Jump to content

OpenCloud Won't Allow Scan To Complete


Recommended Posts

Hello folks.

The opencloud security malware is giving me a very hard time. After proceeding with Rkill, I can only get a few seconds into the Malwarebytes scan before it crashes. After it crashes I get a error message when trying to re-open.

As seen in previous threads, I am not the only one having issues with this. As seen in this thread http://forums.malwarebytes.org/index.php?showtopic=96493 I have already completed a TDSSKiller scan and dds. The logs are below. Your help is greatly appreciated.

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 8.0.6001.18702

Run by Carol Hall at 9:09:11 on 2011-10-03

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3292.3004 [GMT -5:00]

.

AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZUxdm722YYUS&ptb=hsYN6lpP_3JhRB299NP0YQ

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Productivity 1.12 Toolbar: {30421e54-3b57-4e5b-947c-9b6beea57683} - c:\program files\productivity_1.12\prxtbPro2.dll

uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL

uURLSearchHooks: H - No File

BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL

BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: ADC PlugIn: {19090308-636d-4e9b-a1ce-a647b6f794bf} - c:\documents and settings\carol hall\application data\innnf4aamhswjfl\sysl32.dll

BHO: Productivity 1.12 Toolbar: {30421e54-3b57-4e5b-947c-9b6beea57683} - c:\program files\productivity_1.12\prxtbPro2.dll

BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Productivity 1.12 Toolbar: {30421e54-3b57-4e5b-947c-9b6beea57683} - c:\program files\productivity_1.12\prxtbPro2.dll

TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll

TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe

mRun: [RTHDCPL] RTDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12

mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe

mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"

mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe

mRun: [DtzzPPNycA1iD28234A] c:\windows\system32\WKK88fRL9hTXjUe.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000337&p=ZUxdm722YYUS&si=&a=hsYN6lpP_3JhRB299NP0YQ&n=2011072912

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

Trusted Zone: bing.com

Trusted Zone: doccentral.com

Trusted Zone: fnismls.com

Trusted Zone: getmedianow.com

Trusted Zone: live.com

Trusted Zone: rdesk.com

Trusted Zone: rexplorer.net

Trusted Zone: safemls.net

Trusted Zone: showingtime.com

Trusted Zone: sitexdata.com

Trusted Zone: spellchecker.net

Trusted Zone: transactionpoint.com

Trusted Zone: trpoint.com

Trusted Zone: xmlsweb.com

DPF: {0854D220-A90A-466D-BC02-6683183802B7} - hxxp://daar.fnismls.com/Paragon/Codebase/FNISPrintControl.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1279034451328

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{4DC07FB7-A77B-4C46-A840-3B1FADF776EF} : DhcpNameServer = 192.168.0.1 205.171.3.25

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

LSA: Authentication Packages = msv1_0 wvauth

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\carol hall\application data\mozilla\firefox\profiles\70aj5i0l.default\

FF - component: c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll

FF - component: c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.1970.7372\npCIDetect14.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

FF - Ext: My Web Search: m3ffxtbr@mywebsearch.com - c:\program files\mywebsearch\bar\1.bin

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

.

============= SERVICES / DRIVERS ===============

.

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-7-8 108392]

R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-7-8 108392]

R3 k57w2k;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [2010-7-2 209960]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-13 135664]

S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2011-7-29 34320]

S2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2009-9-17 2477304]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-7-14 23888]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-9 105592]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-7-13 30192]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-13 135664]

S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110928.001\NAVENG.SYS [2011-9-28 86136]

S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110928.001\NAVEX15.SYS [2011-9-28 1576312]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]

.

=============== Created Last 30 ================

.

2011-10-03 13:47:51 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-03 13:47:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-30 16:21:27 -------- d-----w- c:\documents and settings\all users\application data\PC Tools

2011-09-30 15:52:11 -------- d-----w- c:\documents and settings\carol hall\application data\Malwarebytes

2011-09-30 15:51:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-09-29 17:45:40 -------- d-----w- c:\documents and settings\carol hall\application data\ayyxxA1uvD

2011-09-29 17:41:57 -------- d-----w- c:\documents and settings\carol hall\application data\lXwwjjUVelIBzPy

2011-09-29 17:41:05 -------- d-----w- c:\documents and settings\carol hall\application data\wxAA00uvS2ob3pG

2011-09-29 17:33:30 -------- d-----w- c:\documents and settings\carol hall\application data\innnF4aamHsWJfL

2011-09-29 17:33:29 -------- d-----w- c:\documents and settings\carol hall\application data\XNttxxP0ucS2bDp

2011-09-29 17:26:13 -------- d-----w- c:\documents and settings\carol hall\application data\lyyxxA1uvD2oF4m

2011-09-29 17:26:13 -------- d-----w- c:\documents and settings\carol hall\application data\akkIIBrzPN

2011-09-29 17:26:07 2426368 ----a-w- c:\windows\system32\WKK88fRL9hTXjUe.exe

2011-09-29 17:26:06 -------- d-----w- c:\documents and settings\carol hall\application data\FnnnG55aQH6W

.

