53:37.0953 1768 mfeavfk - ok

18:53:38.0031 1768 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys

18:53:38.0031 1768 mfebopk - ok

18:53:38.0203 1768 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys

18:53:38.0203 1768 mfefirek - ok

18:53:38.0281 1768 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys

18:53:38.0296 1768 mfehidk - ok

18:53:38.0453 1768 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

18:53:38.0453 1768 mfendisk - ok

18:53:38.0468 1768 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

18:53:38.0468 1768 mfendiskmp - ok

18:53:38.0609 1768 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys

18:53:38.0609 1768 mferkdet - ok

18:53:38.0703 1768 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

18:53:38.0703 1768 mferkdk - ok

18:53:38.0890 1768 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys

18:53:38.0890 1768 mfesmfk - ok

18:53:38.0984 1768 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys

18:53:38.0984 1768 mfetdi2k - ok

18:53:39.0156 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:53:39.0156 1768 mnmdd - ok

18:53:39.0265 1768 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

18:53:39.0265 1768 Modem - ok

18:53:39.0375 1768 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:53:39.0375 1768 Mouclass - ok

18:53:39.0515 1768 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:53:39.0515 1768 mouhid - ok

18:53:39.0593 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:53:39.0593 1768 MountMgr - ok

18:53:39.0656 1768 mraid35x - ok

18:53:39.0734 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:53:39.0734 1768 MRxDAV - ok

18:53:39.0875 1768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:53:39.0890 1768 MRxSmb - ok

18:53:40.0031 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:53:40.0046 1768 Msfs - ok

18:53:40.0203 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:53:40.0203 1768 MSKSSRV - ok

18:53:40.0312 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:53:40.0312 1768 MSPCLOCK - ok

18:53:40.0406 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:53:40.0406 1768 MSPQM - ok

18:53:40.0484 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:53:40.0484 1768 mssmbios - ok

18:53:40.0593 1768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:53:40.0609 1768 Mup - ok

18:53:40.0671 1768 NAVAP - ok

18:53:40.0687 1768 NAVAPEL - ok

18:53:40.0781 1768 NAVENG - ok

18:53:40.0796 1768 NAVEX15 - ok

18:53:40.0984 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:53:40.0984 1768 NDIS - ok

18:53:41.0109 1768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:53:41.0109 1768 NdisTapi - ok

18:53:41.0156 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:53:41.0156 1768 Ndisuio - ok

18:53:41.0234 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:53:41.0234 1768 NdisWan - ok

18:53:41.0375 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:53:41.0375 1768 NDProxy - ok

18:53:41.0437 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:53:41.0437 1768 NetBIOS - ok

18:53:41.0640 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:53:41.0640 1768 NetBT - ok

18:53:41.0750 1768 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:53:41.0750 1768 NIC1394 - ok

18:53:41.0843 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:53:41.0843 1768 Npfs - ok

18:53:41.0921 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:53:41.0937 1768 Ntfs - ok

18:53:42.0046 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:53:42.0062 1768 Null - ok

18:53:42.0156 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:53:42.0156 1768 NwlnkFlt - ok

18:53:42.0343 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:53:42.0359 1768 NwlnkFwd - ok

18:53:42.0468 1768 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:53:42.0468 1768 ohci1394 - ok

18:53:42.0578 1768 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

18:53:42.0593 1768 Parport - ok

18:53:42.0671 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:53:42.0671 1768 PartMgr - ok

18:53:42.0765 1768 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

18:53:42.0765 1768 ParVdm - ok

18:53:42.0828 1768 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

18:53:42.0828 1768 PCI - ok

18:53:42.0984 1768 PCIDump - ok

18:53:43.0078 1768 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:53:43.0078 1768 PCIIde - ok

18:53:43.0187 1768 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:53:43.0187 1768 Pcmcia - ok

18:53:43.0250 1768 PDCOMP - ok

18:53:43.0359 1768 PDFRAME - ok

18:53:43.0421 1768 PDRELI - ok

18:53:43.0500 1768 PDRFRAME - ok

18:53:43.0640 1768 perc2 - ok

18:53:43.0718 1768 perc2hib - ok

18:53:43.0859 1768 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

18:53:43.0859 1768 Pfc - ok

18:53:43.0968 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:53:43.0968 1768 PptpMiniport - ok

18:53:44.0062 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:53:44.0062 1768 PSched - ok

18:53:44.0203 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:53:44.0203 1768 Ptilink - ok

18:53:44.0406 1768 PxHelp20 (d7e32c33c08ccdbd21d47d291f30d35b) C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:53:44.0406 1768 PxHelp20 - ok

18:53:44.0468 1768 ql1080 - ok

18:53:44.0531 1768 Ql10wnt - ok

18:53:44.0593 1768 ql12160 - ok

18:53:44.0656 1768 ql1240 - ok

18:53:44.0734 1768 ql1280 - ok

18:53:44.0828 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:53:44.0828 1768 RasAcd - ok

18:53:44.0984 1768 Rasirda - ok

18:53:45.0093 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:53:45.0093 1768 Rasl2tp - ok

18:53:45.0171 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:53:45.0171 1768 RasPppoe - ok

18:53:45.0250 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:53:45.0250 1768 Raspti - ok

18:53:45.0343 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:53:45.0359 1768 Rdbss - ok

18:53:45.0468 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:53:45.0468 1768 RDPCDD - ok

18:53:45.0671 1768 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:53:45.0687 1768 RDPWD - ok

18:53:45.0812 1768 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:53:45.0812 1768 redbook - ok

