Jump to content

Can't run Malwarebites Scan or any other antivirus scans, Had OpenCloud AV


Recommended Posts

My computer runs on Windows Vista. I noticed that I had OpenCloud AV and tried running Malwarebytes scan after updating to the current version and updating the database. The scan ran for a few seconds and ended. Now I can't start it. I can't start Microsoft Security Essentials either. I tried RKill and tried running in safe mode with network nothing helped.

Here is the TDSSKiller log, please help:

18:21:40.0415 3924 TDSS rootkit removing tool 2.6.4.0 Oct 3 2011 17:37:01

18:21:41.0013 3924 ============================================================

18:21:41.0013 3924 Current date / time: 2011/10/03 18:21:41.0013

18:21:41.0013 3924 SystemInfo:

18:21:41.0013 3924

18:21:41.0013 3924 OS Version: 6.0.6002 ServicePack: 2.0

18:21:41.0013 3924 Product type: Workstation

18:21:41.0013 3924 ComputerName: MIMI-PC

18:21:41.0013 3924 UserName: mimi

18:21:41.0013 3924 Windows directory: C:\Windows

18:21:41.0014 3924 System windows directory: C:\Windows

18:21:41.0014 3924 Processor architecture: Intel x86

18:21:41.0014 3924 Number of processors: 2

18:21:41.0014 3924 Page size: 0x1000

18:21:41.0014 3924 Boot type: Normal boot

18:21:41.0014 3924 ============================================================

18:21:41.0452 3924 Initialize success

18:21:45.0066 3952 ============================================================

18:21:45.0066 3952 Scan started

18:21:45.0066 3952 Mode: Manual;

18:21:45.0066 3952 ============================================================

18:21:45.0927 3952 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\Windows\3203397148:3809022017.exe

18:21:45.0928 3952 Suspicious file (Hidden): C:\Windows\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

18:21:45.0928 3952 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

18:21:45.0928 3952 1cf6efbe - detected HiddenFile.Multi.Generic (1)

18:21:46.0715 3952 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

18:21:46.0722 3952 ACPI - ok

18:21:46.0796 3952 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

18:21:46.0819 3952 adp94xx - ok

18:21:46.0903 3952 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

18:21:46.0911 3952 adpahci - ok

18:21:46.0965 3952 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

18:21:46.0969 3952 adpu160m - ok

18:21:47.0022 3952 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

18:21:47.0027 3952 adpu320 - ok

18:21:47.0124 3952 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

18:21:47.0136 3952 AFD - ok

18:21:47.0206 3952 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

18:21:47.0209 3952 agp440 - ok

18:21:47.0282 3952 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

18:21:47.0285 3952 aic78xx - ok

18:21:47.0355 3952 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

18:21:47.0358 3952 aliide - ok

18:21:47.0419 3952 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

18:21:47.0422 3952 amdagp - ok

18:21:47.0473 3952 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

18:21:47.0475 3952 amdide - ok

18:21:47.0513 3952 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

18:21:47.0515 3952 AmdK7 - ok

18:21:47.0565 3952 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

18:21:47.0568 3952 AmdK8 - ok

18:21:47.0697 3952 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

18:21:47.0724 3952 arc - ok

18:21:47.0819 3952 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

18:21:47.0822 3952 arcsas - ok

18:21:47.0884 3952 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

18:21:47.0886 3952 AsyncMac - ok

18:21:47.0942 3952 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

18:21:47.0945 3952 atapi - ok

18:21:48.0033 3952 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys

18:21:48.0056 3952 BCM43XV - ok

18:21:48.0115 3952 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

18:21:48.0121 3952 Beep - ok

18:21:48.0192 3952 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

18:21:48.0195 3952 blbdrive - ok

18:21:48.0275 3952 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

18:21:48.0279 3952 bowser - ok

18:21:48.0334 3952 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

18:21:48.0337 3952 BrFiltLo - ok

18:21:48.0386 3952 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

18:21:48.0388 3952 BrFiltUp - ok

18:21:48.0440 3952 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

18:21:48.0442 3952 Brserid - ok

18:21:48.0494 3952 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

18:21:48.0496 3952 BrSerWdm - ok

18:21:48.0559 3952 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

18:21:48.0561 3952 BrUsbMdm - ok

18:21:48.0601 3952 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

18:21:48.0603 3952 BrUsbSer - ok

18:21:48.0651 3952 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

18:21:48.0669 3952 BTHMODEM - ok

18:21:48.0781 3952 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

18:21:48.0783 3952 cdfs - ok

18:21:48.0882 3952 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

18:21:48.0885 3952 cdrom - ok

18:21:48.0958 3952 cfwids (7e6f7da1c4de5680820f964562548949) C:\Windows\system32\drivers\cfwids.sys

18:21:48.0959 3952 cfwids - ok

18:21:49.0025 3952 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

18:21:49.0027 3952 circlass - ok

18:21:49.0114 3952 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

18:21:49.0119 3952 CLFS - ok

18:21:49.0195 3952 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

18:21:49.0197 3952 CmBatt - ok

18:21:49.0289 3952 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

18:21:49.0297 3952 cmdide - ok

18:21:49.0335 3952 COH_Mon - ok

18:21:49.0411 3952 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

18:21:49.0413 3952 Compbatt - ok

18:21:49.0446 3952 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

18:21:49.0448 3952 crcdisk - ok

18:21:49.0490 3952 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

18:21:49.0492 3952 Crusoe - ok

18:21:49.0583 3952 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys

18:21:49.0586 3952 ctxusbm - ok

18:21:49.0680 3952 DfsC (2cb5e3b0b607ac7fb7dfd96733986e3f) C:\Windows\system32\Drivers\dfsc.sys

18:21:49.0683 3952 Suspicious file (Forged): C:\Windows\system32\Drivers\dfsc.sys. Real md5: 2cb5e3b0b607ac7fb7dfd96733986e3f, Fake md5: 622c41a07ca7e6dd91770f50d532cb6c

18:21:49.0684 3952 DfsC ( ForgedFile.Multi.Generic ) - warning

18:21:49.0684 3952 DfsC - detected ForgedFile.Multi.Generic (1)

18:21:49.0754 3952 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

18:21:49.0757 3952 disk - ok

18:21:49.0942 3952 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

18:21:49.0946 3952 dot4 - ok

18:21:50.0025 3952 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

18:21:50.0028 3952 Dot4Print - ok

18:21:50.0085 3952 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

18:21:50.0088 3952 dot4usb - ok

18:21:50.0158 3952 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

18:21:50.0160 3952 drmkaud - ok

18:21:50.0257 3952 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

18:21:50.0280 3952 DXGKrnl - ok

18:21:50.0343 3952 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

18:21:50.0347 3952 E1G60 - ok

18:21:50.0457 3952 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

18:21:50.0463 3952 Ecache - ok

18:21:50.0536 3952 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

18:21:50.0559 3952 elxstor - ok

18:21:50.0620 3952 EraserUtilRebootDrv - ok

18:21:50.0692 3952 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

18:21:50.0694 3952 ErrDev - ok

18:21:50.0803 3952 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

18:21:50.0808 3952 exfat - ok

18:21:50.0929 3952 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

18:21:50.0934 3952 fastfat - ok

18:21:50.0990 3952 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

18:21:50.0992 3952 fdc - ok

18:21:51.0071 3952 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

18:21:51.0074 3952 FileInfo - ok

18:21:51.0107 3952 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

18:21:51.0109 3952 Filetrace - ok

18:21:51.0155 3952 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

18:21:51.0156 3952 flpydisk - ok

18:21:51.0261 3952 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

18:21:51.0265 3952 FltMgr - ok

18:21:51.0326 3952 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

18:21:51.0327 3952 Fs_Rec - ok

18:21:51.0383 3952 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

18:21:51.0385 3952 gagp30kx - ok

18:21:51.0432 3952 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys

18:21:51.0434 3952 GEARAspiWDM - ok

18:21:51.0495 3952 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

18:21:51.0501 3952 HdAudAddService - ok

18:21:51.0587 3952 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:21:51.0610 3952 HDAudBus - ok