==================== Find3M ====================

.

2011-10-03 14:04:04 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-07-29 16:03:19 38320 ----a-w- c:\windows\system32\f3PSSavr.scr

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

.

============= FINISH: 9:09:47.46 ===============

09:01:45.0640 0232 TDSS rootkit removing tool 2.6.3.0 Oct 1 2011 13:14:27

09:01:46.0281 0232 ============================================================

09:01:46.0281 0232 Current date / time: 2011/10/03 09:01:46.0281

09:01:46.0281 0232 SystemInfo:

09:01:46.0281 0232

09:01:46.0281 0232 OS Version: 5.1.2600 ServicePack: 3.0

09:01:46.0281 0232 Product type: Workstation

09:01:46.0281 0232 ComputerName: CBEWR-02

09:01:46.0281 0232 UserName: Carol Hall

09:01:46.0281 0232 Windows directory: C:\WINDOWS

09:01:46.0281 0232 System windows directory: C:\WINDOWS

09:01:46.0281 0232 Processor architecture: Intel x86

09:01:46.0281 0232 Number of processors: 2

09:01:46.0281 0232 Page size: 0x1000

09:01:46.0281 0232 Boot type: Safe boot with network

09:01:46.0281 0232 ============================================================

09:01:47.0281 0232 Initialize success

09:02:08.0734 1836 ============================================================

09:02:08.0734 1836 Scan started

09:02:08.0734 1836 Mode: Manual;

09:02:08.0734 1836 ============================================================

09:02:09.0328 1836 28374799 (72b3f8ea9234c21c094632edc1b0bafa) C:\WINDOWS\2571581224:3620255846.exe

09:02:09.0984 1836 Suspicious file (Hidden): C:\WINDOWS\2571581224:3620255846.exe. md5: 72b3f8ea9234c21c094632edc1b0bafa

09:02:09.0984 1836 28374799 ( HiddenFile.Multi.Generic ) - warning

09:02:09.0984 1836 28374799 - detected HiddenFile.Multi.Generic (1)

09:02:10.0046 1836 Abiosdsk - ok

09:02:10.0093 1836 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

09:02:10.0093 1836 abp480n5 - ok

09:02:10.0125 1836 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:02:10.0125 1836 ACPI - ok

09:02:10.0156 1836 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:02:10.0156 1836 ACPIEC - ok

09:02:10.0218 1836 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

09:02:10.0218 1836 adpu160m - ok

09:02:10.0250 1836 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:02:10.0250 1836 aec - ok

09:02:10.0296 1836 AFD (4f25d575a79ff134f0213aebb824f317) C:\WINDOWS\System32\drivers\afd.sys

09:02:10.0296 1836 Suspicious file (Forged): C:\WINDOWS\System32\drivers\afd.sys. Real md5: 4f25d575a79ff134f0213aebb824f317, Fake md5: 355556d9e580915118cd7ef736653a89

09:02:10.0296 1836 AFD ( Rootkit.Win32.ZAccess.e ) - infected

09:02:10.0296 1836 AFD - detected Rootkit.Win32.ZAccess.e (0)

09:02:10.0421 1836 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

09:02:10.0421 1836 agp440 - ok

09:02:10.0468 1836 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

09:02:10.0468 1836 agpCPQ - ok

09:02:10.0484 1836 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

09:02:10.0484 1836 Aha154x - ok

09:02:10.0500 1836 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

09:02:10.0500 1836 aic78u2 - ok

09:02:10.0515 1836 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

09:02:10.0515 1836 aic78xx - ok

09:02:10.0562 1836 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

09:02:10.0562 1836 AliIde - ok

09:02:10.0593 1836 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

09:02:10.0593 1836 alim1541 - ok

09:02:10.0625 1836 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

09:02:10.0625 1836 amdagp - ok

09:02:10.0640 1836 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

09:02:10.0640 1836 amsint - ok

09:02:10.0703 1836 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

09:02:10.0703 1836 asc - ok

09:02:10.0718 1836 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

09:02:10.0718 1836 asc3350p - ok

09:02:10.0734 1836 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

09:02:10.0734 1836 asc3550 - ok

09:02:10.0812 1836 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:02:10.0812 1836 AsyncMac - ok