18:53:46.0000 1768 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys

18:53:46.0000 1768 RegFilter - ok

18:53:46.0156 1768 RTL8023xp (1e7978c5e355407efdfc7b7328ef13e7) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

18:53:46.0171 1768 RTL8023xp - ok

18:53:46.0296 1768 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:53:46.0296 1768 sdbus - ok

18:53:46.0390 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:53:46.0390 1768 Secdrv - ok

18:53:46.0546 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

18:53:46.0562 1768 serenum - ok

18:53:46.0671 1768 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

18:53:46.0671 1768 Serial - ok

18:53:46.0812 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

18:53:46.0812 1768 Sfloppy - ok

18:53:46.0890 1768 Simbad - ok

18:53:46.0984 1768 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

18:53:47.0000 1768 SMCIRDA - ok

18:53:47.0093 1768 Sparrow - ok

18:53:47.0265 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:53:47.0265 1768 splitter - ok

18:53:47.0406 1768 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

18:53:47.0406 1768 sr - ok

18:53:47.0531 1768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:53:47.0531 1768 Srv - ok

18:53:47.0609 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:53:47.0609 1768 swenum - ok

18:53:47.0671 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:53:47.0671 1768 swmidi - ok

18:53:47.0781 1768 symc810 - ok

18:53:47.0921 1768 symc8xx - ok

18:53:48.0046 1768 symlcbrd (6596892dd5abbe48f5876a551867a166) C:\WINDOWS\system32\drivers\symlcbrd.sys

18:53:48.0046 1768 symlcbrd - ok

18:53:48.0109 1768 sym_hi - ok

18:53:48.0171 1768 sym_u3 - ok

18:53:48.0296 1768 SynTP (1a8e6b04907687a8eed75c8031b679fd) C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:53:48.0296 1768 SynTP - ok

18:53:48.0421 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:53:48.0421 1768 sysaudio - ok

18:53:48.0625 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:53:48.0625 1768 Tcpip - ok

18:53:48.0718 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:53:48.0718 1768 TDPIPE - ok

18:53:48.0812 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:53:48.0812 1768 TDTCP - ok

18:53:48.0875 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:53:48.0890 1768 TermDD - ok

18:53:49.0000 1768 tifm21 (89cc1e54f1425829894401e604170c5a) C:\WINDOWS\system32\drivers\tifm21.sys

18:53:49.0000 1768 tifm21 - ok

18:53:49.0078 1768 TosIde - ok

18:53:49.0281 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:53:49.0296 1768 Udfs - ok

18:53:49.0375 1768 ultra - ok

18:53:49.0468 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:53:49.0484 1768 Update - ok

18:53:49.0687 1768 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys

18:53:49.0687 1768 UrlFilter - ok

18:53:49.0765 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:53:49.0781 1768 usbccgp - ok

18:53:49.0859 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:53:49.0859 1768 usbehci - ok

18:53:50.0046 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:53:50.0046 1768 usbhub - ok

18:53:50.0093 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:53:50.0093 1768 usbprint - ok

18:53:50.0171 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:53:50.0171 1768 usbscan - ok

18:53:50.0250 1768 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:53:50.0250 1768 USBSTOR - ok

18:53:50.0359 1768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:53:50.0359 1768 usbuhci - ok

18:53:50.0421 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:53:50.0437 1768 VgaSave - ok

18:53:50.0609 1768 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

18:53:50.0609 1768 ViaIde - ok

18:53:50.0687 1768 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

18:53:50.0687 1768 VolSnap - ok

18:53:50.0890 1768 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys

18:53:50.0953 1768 w29n51 - ok

18:53:51.0031 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:53:51.0031 1768 Wanarp - ok

18:53:51.0125 1768 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:53:51.0140 1768 Wdf01000 - ok

18:53:51.0281 1768 WDICA - ok

18:53:51.0421 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:53:51.0421 1768 wdmaud - ok

18:53:51.0562 1768 winachsf (2a8c145e9e9e63b0071da4f35544ab9d) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:53:51.0578 1768 winachsf - ok

18:53:51.0765 1768 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:53:51.0765 1768 WmiAcpi - ok

18:53:51.0906 1768 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:53:51.0906 1768 WS2IFSL - ok

18:53:52.0109 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:53:52.0109 1768 WudfPf - ok

18:53:52.0203 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:53:52.0203 1768 WudfRd - ok

18:53:52.0296 1768 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0

18:53:52.0406 1768 \Device\Harddisk0\DR0 - ok

18:53:52.0421 1768 Boot (0x1200) (0c7a192f1bec12248432b518ac27bc15) \Device\Harddisk0\DR0\Partition0

18:53:52.0421 1768 \Device\Harddisk0\DR0\Partition0 - ok

18:53:52.0437 1768 ============================================================

18:53:52.0437 1768 Scan finished

18:53:52.0437 1768 ============================================================

18:53:52.0453 0252 Detected object count: 1

18:53:52.0453 0252 Actual detected object count: 1

18:54:06.0984 0252 HKLM\SYSTEM\ControlSet002\services\1cf6efbe - will be deleted on reboot

18:54:07.0015 0252 HKLM\SYSTEM\ControlSet003\services\1cf6efbe - will be deleted on reboot

18:54:07.0031 0252 C:\WINDOWS\3203397148:3809022017.exe - will be deleted on reboot

18:54:07.0031 0252 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Delete

18:54:10.0687 1280 Deinitialize success

Unfortunately, the dds.scr continues to freeze my machine, requiring a power-off restart.

Link to post
Share on other sites

  • Staff

Hi,

Instead, download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.