18:21:51.0672 3952 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

18:21:51.0674 3952 HidBth - ok

18:21:51.0735 3952 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

18:21:51.0737 3952 HidIr - ok

18:21:51.0784 3952 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

18:21:51.0785 3952 HidUsb - ok

18:21:51.0854 3952 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

18:21:51.0856 3952 HpCISSs - ok

18:21:51.0966 3952 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

18:21:51.0968 3952 HpqKbFiltr - ok

18:21:52.0013 3952 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys

18:21:52.0015 3952 HpqRemHid - ok

18:21:52.0085 3952 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

18:21:52.0091 3952 HSFHWAZL - ok

18:21:52.0172 3952 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS

18:21:52.0207 3952 HSF_DPV - ok

18:21:52.0297 3952 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

18:21:52.0320 3952 HTTP - ok

18:21:52.0377 3952 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

18:21:52.0379 3952 i2omp - ok

18:21:52.0431 3952 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

18:21:52.0433 3952 i8042prt - ok

18:21:52.0590 3952 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys

18:21:52.0594 3952 iaStor - ok

18:21:52.0672 3952 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

18:21:52.0679 3952 iaStorV - ok

18:21:52.0812 3952 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

18:21:52.0881 3952 igfx - ok

18:21:53.0001 3952 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

18:21:53.0002 3952 iirsp - ok

18:21:53.0099 3952 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys

18:21:53.0144 3952 IntcAzAudAddService - ok

18:21:53.0224 3952 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

18:21:53.0226 3952 intelide - ok

18:21:53.0247 3952 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

18:21:53.0248 3952 intelppm - ok

18:21:53.0286 3952 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:21:53.0288 3952 IpFilterDriver - ok

18:21:53.0346 3952 IpInIp - ok

18:21:53.0403 3952 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

18:21:53.0406 3952 IPMIDRV - ok

18:21:53.0448 3952 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

18:21:53.0452 3952 IPNAT - ok

18:21:53.0532 3952 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

18:21:53.0535 3952 IRENUM - ok

18:21:53.0587 3952 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

18:21:53.0590 3952 isapnp - ok

18:21:53.0674 3952 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

18:21:53.0678 3952 iScsiPrt - ok

18:21:53.0745 3952 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

18:21:53.0747 3952 iteatapi - ok

18:21:53.0817 3952 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

18:21:53.0819 3952 iteraid - ok

18:21:53.0876 3952 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

18:21:53.0878 3952 kbdclass - ok

18:21:53.0945 3952 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

18:21:53.0948 3952 kbdhid - ok

18:21:54.0100 3952 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys

18:21:54.0124 3952 KSecDD - ok

18:21:54.0201 3952 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

18:21:54.0204 3952 lltdio - ok

18:21:54.0280 3952 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

18:21:54.0285 3952 LSI_FC - ok

18:21:54.0336 3952 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

18:21:54.0340 3952 LSI_SAS - ok

18:21:54.0396 3952 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

18:21:54.0401 3952 LSI_SCSI - ok

18:21:54.0466 3952 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

18:21:54.0470 3952 luafv - ok

18:21:54.0570 3952 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

18:21:54.0587 3952 MBAMProtector - ok

18:21:54.0762 3952 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

18:21:54.0764 3952 megasas - ok

18:21:54.0817 3952 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

18:21:54.0840 3952 MegaSR - ok

18:21:54.0927 3952 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\Windows\system32\drivers\mfeapfk.sys

18:21:54.0929 3952 mfeapfk - ok

18:21:54.0984 3952 mfeavfk (67e961988312b1a28d6f93357b0bf998) C:\Windows\system32\drivers\mfeavfk.sys

18:21:54.0987 3952 mfeavfk - ok

18:21:55.0098 3952 mfebopk (19161b1796cf74a6a326abde309062ba) C:\Windows\system32\drivers\mfebopk.sys

18:21:55.0100 3952 mfebopk - ok

18:21:55.0190 3952 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\Windows\system32\drivers\mfefirek.sys

18:21:55.0195 3952 mfefirek - ok

18:21:55.0309 3952 mfehidk (0efab2b91b27543fe589de700de07136) C:\Windows\system32\drivers\mfehidk.sys

18:21:55.0314 3952 mfehidk - ok

18:21:55.0368 3952 mfenlfk (b4022e16569bbd1a85e68e7e78e68880) C:\Windows\system32\DRIVERS\mfenlfk.sys

18:21:55.0371 3952 mfenlfk - ok

18:21:55.0444 3952 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\Windows\system32\drivers\mferkdet.sys

18:21:55.0446 3952 mferkdet - ok

18:21:55.0504 3952 mfewfpk (183f32c79d1693170df3baecec611125) C:\Windows\system32\drivers\mfewfpk.sys

18:21:55.0507 3952 mfewfpk - ok

18:21:55.0629 3952 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

18:21:55.0631 3952 Modem - ok

18:21:55.0661 3952 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

18:21:55.0663 3952 monitor - ok

18:21:55.0715 3952 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

18:21:55.0717 3952 mouclass - ok

18:21:55.0786 3952 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

18:21:55.0789 3952 mouhid - ok

18:21:55.0826 3952 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

18:21:55.0829 3952 MountMgr - ok

18:21:55.0878 3952 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

18:21:55.0884 3952 MpFilter - ok

18:21:55.0986 3952 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

18:21:55.0990 3952 mpio - ok

18:21:56.0052 3952 MpKsl601e844b - ok

18:21:56.0149 3952 MpKsld1c23a23 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D73478-09A1-4727-8684-2410A0BABF5C}\MpKsld1c23a23.sys

18:21:56.0156 3952 MpKsld1c23a23 - ok

18:21:56.0240 3952 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

18:21:56.0243 3952 MpNWMon - ok

18:21:56.0308 3952 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

18:21:56.0311 3952 mpsdrv - ok

18:21:56.0406 3952 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

18:21:56.0408 3952 Mraid35x - ok

18:21:56.0497 3952 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

18:21:56.0501 3952 MRxDAV - ok

18:21:56.0593 3952 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:21:56.0598 3952 mrxsmb - ok

18:21:56.0693 3952 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:21:56.0702 3952 mrxsmb10 - ok

18:21:56.0827 3952 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:21:56.0852 3952 mrxsmb20 - ok