09:02:10.0859 1836 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:02:10.0859 1836 atapi - ok

09:02:10.0875 1836 Atdisk - ok

09:02:10.0906 1836 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:02:10.0906 1836 Atmarpc - ok

09:02:10.0937 1836 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:02:10.0937 1836 audstub - ok

09:02:10.0968 1836 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:02:10.0968 1836 Beep - ok

09:02:11.0000 1836 Blfp (3edae8e7b40257da798c6952edb26eb0) C:\WINDOWS\system32\DRIVERS\baspxp32.sys

09:02:11.0000 1836 Blfp - ok

09:02:11.0062 1836 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

09:02:11.0062 1836 cbidf - ok

09:02:11.0078 1836 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:02:11.0078 1836 cbidf2k - ok

09:02:11.0125 1836 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

09:02:11.0125 1836 cd20xrnt - ok

09:02:11.0156 1836 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:02:11.0156 1836 Cdaudio - ok

09:02:11.0171 1836 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:02:11.0171 1836 Cdfs - ok

09:02:11.0218 1836 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:02:11.0218 1836 Cdrom - ok

09:02:11.0218 1836 Changer - ok

09:02:11.0281 1836 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

09:02:11.0281 1836 CmdIde - ok

09:02:11.0359 1836 COH_Mon (c586875ece5318c6309ed1ab79d0e55f) C:\WINDOWS\system32\Drivers\COH_Mon.sys

09:02:11.0359 1836 COH_Mon - ok

09:02:11.0421 1836 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

09:02:11.0421 1836 Cpqarray - ok

09:02:11.0437 1836 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

09:02:11.0437 1836 dac2w2k - ok

09:02:11.0453 1836 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

09:02:11.0453 1836 dac960nt - ok

09:02:11.0500 1836 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:02:11.0500 1836 Disk - ok

09:02:11.0531 1836 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:02:11.0546 1836 dmboot - ok

09:02:11.0578 1836 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:02:11.0578 1836 dmio - ok

09:02:11.0578 1836 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:02:11.0578 1836 dmload - ok

09:02:11.0640 1836 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:02:11.0656 1836 DMusic - ok

09:02:11.0703 1836 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

09:02:11.0703 1836 dpti2o - ok

09:02:11.0734 1836 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:02:11.0734 1836 drmkaud - ok

09:02:11.0812 1836 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

09:02:11.0812 1836 eeCtrl - ok

09:02:11.0906 1836 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

09:02:11.0906 1836 EraserUtilRebootDrv - ok

09:02:11.0984 1836 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:02:12.0000 1836 Fastfat - ok

09:02:12.0031 1836 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

09:02:12.0031 1836 Fdc - ok

09:02:12.0046 1836 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:02:12.0046 1836 Fips - ok

09:02:12.0078 1836 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

09:02:12.0078 1836 Flpydisk - ok

09:02:12.0078 1836 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

09:02:12.0078 1836 FltMgr - ok

09:02:12.0125 1836 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:02:12.0125 1836 Fs_Rec - ok

09:02:12.0140 1836 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:02:12.0140 1836 Ftdisk - ok

09:02:12.0171 1836 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

09:02:12.0171 1836 GEARAspiWDM - ok

09:02:12.0218 1836 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:02:12.0218 1836 Gpc - ok

09:02:12.0296 1836 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

09:02:12.0296 1836 HDAudBus - ok

09:02:12.0343 1836 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:02:12.0343 1836 hidusb - ok

09:02:12.0375 1836 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

09:02:12.0375 1836 hpn - ok

09:02:12.0421 1836 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:02:12.0421 1836 HTTP - ok

09:02:12.0468 1836 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

09:02:12.0468 1836 i2omgmt - ok

09:02:12.0500 1836 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

09:02:12.0500 1836 i2omp - ok

09:02:12.0640 1836 ialm (a01bb8da8d73bca83702a4cf1cd56dce) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

09:02:12.0750 1836 ialm - ok

09:02:12.0796 1836 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:02:12.0796 1836 Imapi - ok

09:02:12.0843 1836 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

09:02:12.0843 1836 ini910u - ok

09:02:12.0984 1836 IntcAzAudAddService (9126d796a5101765650cc39d99c5ace7) C:\WINDOWS\system32\drivers\RtDHDAud.sys

09:02:13.0062 1836 IntcAzAudAddService - ok

09:02:13.0140 1836 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

09:02:13.0140 1836 IntelIde - ok

09:02:13.0187 1836 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:02:13.0187 1836 intelppm - ok

09:02:13.0203 1836 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

09:02:13.0203 1836 Ip6Fw - ok

09:02:13.0218 1836 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:02:13.0218 1836 IpFilterDriver - ok

09:02:13.0234 1836 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:02:13.0234 1836 IpInIp - ok

09:02:13.0265 1836 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:02:13.0265 1836 IpNat - ok

09:02:13.0296 1836 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:02:13.0296 1836 IPSec - ok

09:02:13.0328 1836 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

09:02:13.0328 1836 IRENUM - ok

09:02:13.0359 1836 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:02:13.0359 1836 isapnp - ok

09:02:13.0390 1836 k57w2k (997190701bd80dd0f4412ed202cc7816) C:\WINDOWS\system32\DRIVERS\k57xp32.sys

09:02:13.0390 1836 k57w2k - ok

09:02:13.0437 1836 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:02:13.0437 1836 Kbdclass - ok

09:02:13.0437 1836 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

09:02:13.0437 1836 kbdhid - ok

09:02:13.0484 1836 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

09:02:13.0484 1836 kmixer - ok

09:02:13.0515 1836 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

09:02:13.0515 1836 KSecDD - ok

09:02:13.0546 1836 lbrtfdc - ok

09:02:13.0609 1836 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

09:02:13.0625 1836 mnmdd - ok

09:02:13.0640 1836 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

09:02:13.0640 1836 Modem - ok

09:02:13.0671 1836 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:02:13.0671 1836 Mouclass - ok

09:02:13.0687 1836 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:02:13.0687 1836 mouhid - ok

09:02:13.0703 1836 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

09:02:13.0703 1836 MountMgr - ok

09:02:13.0718 1836 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

09:02:13.0734 1836 mraid35x - ok

09:02:13.0765 1836 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:02:13.0765 1836 MRxDAV - ok

09:02:13.0796 1836 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:02:13.0812 1836 MRxSmb - ok

09:02:13.0828 1836 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

09:02:13.0828 1836 Msfs - ok

09:02:13.0875 1836 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:02:13.0875 1836 MSKSSRV - ok

09:02:13.0890 1836 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:02:13.0890 1836 MSPCLOCK - ok

09:02:13.0906 1836 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

09:02:13.0906 1836 MSPQM - ok

09:02:13.0953 1836 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:02:13.0953 1836 mssmbios - ok

09:02:13.0984 1836 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

09:02:13.0984 1836 Mup - ok

09:02:14.0093 1836 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110928.001\NAVENG.SYS

09:02:14.0093 1836 NAVENG - ok

09:02:14.0187 1836 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110928.001\NAVEX15.SYS

09:02:14.0218 1836 NAVEX15 - ok

09:02:14.0343 1836 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

09:02:14.0343 1836 NDIS - ok

09:02:14.0390 1836 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:02:14.0390 1836 NdisTapi - ok

09:02:14.0421 1836 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:02:14.0421 1836 Ndisuio - ok

09:02:14.0453 1836 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:02:14.0453 1836 NdisWan - ok

09:02:14.0500 1836 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

09:02:14.0500 1836 NDProxy - ok

09:02:14.0531 1836 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

09:02:14.0531 1836 NetBIOS - ok

09:02:14.0562 1836 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

09:02:14.0562 1836 NetBT - ok

09:02:14.0625 1836 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

09:02:14.0625 1836 Npfs - ok

09:02:14.0671 1836 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

09:02:14.0687 1836 Ntfs - ok

09:02:14.0765 1836 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

09:02:14.0765 1836 Null - ok

09:02:14.0796 1836 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:02:14.0796 1836 NwlnkFlt - ok

09:02:14.0828 1836 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:02:14.0828 1836 NwlnkFwd - ok