18:21:57.0036 3952 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

18:21:57.0039 3952 msahci - ok

18:21:57.0080 3952 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

18:21:57.0084 3952 msdsm - ok

18:21:57.0173 3952 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

18:21:57.0175 3952 Msfs - ok

18:21:57.0226 3952 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

18:21:57.0229 3952 msisadrv - ok

18:21:57.0289 3952 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

18:21:57.0291 3952 MSKSSRV - ok

18:21:57.0360 3952 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

18:21:57.0363 3952 MSPCLOCK - ok

18:21:57.0456 3952 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

18:21:57.0458 3952 MSPQM - ok

18:21:57.0540 3952 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

18:21:57.0546 3952 MsRPC - ok

18:21:57.0623 3952 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

18:21:57.0625 3952 mssmbios - ok

18:21:57.0738 3952 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

18:21:57.0740 3952 MSTEE - ok

18:21:57.0841 3952 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

18:21:57.0844 3952 Mup - ok

18:21:57.0944 3952 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

18:21:57.0950 3952 NativeWifiP - ok

18:21:58.0091 3952 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

18:21:58.0115 3952 NDIS - ok

18:21:58.0183 3952 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

18:21:58.0185 3952 NdisTapi - ok

18:21:58.0227 3952 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

18:21:58.0230 3952 Ndisuio - ok

18:21:58.0322 3952 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

18:21:58.0326 3952 NdisWan - ok

18:21:58.0376 3952 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

18:21:58.0379 3952 NDProxy - ok

18:21:58.0427 3952 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

18:21:58.0430 3952 NetBIOS - ok

18:21:58.0527 3952 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

18:21:58.0533 3952 netbt - ok

18:21:58.0779 3952 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys

18:21:59.0362 3952 NETw4v32 - ok

18:21:59.0467 3952 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

18:21:59.0469 3952 nfrd960 - ok

18:21:59.0529 3952 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:21:59.0532 3952 NisDrv - ok

18:21:59.0621 3952 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

18:21:59.0626 3952 Npfs - ok

18:21:59.0672 3952 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

18:21:59.0674 3952 nsiproxy - ok

18:21:59.0976 3952 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

18:22:00.0055 3952 Ntfs - ok

18:22:00.0122 3952 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

18:22:00.0126 3952 ntrigdigi - ok

18:22:00.0172 3952 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

18:22:00.0175 3952 Null - ok

18:22:00.0217 3952 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys

18:22:00.0226 3952 NVENETFD - ok

18:22:00.0314 3952 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

18:22:00.0319 3952 nvraid - ok

18:22:00.0353 3952 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

18:22:00.0385 3952 nvstor - ok

18:22:00.0523 3952 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

18:22:00.0526 3952 nv_agp - ok

18:22:00.0557 3952 NwlnkFlt - ok

18:22:00.0579 3952 NwlnkFwd - ok

18:22:00.0686 3952 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

18:22:00.0687 3952 ohci1394 - ok

18:22:00.0755 3952 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

18:22:00.0757 3952 Parport - ok

18:22:01.0025 3952 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

18:22:01.0027 3952 partmgr - ok

18:22:01.0088 3952 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

18:22:01.0089 3952 Parvdm - ok

18:22:01.0159 3952 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

18:22:01.0163 3952 pci - ok

18:22:01.0205 3952 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

18:22:01.0207 3952 pciide - ok

18:22:01.0267 3952 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

18:22:01.0272 3952 pcmcia - ok

18:22:01.0348 3952 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

18:22:01.0383 3952 PEAUTH - ok

18:22:01.0489 3952 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

18:22:01.0491 3952 PptpMiniport - ok

18:22:01.0535 3952 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

18:22:01.0537 3952 Processor - ok

18:22:01.0627 3952 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

18:22:01.0629 3952 PSched - ok

18:22:01.0722 3952 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

18:22:01.0757 3952 ql2300 - ok

18:22:01.0806 3952 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

18:22:01.0809 3952 ql40xx - ok

18:22:01.0866 3952 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

18:22:01.0868 3952 QWAVEdrv - ok

18:22:01.0909 3952 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

18:22:01.0911 3952 RasAcd - ok

18:22:02.0040 3952 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:22:02.0043 3952 Rasl2tp - ok

18:22:02.0105 3952 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

18:22:02.0108 3952 RasPppoe - ok

18:22:02.0191 3952 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

18:22:02.0194 3952 RasSstp - ok

18:22:02.0283 3952 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

18:22:02.0289 3952 rdbss - ok

18:22:02.0328 3952 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:22:02.0330 3952 RDPCDD - ok

18:22:02.0370 3952 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

18:22:02.0376 3952 rdpdr - ok

18:22:02.0415 3952 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

18:22:02.0417 3952 RDPENCDD - ok

18:22:02.0547 3952 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

18:22:02.0553 3952 RDPWD - ok

18:22:02.0641 3952 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

18:22:02.0644 3952 rimmptsk - ok

18:22:02.0675 3952 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

18:22:02.0678 3952 rimsptsk - ok

18:22:02.0716 3952 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

18:22:02.0719 3952 rismxdp - ok

18:22:02.0770 3952 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

18:22:02.0773 3952 rspndr - ok

18:22:02.0825 3952 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys

18:22:02.0841 3952 RTL8169 - ok

18:22:02.0962 3952 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

18:22:02.0966 3952 sbp2port - ok

18:22:03.0067 3952 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

18:22:03.0068 3952 sdbus - ok

18:22:03.0124 3952 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

18:22:03.0125 3952 secdrv - ok

18:22:03.0181 3952 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

18:22:03.0183 3952 Serenum - ok

18:22:03.0228 3952 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

18:22:03.0231 3952 Serial - ok

18:22:03.0277 3952 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

18:22:03.0279 3952 sermouse - ok

18:22:03.0348 3952 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

18:22:03.0350 3952 sffdisk - ok

18:22:03.0396 3952 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

18:22:03.0398 3952 sffp_mmc - ok

18:22:03.0435 3952 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

18:22:03.0436 3952 sffp_sd - ok

18:22:03.0478 3952 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

18:22:03.0480 3952 sfloppy - ok

18:22:03.0537 3952 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

18:22:03.0558 3952 sisagp - ok

18:22:03.0611 3952 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

18:22:03.0630 3952 SiSRaid2 - ok

18:22:03.0685 3952 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

18:22:03.0689 3952 SiSRaid4 - ok

18:22:03.0796 3952 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

18:22:03.0799 3952 Smb - ok

18:22:03.0989 3952 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys

18:22:04.0023 3952 smserial - ok

18:22:04.0147 3952 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

18:22:04.0149 3952 spldr - ok

18:22:04.0288 3952 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

18:22:04.0294 3952 srv - ok

18:22:04.0343 3952 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

18:22:04.0347 3952 srv2 - ok

18:22:04.0397 3952 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

18:22:04.0400 3952 srvnet - ok

18:22:04.0520 3952 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

18:22:04.0532 3952 swenum - ok

18:22:04.0662 3952 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

18:22:04.0664 3952 Symc8xx - ok

18:22:04.0705 3952 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

18:22:04.0707 3952 Sym_hi - ok

18:22:04.0747 3952 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

18:22:04.0751 3952 Sym_u3 - ok

18:22:04.0889 3952 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys

18:22:04.0900 3952 SynTP - ok

18:22:05.0066 3952 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys

18:22:05.0101 3952 Tcpip - ok

18:22:05.0175 3952 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys

18:22:05.0184 3952 Tcpip6 - ok

18:22:05.0287 3952 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys

18:22:05.0289 3952 tcpipreg - ok

18:22:05.0340 3952 tdisnap - ok

18:22:05.0446 3952 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

18:22:05.0448 3952 TDPIPE - ok

18:22:05.0505 3952 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

18:22:05.0509 3952 TDTCP - ok

18:22:05.0602 3952 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

18:22:05.0604 3952 tdx - ok

18:22:05.0669 3952 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

18:22:05.0672 3952 TermDD - ok

18:22:05.0732 3952 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:22:05.0735 3952 tssecsrv - ok

18:22:05.0773 3952 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

18:22:05.0774 3952 tunmp - ok

18:22:05.0886 3952 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

18:22:05.0888 3952 tunnel - ok

18:22:05.0947 3952 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

18:22:05.0970 3952 uagp35 - ok

18:22:06.0088 3952 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

18:22:06.0120 3952 udfs - ok

18:22:06.0174 3952 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

18:22:06.0177 3952 uliagpkx - ok

18:22:06.0245 3952 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

18:22:06.0251 3952 uliahci - ok

18:22:06.0288 3952 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

18:22:06.0292 3952 UlSata - ok

18:22:06.0365 3952 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

18:22:06.0387 3952 ulsata2 - ok

18:22:06.0440 3952 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

18:22:06.0443 3952 umbus - ok

18:22:06.0514 3952 USBAAPL (df38374e12e73c25b37b6f8a9b8622ef) C:\Windows\system32\Drivers\usbaapl.sys

18:22:06.0517 3952 USBAAPL - ok

18:22:06.0575 3952 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

18:22:06.0579 3952 usbccgp - ok

18:22:06.0630 3952 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

18:22:06.0634 3952 usbcir - ok

18:22:06.0692 3952 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

18:22:06.0695 3952 usbehci - ok

18:22:06.0758 3952 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

18:22:06.0765 3952 usbhub - ok

18:22:06.0812 3952 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys

18:22:06.0816 3952 usbohci - ok

18:22:06.0871 3952 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

18:22:06.0874 3952 usbprint - ok

18:22:06.0981 3952 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:22:06.0985 3952 USBSTOR - ok

18:22:07.0046 3952 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

18:22:07.0049 3952 usbuhci - ok

18:22:07.0101 3952 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

18:22:07.0107 3952 usbvideo - ok

18:22:07.0167 3952 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

18:22:07.0170 3952 vga - ok

18:22:07.0208 3952 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

18:22:07.0211 3952 VgaSave - ok

18:22:07.0276 3952 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

18:22:07.0280 3952 viaagp - ok

18:22:07.0326 3952 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

18:22:07.0329 3952 ViaC7 - ok

18:22:07.0369 3952 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

18:22:07.0372 3952 viaide - ok

18:22:07.0428 3952 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

18:22:07.0431 3952 volmgr - ok

18:22:07.0531 3952 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

18:22:07.0541 3952 volmgrx - ok

18:22:07.0615 3952 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

18:22:07.0628 3952 volsnap - ok

18:22:07.0690 3952 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

18:22:07.0696 3952 vsmraid - ok

18:22:07.0784 3952 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

18:22:07.0787 3952 WacomPen - ok

18:22:07.0850 3952 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:22:07.0854 3952 Wanarp - ok

18:22:07.0864 3952 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:22:07.0867 3952 Wanarpv6 - ok

18:22:07.0969 3952 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

18:22:07.0990 3952 Wd - ok

18:22:08.0179 3952 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

18:22:08.0202 3952 Wdf01000 - ok

18:22:08.0292 3952 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

18:22:08.0315 3952 winachsf - ok

18:22:08.0383 3952 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

18:22:08.0384 3952 WmiAcpi - ok

18:22:08.0474 3952 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

18:22:08.0476 3952 WpdUsb - ok

18:22:08.0519 3952 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

18:22:08.0521 3952 ws2ifsl - ok

18:22:08.0589 3952 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:22:08.0592 3952 WUDFRd - ok

18:22:08.0617 3952 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0

18:22:08.0647 3952 \Device\Harddisk0\DR0 - ok

18:22:08.0652 3952 Boot (0x1200) (1fac30270fc209710d1e782b8d80a8f2) \Device\Harddisk0\DR0\Partition0

18:22:08.0654 3952 \Device\Harddisk0\DR0\Partition0 - ok

18:22:08.0656 3952 Boot (0x1200) (486b6d319a106d46b6871fbb06ea3800) \Device\Harddisk0\DR0\Partition1

18:22:08.0657 3952 \Device\Harddisk0\DR0\Partition1 - ok

18:22:08.0659 3952 ============================================================

18:22:08.0659 3952 Scan finished

18:22:08.0659 3952 ============================================================

18:22:08.0673 3964 Detected object count: 2

18:22:08.0674 3964 Actual detected object count: 2

18:22:32.0459 3964 C:\Windows\3203397148:3809022017.exe - copied to quarantine

18:22:32.0460 3964 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Quarantine

18:22:32.0558 3964 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine

18:22:32.0558 3964 DfsC ( ForgedFile.Multi.Generic ) - User select action: Quarantine

18:22:40.0039 3036 ============================================================

18:22:40.0039 3036 Scan started

18:22:40.0039 3036 Mode: Manual;

18:22:40.0039 3036 ============================================================

18:22:40.0333 3036 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\Windows\3203397148:3809022017.exe

18:22:40.0333 3036 Suspicious file (Hidden): C:\Windows\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

18:22:40.0334 3036 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

18:22:40.0334 3036 1cf6efbe - detected HiddenFile.Multi.Generic (1)

18:22:40.0567 3036 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

18:22:40.0571 3036 ACPI - ok

18:22:40.0657 3036 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

18:22:40.0663 3036 adp94xx - ok

18:22:40.0731 3036 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

18:22:40.0735 3036 adpahci - ok

18:22:40.0804 3036 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

18:22:40.0806 3036 adpu160m - ok

18:22:40.0883 3036 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

18:22:40.0886 3036 adpu320 - ok

18:22:40.0985 3036 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

18:22:40.0990 3036 AFD - ok

18:22:41.0036 3036 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

18:22:41.0038 3036 agp440 - ok

18:22:41.0121 3036 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

18:22:41.0123 3036 aic78xx - ok

18:22:41.0194 3036 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

18:22:41.0196 3036 aliide - ok

18:22:41.0258 3036 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

18:22:41.0261 3036 amdagp - ok

18:22:41.0300 3036 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

18:22:41.0302 3036 amdide - ok

18:22:41.0351 3036 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

18:22:41.0352 3036 AmdK7 - ok

18:22:41.0404 3036 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

18:22:41.0405 3036 AmdK8 - ok

18:22:41.0459 3036 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

18:22:41.0460 3036 arc - ok

18:22:41.0511 3036 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

18:22:41.0512 3036 arcsas - ok

18:22:41.0611 3036 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

18:22:41.0615 3036 AsyncMac - ok

18:22:41.0704 3036 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

18:22:41.0705 3036 atapi - ok

18:22:41.0804 3036 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys

18:22:41.0810 3036 BCM43XV - ok

18:22:41.0888 3036 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

18:22:41.0889 3036 Beep - ok

18:22:41.0931 3036 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

18:22:41.0932 3036 blbdrive - ok

18:22:41.0980 3036 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

18:22:41.0981 3036 bowser - ok

18:22:42.0051 3036 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

18:22:42.0052 3036 BrFiltLo - ok

18:22:42.0102 3036 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

18:22:42.0103 3036 BrFiltUp - ok

18:22:42.0134 3036 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

18:22:42.0136 3036 Brserid - ok

18:22:42.0166 3036 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

18:22:42.0168 3036 BrSerWdm - ok

18:22:42.0198 3036 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

18:22:42.0199 3036 BrUsbMdm - ok

18:22:42.0240 3036 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

18:22:42.0241 3036 BrUsbSer - ok

18:22:42.0301 3036 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

18:22:42.0302 3036 BTHMODEM - ok

18:22:42.0353 3036 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

18:22:42.0355 3036 cdfs - ok

18:22:42.0443 3036 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

18:22:42.0445 3036 cdrom - ok

18:22:42.0497 3036 cfwids (7e6f7da1c4de5680820f964562548949) C:\Windows\system32\drivers\cfwids.sys