09:02:14.0890 1836 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

09:02:14.0890 1836 Parport - ok

09:02:14.0906 1836 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

09:02:14.0906 1836 PartMgr - ok

09:02:14.0921 1836 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

09:02:14.0937 1836 ParVdm - ok

09:02:14.0984 1836 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys

09:02:14.0984 1836 PBADRV - ok

09:02:15.0046 1836 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

09:02:15.0046 1836 PCI - ok

09:02:15.0062 1836 PCIDump - ok

09:02:15.0093 1836 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

09:02:15.0093 1836 PCIIde - ok

09:02:15.0187 1836 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

09:02:15.0187 1836 Pcmcia - ok

09:02:15.0187 1836 PDCOMP - ok

09:02:15.0234 1836 PDFRAME - ok

09:02:15.0250 1836 PDRELI - ok

09:02:15.0281 1836 PDRFRAME - ok

09:02:15.0343 1836 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

09:02:15.0343 1836 perc2 - ok

09:02:15.0390 1836 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

09:02:15.0390 1836 perc2hib - ok

09:02:15.0484 1836 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:02:15.0484 1836 PptpMiniport - ok

09:02:15.0531 1836 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

09:02:15.0531 1836 PSched - ok

09:02:15.0562 1836 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:02:15.0562 1836 Ptilink - ok

09:02:15.0609 1836 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\WINDOWS\system32\Drivers\PxHelp20.sys

09:02:15.0609 1836 PxHelp20 - ok

09:02:15.0625 1836 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

09:02:15.0625 1836 ql1080 - ok

09:02:15.0656 1836 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

09:02:15.0656 1836 Ql10wnt - ok

09:02:15.0671 1836 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

09:02:15.0671 1836 ql12160 - ok

09:02:15.0687 1836 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

09:02:15.0687 1836 ql1240 - ok

09:02:15.0703 1836 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

09:02:15.0703 1836 ql1280 - ok

09:02:15.0718 1836 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:02:15.0718 1836 RasAcd - ok

09:02:15.0781 1836 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:02:15.0781 1836 Rasl2tp - ok

09:02:15.0796 1836 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:02:15.0796 1836 RasPppoe - ok

09:02:15.0828 1836 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

09:02:15.0828 1836 Raspti - ok

09:02:15.0843 1836 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:02:15.0843 1836 Rdbss - ok

09:02:15.0859 1836 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:02:15.0859 1836 RDPCDD - ok

09:02:15.0890 1836 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

09:02:15.0890 1836 rdpdr - ok

09:02:15.0937 1836 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

09:02:15.0937 1836 RDPWD - ok

09:02:15.0984 1836 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

09:02:15.0984 1836 redbook - ok

09:02:16.0078 1836 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:02:16.0078 1836 Secdrv - ok

09:02:16.0125 1836 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

09:02:16.0125 1836 Serenum - ok

09:02:16.0156 1836 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

09:02:16.0156 1836 Serial - ok

09:02:16.0203 1836 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

09:02:16.0203 1836 Sfloppy - ok

09:02:16.0218 1836 Simbad - ok

09:02:16.0312 1836 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

09:02:16.0312 1836 sisagp - ok

09:02:16.0421 1836 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

09:02:16.0437 1836 Sparrow - ok

09:02:16.0484 1836 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

09:02:16.0484 1836 SPBBCDrv - ok

09:02:16.0562 1836 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

09:02:16.0562 1836 splitter - ok

09:02:16.0609 1836 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

09:02:16.0609 1836 sr - ok

09:02:16.0640 1836 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\WINDOWS\system32\Drivers\SRTSP.SYS

09:02:16.0656 1836 SRTSP - ok

09:02:16.0671 1836 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\WINDOWS\system32\Drivers\SRTSPL.SYS

09:02:16.0687 1836 SRTSPL - ok

09:02:16.0703 1836 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\WINDOWS\system32\Drivers\SRTSPX.SYS

09:02:16.0703 1836 SRTSPX - ok

09:02:16.0750 1836 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

09:02:16.0750 1836 Srv - ok

09:02:16.0812 1836 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

09:02:16.0828 1836 swenum - ok

09:02:16.0859 1836 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

09:02:16.0859 1836 swmidi - ok

09:02:16.0921 1836 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

09:02:16.0921 1836 symc810 - ok

09:02:16.0937 1836 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

09:02:16.0937 1836 symc8xx - ok

09:02:17.0000 1836 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

09:02:17.0000 1836 SymEvent - ok

09:02:17.0015 1836 SYMREDRV (394b2368212114d538316812af60fddd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS

09:02:17.0031 1836 SYMREDRV - ok

09:02:17.0046 1836 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\WINDOWS\System32\Drivers\SYMTDI.SYS