18:22:42.0498 3036 cfwids - ok

18:22:42.0575 3036 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

18:22:42.0576 3036 circlass - ok

18:22:42.0675 3036 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

18:22:42.0680 3036 CLFS - ok

18:22:42.0745 3036 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

18:22:42.0746 3036 CmBatt - ok

18:22:42.0828 3036 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

18:22:42.0829 3036 cmdide - ok

18:22:42.0862 3036 COH_Mon - ok

18:22:42.0928 3036 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

18:22:42.0929 3036 Compbatt - ok

18:22:42.0963 3036 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

18:22:42.0964 3036 crcdisk - ok

18:22:43.0029 3036 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

18:22:43.0030 3036 Crusoe - ok

18:22:43.0455 3036 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys

18:22:43.0456 3036 ctxusbm - ok

18:22:43.0719 3036 DfsC (2cb5e3b0b607ac7fb7dfd96733986e3f) C:\Windows\system32\Drivers\dfsc.sys

18:22:43.0720 3036 Suspicious file (Forged): C:\Windows\system32\Drivers\dfsc.sys. Real md5: 2cb5e3b0b607ac7fb7dfd96733986e3f, Fake md5: 622c41a07ca7e6dd91770f50d532cb6c

18:22:43.0721 3036 DfsC ( ForgedFile.Multi.Generic ) - warning

18:22:43.0721 3036 DfsC - detected ForgedFile.Multi.Generic (1)

18:22:43.0838 3036 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

18:22:43.0840 3036 disk - ok

18:22:44.0206 3036 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

18:22:44.0209 3036 dot4 - ok

18:22:44.0587 3036 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

18:22:44.0588 3036 Dot4Print - ok

18:22:44.0691 3036 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

18:22:44.0692 3036 dot4usb - ok

18:22:44.0785 3036 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

18:22:44.0787 3036 drmkaud - ok

18:22:45.0029 3036 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

18:22:45.0038 3036 DXGKrnl - ok

18:22:45.0204 3036 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

18:22:45.0207 3036 E1G60 - ok

18:22:45.0508 3036 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

18:22:45.0511 3036 Ecache - ok

18:22:45.0730 3036 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

18:22:45.0735 3036 elxstor - ok

18:22:45.0815 3036 EraserUtilRebootDrv - ok

18:22:45.0964 3036 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

18:22:45.0966 3036 ErrDev - ok

18:22:46.0066 3036 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

18:22:46.0069 3036 exfat - ok

18:22:46.0159 3036 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

18:22:46.0161 3036 fastfat - ok

18:22:46.0240 3036 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

18:22:46.0242 3036 fdc - ok

18:22:46.0332 3036 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

18:22:46.0334 3036 FileInfo - ok

18:22:46.0379 3036 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

18:22:46.0381 3036 Filetrace - ok

18:22:46.0427 3036 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

18:22:46.0429 3036 flpydisk - ok

18:22:46.0535 3036 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

18:22:46.0538 3036 FltMgr - ok

18:22:46.0732 3036 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

18:22:46.0733 3036 Fs_Rec - ok

18:22:47.0055 3036 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

18:22:47.0057 3036 gagp30kx - ok

18:22:47.0397 3036 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys

18:22:47.0399 3036 GEARAspiWDM - ok

18:22:47.0758 3036 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

18:22:47.0762 3036 HdAudAddService - ok

18:22:48.0294 3036 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:22:48.0302 3036 HDAudBus - ok

18:22:48.0634 3036 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

18:22:48.0636 3036 HidBth - ok

18:22:48.0708 3036 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

18:22:48.0710 3036 HidIr - ok

18:22:48.0845 3036 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

18:22:48.0847 3036 HidUsb - ok

18:22:49.0093 3036 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

18:22:49.0095 3036 HpCISSs - ok

18:22:49.0528 3036 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

18:22:49.0529 3036 HpqKbFiltr - ok

18:22:49.0741 3036 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys

18:22:49.0743 3036 HpqRemHid - ok

18:22:49.0897 3036 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

18:22:49.0901 3036 HSFHWAZL - ok

18:22:50.0424 3036 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS

18:22:50.0437 3036 HSF_DPV - ok

18:22:50.0727 3036 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

18:22:50.0733 3036 HTTP - ok

18:22:50.0839 3036 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

18:22:50.0841 3036 i2omp - ok

18:22:50.0917 3036 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

18:22:50.0920 3036 i8042prt - ok

18:22:51.0137 3036 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys

18:22:51.0142 3036 iaStor - ok

18:22:51.0390 3036 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

18:22:51.0394 3036 iaStorV - ok

18:22:51.0697 3036 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

18:22:51.0770 3036 igfx - ok

18:22:51.0985 3036 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

18:22:51.0986 3036 iirsp - ok

18:22:52.0491 3036 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys

18:22:52.0554 3036 IntcAzAudAddService - ok

18:22:52.0631 3036 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

18:22:52.0632 3036 intelide - ok

18:22:52.0699 3036 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

18:22:52.0701 3036 intelppm - ok

18:22:52.0792 3036 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:22:52.0794 3036 IpFilterDriver - ok

18:22:52.0812 3036 IpInIp - ok

18:22:52.0892 3036 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

18:22:52.0894 3036 IPMIDRV - ok

18:22:53.0199 3036 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

18:22:53.0201 3036 IPNAT - ok

18:22:53.0327 3036 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

18:22:53.0329 3036 IRENUM - ok

18:22:53.0638 3036 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

18:22:53.0640 3036 isapnp - ok

18:22:53.0793 3036 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

18:22:53.0796 3036 iScsiPrt - ok

18:22:53.0896 3036 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

18:22:53.0898 3036 iteatapi - ok

18:22:54.0101 3036 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

18:22:54.0103 3036 iteraid - ok

18:22:54.0427 3036 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

18:22:54.0429 3036 kbdclass - ok

18:22:54.0629 3036 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

18:22:54.0631 3036 kbdhid - ok

18:22:54.0785 3036 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys

18:22:54.0790 3036 KSecDD - ok

18:22:54.0896 3036 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

18:22:54.0898 3036 lltdio - ok

18:22:55.0065 3036 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

18:22:55.0067 3036 LSI_FC - ok

18:22:55.0331 3036 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

18:22:55.0334 3036 LSI_SAS - ok

18:22:55.0491 3036 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

18:22:55.0494 3036 LSI_SCSI - ok

18:22:55.0728 3036 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

18:22:55.0730 3036 luafv - ok

18:22:55.0832 3036 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

18:22:55.0834 3036 MBAMProtector - ok

18:22:56.0024 3036 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

18:22:56.0026 3036 megasas - ok

18:22:56.0225 3036 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

18:22:56.0228 3036 MegaSR - ok

18:22:56.0455 3036 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\Windows\system32\drivers\mfeapfk.sys

18:22:56.0456 3036 mfeapfk - ok

18:22:56.0712 3036 mfeavfk (67e961988312b1a28d6f93357b0bf998) C:\Windows\system32\drivers\mfeavfk.sys

18:22:56.0714 3036 mfeavfk - ok

18:22:56.0871 3036 mfebopk (19161b1796cf74a6a326abde309062ba) C:\Windows\system32\drivers\mfebopk.sys

18:22:56.0872 3036 mfebopk - ok

18:22:57.0046 3036 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\Windows\system32\drivers\mfefirek.sys

18:22:57.0050 3036 mfefirek - ok

18:22:57.0360 3036 mfehidk (0efab2b91b27543fe589de700de07136) C:\Windows\system32\drivers\mfehidk.sys

18:22:57.0366 3036 mfehidk - ok

18:22:57.0664 3036 mfenlfk (b4022e16569bbd1a85e68e7e78e68880) C:\Windows\system32\DRIVERS\mfenlfk.sys

18:22:57.0685 3036 mfenlfk - ok

18:22:57.0861 3036 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\Windows\system32\drivers\mferkdet.sys

18:22:57.0863 3036 mferkdet - ok

18:22:58.0214 3036 mfewfpk (183f32c79d1693170df3baecec611125) C:\Windows\system32\drivers\mfewfpk.sys

18:22:58.0216 3036 mfewfpk - ok

18:22:58.0390 3036 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

18:22:58.0392 3036 Modem - ok

18:22:58.0623 3036 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

18:22:58.0625 3036 monitor - ok

18:22:58.0733 3036 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

18:22:58.0734 3036 mouclass - ok

18:22:58.0804 3036 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

18:22:58.0805 3036 mouhid - ok

18:22:58.0866 3036 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

18:22:58.0868 3036 MountMgr - ok

18:22:59.0013 3036 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

18:22:59.0016 3036 MpFilter - ok

18:22:59.0237 3036 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

18:22:59.0239 3036 mpio - ok

18:22:59.0459 3036 MpKsl601e844b - ok

18:22:59.0634 3036 MpKsld1c23a23 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D73478-09A1-4727-8684-2410A0BABF5C}\MpKsld1c23a23.sys

18:22:59.0637 3036 MpKsld1c23a23 - ok

18:22:59.0769 3036 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

18:22:59.0770 3036 MpNWMon - ok

18:22:59.0870 3036 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

18:22:59.0872 3036 mpsdrv - ok

18:23:00.0146 3036 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

18:23:00.0147 3036 Mraid35x - ok

18:23:00.0437 3036 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

18:23:00.0440 3036 MRxDAV - ok

18:23:00.0622 3036 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:23:00.0624 3036 mrxsmb - ok

18:23:00.0722 3036 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:23:00.0725 3036 mrxsmb10 - ok

18:23:00.0900 3036 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:23:00.0903 3036 mrxsmb20 - ok

18:23:01.0121 3036 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

18:23:01.0123 3036 msahci - ok

18:23:01.0319 3036 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

18:23:01.0322 3036 msdsm - ok

18:23:01.0463 3036 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

18:23:01.0465 3036 Msfs - ok

18:23:01.0511 3036 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

18:23:01.0513 3036 msisadrv - ok

18:23:01.0673 3036 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

18:23:01.0675 3036 MSKSSRV - ok

18:23:01.0812 3036 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

18:23:01.0813 3036 MSPCLOCK - ok

18:23:01.0963 3036 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

18:23:01.0965 3036 MSPQM - ok

18:23:02.0161 3036 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

18:23:02.0165 3036 MsRPC - ok

18:23:02.0330 3036 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

18:23:02.0332 3036 mssmbios - ok

18:23:02.0378 3036 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

18:23:02.0380 3036 MSTEE - ok

18:23:02.0470 3036 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

18:23:02.0471 3036 Mup - ok

18:23:02.0618 3036 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

18:23:02.0619 3036 NativeWifiP - ok

18:23:02.0695 3036 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

18:23:02.0700 3036 NDIS - ok

18:23:02.0745 3036 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

18:23:02.0746 3036 NdisTapi - ok

18:23:02.0956 3036 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

18:23:02.0958 3036 Ndisuio - ok

18:23:03.0228 3036 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

18:23:03.0230 3036 NdisWan - ok

18:23:03.0405 3036 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

18:23:03.0407 3036 NDProxy - ok

18:23:03.0467 3036 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

18:23:03.0469 3036 NetBIOS - ok

18:23:03.0568 3036 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

18:23:03.0570 3036 netbt - ok

18:23:03.0944 3036 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys

18:23:03.0960 3036 NETw4v32 - ok

18:23:04.0085 3036 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

18:23:04.0086 3036 nfrd960 - ok

18:23:04.0212 3036 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:23:04.0214 3036 NisDrv - ok

18:23:04.0283 3036 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

18:23:04.0284 3036 Npfs - ok

18:23:04.0390 3036 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

18:23:04.0391 3036 nsiproxy - ok

18:23:04.0707 3036 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

18:23:04.0717 3036 Ntfs - ok

18:23:04.0784 3036 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

18:23:04.0786 3036 ntrigdigi - ok

18:23:04.0900 3036 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

18:23:04.0901 3036 Null - ok

18:23:04.0992 3036 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys

18:23:04.0996 3036 NVENETFD - ok

18:23:05.0134 3036 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

18:23:05.0136 3036 nvraid - ok

18:23:05.0315 3036 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

18:23:05.0317 3036 nvstor - ok

18:23:05.0385 3036 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

18:23:05.0388 3036 nv_agp - ok

18:23:05.0446 3036 NwlnkFlt - ok

18:23:05.0486 3036 NwlnkFwd - ok

18:23:05.0726 3036 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

18:23:05.0728 3036 ohci1394 - ok

18:23:05.0895 3036 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

18:23:05.0897 3036 Parport - ok

18:23:06.0054 3036 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

18:23:06.0056 3036 partmgr - ok

18:23:06.0150 3036 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

18:23:06.0152 3036 Parvdm - ok

18:23:06.0266 3036 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

18:23:06.0269 3036 pci - ok

18:23:06.0334 3036 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

18:23:06.0336 3036 pciide - ok

18:23:06.0452 3036 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

18:23:06.0454 3036 pcmcia - ok

18:23:06.0601 3036 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

18:23:06.0607 3036 PEAUTH - ok

18:23:06.0729 3036 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

18:23:06.0730 3036 PptpMiniport - ok

18:23:06.0820 3036 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

18:23:06.0821 3036 Processor - ok

18:23:06.0933 3036 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

18:23:06.0935 3036 PSched - ok

18:23:07.0205 3036 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

18:23:07.0213 3036 ql2300 - ok

18:23:07.0291 3036 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

18:23:07.0292 3036 ql40xx - ok

18:23:07.0584 3036 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

18:23:07.0585 3036 QWAVEdrv - ok

18:23:07.0683 3036 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

18:23:07.0684 3036 RasAcd - ok

18:23:07.0914 3036 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:23:07.0915 3036 Rasl2tp - ok

18:23:08.0112 3036 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

18:23:08.0113 3036 RasPppoe - ok

18:23:08.0199 3036 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

18:23:08.0201 3036 RasSstp - ok

18:23:08.0380 3036 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

18:23:08.0384 3036 rdbss - ok

18:23:08.0691 3036 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:23:08.0693 3036 RDPCDD - ok