09:02:17.0046 1836 SYMTDI - ok

09:02:17.0093 1836 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

09:02:17.0093 1836 sym_hi - ok

09:02:17.0093 1836 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

09:02:17.0093 1836 sym_u3 - ok

09:02:17.0125 1836 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

09:02:17.0140 1836 sysaudio - ok

09:02:17.0187 1836 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:02:17.0203 1836 Tcpip - ok

09:02:17.0343 1836 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

09:02:17.0343 1836 TDPIPE - ok

09:02:17.0390 1836 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

09:02:17.0390 1836 TDTCP - ok

09:02:17.0468 1836 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

09:02:17.0468 1836 TermDD - ok

09:02:17.0546 1836 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

09:02:17.0546 1836 TosIde - ok

09:02:17.0625 1836 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

09:02:17.0640 1836 Udfs - ok

09:02:17.0703 1836 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

09:02:17.0703 1836 ultra - ok

09:02:17.0750 1836 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

09:02:17.0750 1836 Update - ok

09:02:17.0890 1836 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:02:17.0890 1836 usbccgp - ok

09:02:17.0953 1836 usbehci (4bac8df07f1d8434fc640e677a62204e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:02:17.0953 1836 usbehci - ok

09:02:18.0000 1836 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:02:18.0000 1836 usbhub - ok

09:02:18.0046 1836 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

09:02:18.0046 1836 usbprint - ok

09:02:18.0093 1836 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

09:02:18.0093 1836 usbscan - ok

09:02:18.0125 1836 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:02:18.0125 1836 USBSTOR - ok

09:02:18.0156 1836 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:02:18.0156 1836 usbuhci - ok

09:02:18.0203 1836 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

09:02:18.0203 1836 VgaSave - ok

09:02:18.0218 1836 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

09:02:18.0218 1836 viaagp - ok

09:02:18.0234 1836 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

09:02:18.0234 1836 ViaIde - ok

09:02:18.0296 1836 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

09:02:18.0296 1836 VolSnap - ok

09:02:18.0359 1836 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:02:18.0359 1836 Wanarp - ok

09:02:18.0406 1836 WavxDMgr (e1369c7a53c76eb681afd0eba348b45a) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys

09:02:18.0406 1836 WavxDMgr - ok

09:02:18.0406 1836 WDICA - ok

09:02:18.0437 1836 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

09:02:18.0437 1836 wdmaud - ok

09:02:18.0625 1836 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

09:02:18.0625 1836 WmiAcpi - ok

09:02:18.0796 1836 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

09:02:18.0796 1836 WS2IFSL - ok

09:02:18.0843 1836 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

09:02:18.0843 1836 WudfPf - ok

09:02:18.0859 1836 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

09:02:18.0875 1836 WudfRd - ok

09:02:18.0921 1836 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

09:02:18.0937 1836 \Device\Harddisk0\DR0 - ok

09:02:18.0937 1836 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR3

09:02:18.0953 1836 \Device\Harddisk1\DR3 - ok

09:02:18.0953 1836 Boot (0x1200) (990834bcb1bb91debd54f46935edb11f) \Device\Harddisk0\DR0\Partition0

09:02:18.0953 1836 \Device\Harddisk0\DR0\Partition0 - ok

09:02:18.0968 1836 Boot (0x1200) (16ea8c716b9a39e87fa3ef98f0a71e7c) \Device\Harddisk1\DR3\Partition0

09:02:18.0968 1836 \Device\Harddisk1\DR3\Partition0 - ok

09:02:18.0968 1836 ============================================================

09:02:18.0968 1836 Scan finished

09:02:18.0968 1836 ============================================================

09:02:19.0000 0736 Detected object count: 2

09:02:19.0000 0736 Actual detected object count: 2

09:03:13.0718 0736 HKLM\SYSTEM\ControlSet001\services\28374799 - will be deleted on reboot

09:03:13.0734 0736 HKLM\SYSTEM\ControlSet003\services\28374799 - will be deleted on reboot

09:03:13.0734 0736 C:\WINDOWS\2571581224:3620255846.exe - will be deleted on reboot

09:03:13.0734 0736 28374799 ( HiddenFile.Multi.Generic ) - User select action: Delete

09:03:14.0375 0736 Backup copy found, using it..

09:03:14.0390 0736 C:\WINDOWS\System32\drivers\afd.sys - will be cured on reboot

09:03:14.0390 0736 AFD ( Rootkit.Win32.ZAccess.e ) - User select action: Cure

09:03:36.0968 0224 Deinitialize success

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.