18:23:08.0800 3036 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

18:23:08.0804 3036 rdpdr - ok

18:23:09.0005 3036 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

18:23:09.0007 3036 RDPENCDD - ok

18:23:09.0260 3036 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

18:23:09.0262 3036 RDPWD - ok

18:23:09.0371 3036 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

18:23:09.0373 3036 rimmptsk - ok

18:23:09.0582 3036 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

18:23:09.0584 3036 rimsptsk - ok

18:23:09.0713 3036 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

18:23:09.0716 3036 rismxdp - ok

18:23:09.0787 3036 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

18:23:09.0789 3036 rspndr - ok

18:23:10.0043 3036 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys

18:23:10.0044 3036 RTL8169 - ok

18:23:10.0169 3036 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

18:23:10.0172 3036 sbp2port - ok

18:23:10.0352 3036 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

18:23:10.0353 3036 sdbus - ok

18:23:10.0620 3036 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

18:23:10.0621 3036 secdrv - ok

18:23:10.0788 3036 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

18:23:10.0790 3036 Serenum - ok

18:23:10.0980 3036 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

18:23:10.0981 3036 Serial - ok

18:23:11.0151 3036 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

18:23:11.0153 3036 sermouse - ok

18:23:11.0255 3036 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

18:23:11.0257 3036 sffdisk - ok

18:23:11.0392 3036 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

18:23:11.0394 3036 sffp_mmc - ok

18:23:11.0520 3036 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

18:23:11.0522 3036 sffp_sd - ok

18:23:11.0619 3036 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

18:23:11.0620 3036 sfloppy - ok

18:23:11.0700 3036 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

18:23:11.0703 3036 sisagp - ok

18:23:11.0841 3036 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

18:23:11.0842 3036 SiSRaid2 - ok

18:23:11.0892 3036 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

18:23:11.0893 3036 SiSRaid4 - ok

18:23:12.0092 3036 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

18:23:12.0093 3036 Smb - ok

18:23:12.0308 3036 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys

18:23:12.0317 3036 smserial - ok

18:23:12.0543 3036 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

18:23:12.0544 3036 spldr - ok

18:23:12.0729 3036 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

18:23:12.0733 3036 srv - ok

18:23:12.0840 3036 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

18:23:12.0843 3036 srv2 - ok

18:23:12.0951 3036 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

18:23:12.0953 3036 srvnet - ok

18:23:13.0049 3036 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

18:23:13.0050 3036 swenum - ok

18:23:13.0259 3036 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

18:23:13.0260 3036 Symc8xx - ok

18:23:13.0335 3036 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

18:23:13.0336 3036 Sym_hi - ok

18:23:13.0443 3036 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

18:23:13.0444 3036 Sym_u3 - ok

18:23:13.0518 3036 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys

18:23:13.0520 3036 SynTP - ok

18:23:13.0845 3036 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys

18:23:13.0855 3036 Tcpip - ok

18:23:14.0052 3036 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys

18:23:14.0064 3036 Tcpip6 - ok

18:23:14.0194 3036 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys

18:23:14.0196 3036 tcpipreg - ok

18:23:14.0354 3036 tdisnap - ok

18:23:14.0431 3036 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

18:23:14.0440 3036 TDPIPE - ok

18:23:14.0691 3036 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

18:23:14.0693 3036 TDTCP - ok

18:23:14.0809 3036 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

18:23:14.0811 3036 tdx - ok

18:23:14.0976 3036 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

18:23:14.0979 3036 TermDD - ok

18:23:15.0095 3036 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:23:15.0097 3036 tssecsrv - ok

18:23:15.0191 3036 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

18:23:15.0194 3036 tunmp - ok

18:23:15.0266 3036 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

18:23:15.0268 3036 tunnel - ok

18:23:15.0355 3036 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

18:23:15.0357 3036 uagp35 - ok

18:23:15.0465 3036 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

18:23:15.0468 3036 udfs - ok

18:23:15.0603 3036 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

18:23:15.0605 3036 uliagpkx - ok

18:23:15.0696 3036 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

18:23:15.0698 3036 uliahci - ok

18:23:15.0840 3036 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

18:23:15.0841 3036 UlSata - ok

18:23:15.0917 3036 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

18:23:15.0919 3036 ulsata2 - ok

18:23:15.0991 3036 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

18:23:15.0993 3036 umbus - ok

18:23:16.0055 3036 USBAAPL (df38374e12e73c25b37b6f8a9b8622ef) C:\Windows\system32\Drivers\usbaapl.sys

18:23:16.0056 3036 USBAAPL - ok

18:23:16.0127 3036 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

18:23:16.0128 3036 usbccgp - ok

18:23:16.0226 3036 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

18:23:16.0227 3036 usbcir - ok

18:23:16.0321 3036 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

18:23:16.0323 3036 usbehci - ok

18:23:16.0513 3036 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

18:23:16.0516 3036 usbhub - ok

18:23:16.0631 3036 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys

18:23:16.0633 3036 usbohci - ok

18:23:16.0689 3036 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

18:23:16.0691 3036 usbprint - ok

18:23:16.0855 3036 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:23:16.0858 3036 USBSTOR - ok

18:23:17.0020 3036 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

18:23:17.0022 3036 usbuhci - ok

18:23:17.0187 3036 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

18:23:17.0190 3036 usbvideo - ok

18:23:17.0386 3036 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

18:23:17.0388 3036 vga - ok

18:23:17.0494 3036 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

18:23:17.0496 3036 VgaSave - ok

18:23:17.0639 3036 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

18:23:17.0642 3036 viaagp - ok

18:23:17.0811 3036 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

18:23:17.0813 3036 ViaC7 - ok

18:23:18.0013 3036 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

18:23:18.0015 3036 viaide - ok

18:23:18.0080 3036 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

18:23:18.0082 3036 volmgr - ok

18:23:18.0306 3036 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

18:23:18.0310 3036 volmgrx - ok

18:23:18.0600 3036 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

18:23:18.0604 3036 volsnap - ok

18:23:18.0753 3036 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

18:23:18.0756 3036 vsmraid - ok

18:23:18.0836 3036 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

18:23:18.0838 3036 WacomPen - ok

18:23:18.0924 3036 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:23:18.0926 3036 Wanarp - ok

18:23:18.0935 3036 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:23:18.0936 3036 Wanarpv6 - ok

18:23:19.0021 3036 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

18:23:19.0023 3036 Wd - ok

18:23:19.0186 3036 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

18:23:19.0190 3036 Wdf01000 - ok

18:23:19.0365 3036 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

18:23:19.0371 3036 winachsf - ok

18:23:19.0557 3036 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

18:23:19.0558 3036 WmiAcpi - ok

18:23:19.0648 3036 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

18:23:19.0649 3036 WpdUsb - ok

18:23:19.0748 3036 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

18:23:19.0750 3036 ws2ifsl - ok

18:23:19.0830 3036 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:23:19.0832 3036 WUDFRd - ok

18:23:19.0880 3036 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0

18:23:19.0952 3036 \Device\Harddisk0\DR0 - ok

18:23:19.0957 3036 Boot (0x1200) (1fac30270fc209710d1e782b8d80a8f2) \Device\Harddisk0\DR0\Partition0

18:23:19.0959 3036 \Device\Harddisk0\DR0\Partition0 - ok

18:23:19.0966 3036 Boot (0x1200) (486b6d319a106d46b6871fbb06ea3800) \Device\Harddisk0\DR0\Partition1

18:23:19.0968 3036 \Device\Harddisk0\DR0\Partition1 - ok

18:23:19.0970 3036 ============================================================

18:23:19.0970 3036 Scan finished

18:23:19.0970 3036 ============================================================

18:23:19.0987 3112 Detected object count: 2

18:23:19.0987 3112 Actual detected object count: 2

18:23:43.0539 3112 1cf6efbe ( HiddenFile.Multi.Generic ) - skipped by user

18:23:43.0539 3112 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Skip

18:23:43.0541 3112 DfsC ( ForgedFile.Multi.Generic ) - skipped by user

18:23:43.0541 3112 DfsC ( ForgedFile.Multi.Generic ) - User select action: Skip

18:23:51.0183 0556 Deinitialize success

Sorry here is my DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19120 BrowserJavaVersion: 1.6.0_18

Run by mimi at 20:14:32 on 2011-10-03

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1307 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

uInternet Settings,ProxyOverride = *.local

mSearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

mURLSearchHooks: FroggyBoss Class: {539f76fd-084e-4858-86d5-62f02f54ae86} - c:\program files\minibar\Froggy.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.5.0\PriceGongIE.dll

BHO: adfabonppr Object: {26d02f99-ae5b-4533-ad67-e23b4b20d60d} - c:\windows\$blstun$\qgnnv.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: Fast Search: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - c:\program files\surf canyon\surfcanyon.dll

BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: brumabonpgrm Object: {795f4311-02c9-4b7b-a9bb-78d4fe68a98d} - c:\windows\$blstun$\lmatn.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101103034751.dll

BHO: MrFroggy Class: {856e12b5-22d7-4e22-9aca-ea9a008dd65b} - c:\program files\minibar\Froggy.dll

BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - c:\program files\minibar\Kango.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: VMN Toolbar: {a057a204-bacc-4d26-8287-79a187e26987} - c:\progra~1\vmntoo~1\VMNTOO~1.DLL

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [PC Cleaners] "c:\program files\pc cleaners\PCCleaners.exe" /minimize

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

dPolicies-system: DisableRegistryTools = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files\minibar\MinibarButton.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

LSP: mswsock.dll

Trusted Zone: amscan.com\remote

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxps://remote.amscan.com/CitrixSessionInit/ICAWEB/icaweb.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4F29C21A-1E66-4C8F-AC24-B5B0B2842BEC} : DhcpNameServer = 192.168.1.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: app_dll.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mimi\appdata\roaming\mozilla\firefox\profiles\prwr21mj.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BLT&o=15554&locale=en_US&apn_uid=C07EB8DA-87CD-470A-B827-19CAA97CE44B&apn_ptnrs=HH&apn_sauid=E579F608-3B9C-4ACE-B645-FAA8E0A0AEBA&apn_dtid=&&q=

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\nos\bin\np_gp.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-8 386840]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-3-8 64304]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-3-8 164840]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 MpKsld1c23a23;MpKsld1c23a23;c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\MpKsld1c23a23.sys [2011-10-2 28752]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-2 366152]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-3-8 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-3-8 141792]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-3-8 55840]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-2 22216]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-8 152960]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-3-8 313288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-3-8 171168]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-8 52104]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-8 84264]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-18 1251720]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-03 22:22:32 -------- d-----w- C:\TDSSKiller_Quarantine

2011-10-03 01:45:52 -------- d-----w- c:\users\mimi\appdata\roaming\PC Cleaners

2011-10-03 01:45:49 5356304 ----a-w- c:\windows\uninst.exe

2011-10-03 01:45:48 -------- d-----w- c:\programdata\PC1Data

2011-10-03 01:45:48 -------- d-----w- c:\program files\PC Cleaners

2011-10-03 01:37:18 -------- d-----w- c:\programdata\ErrorEND

2011-10-03 01:37:11 -------- d-----w- c:\program files\ErrorEND

2011-10-03 01:34:06 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9ac815a5-497d-4782-ac90-48b9aed8916a}\gapaengine.dll

2011-10-03 01:33:43 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\MpKsld1c23a23.sys

2011-10-03 01:33:37 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\offreg.dll

2011-10-03 01:33:34 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\mpengine.dll

2011-10-03 01:30:10 -------- d-----w- c:\program files\Microsoft Security Client

2011-10-03 01:15:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-03 01:15:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-02 23:27:48 -------- d-----w- c:\program files\WiseFixer

2011-10-02 20:01:44 -------- d-----w- c:\programdata\PC Tools

2011-10-02 19:30:39 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-02 19:27:59 -------- d-----w- c:\users\mimi\appdata\roaming\StxA0ucS2b

2011-10-02 18:52:37 -------- d-----w- c:\users\mimi\appdata\roaming\SvD2obF4pG

2011-10-02 18:25:19 -------- d-----w- c:\users\mimi\appdata\roaming\ZG5sQJ6dE

2011-10-02 12:42:35 -------- d-----w- c:\program files\Minibar

2011-10-02 12:42:31 -------- d-----w- c:\programdata\Babylon

2011-10-02 12:42:31 -------- d-----w- c:\program files\FaceSmooch Smileys

2011-10-02 12:42:23 -------- d-----w- c:\program files\Surf Canyon

2011-10-02 12:42:21 -------- d-----w- c:\program files\PriceGong

2011-10-01 16:01:15 -------- d-----w- c:\users\mimi\.thumbnails

2011-10-01 15:55:31 -------- d-----w- c:\users\mimi\.gimp-2.6

2011-10-01 15:42:01 -------- d-----w- c:\program files\GIMP-2.0

2011-09-16 10:40:47 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

.

==================== Find3M ====================

.

2011-09-24 13:33:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-23 11:04:29 916480 ----a-w- c:\windows\system32\wininet.dll

2011-07-23 11:00:05 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-07-23 10:59:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-07-23 10:59:34 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-07-23 10:59:34 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-07-23 10:03:47 385024 ----a-w- c:\windows\system32\html.iec

2011-07-23 09:27:04 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-07-23 09:25:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

============= FINISH: 20:16:10.60 ===============

Link to post
Share on other sites

Hello and welcome to the forums

http://www.eset.eu/online-scanner

Go here to run an online scannner from ESET.

Click the green ESET Online Scanner button.

Read the End User License Agreement and check the box: YES, I accept the Terms of Use.

Click on the Start button next to it.

You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.

A new window will appear asking "Do you want to install this software?"".

Answer Yes to download and install the ActiveX controls that allows the scan to run.

Click Start.

Check Remove found threats and Scan potentially unwanted applications.

Click Scan to begin.

If offered the option to get information or buy software. Just close the window.

Wait for the scan to finish

Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic.

Link to post
Share on other sites

The infection you have is a very nasty one.

Removing it can cause the internet to stop working.

Please do not delete anything unless instructed to.

1. launch Notepad (Start>All Programs>Accessories), and copy/paste all the Quoted REGEDIT below to it. Don't forget to include REGEDIT4.

Save in: Desktop

File Name: fixme.reg

Save as Type: All files

Click: Save

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

2. Save this text as fixme.reg. Make sure the "Save as type:" is "All Files (*.*)" and save it to your desktop.

3. Double-click on fixme.reg. When it asks you to merge the information to the registry click Yes.

4.Empty Recycle Bin

Reboot and "copy/paste" a new DDS log file into this thread.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Hello,

I still have the same problems - access denied and can not run MBAM

Here is the DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19120 BrowserJavaVersion: 1.6.0_18

Run by mimi at 6:45:21 on 2011-10-07

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1942 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k Akamai

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop

uInternet Settings,ProxyOverride = *.local

mSearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

mURLSearchHooks: FroggyBoss Class: {539f76fd-084e-4858-86d5-62f02f54ae86} - c:\program files\minibar\Froggy.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.5.0\PriceGongIE.dll

BHO: adfabonppr Object: {26d02f99-ae5b-4533-ad67-e23b4b20d60d} - c:\windows\$blstun$\qgnnv.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: Fast Search: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - c:\program files\surf canyon\surfcanyon.dll

BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: brumabonpgrm Object: {795f4311-02c9-4b7b-a9bb-78d4fe68a98d} - c:\windows\$blstun$\lmatn.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101103034751.dll

BHO: MrFroggy Class: {856e12b5-22d7-4e22-9aca-ea9a008dd65b} - c:\program files\minibar\Froggy.dll

BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - c:\program files\minibar\Kango.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: VMN Toolbar: {a057a204-bacc-4d26-8287-79a187e26987} - c:\progra~1\vmntoo~1\VMNTOO~1.DLL

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [PC Cleaners] "c:\program files\pc cleaners\PCCleaners.exe" /minimize

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

dPolicies-system: DisableRegistryTools = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files\minibar\MinibarButton.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

LSP: mswsock.dll

Trusted Zone: amscan.com\remote

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxps://remote.amscan.com/CitrixSessionInit/ICAWEB/icaweb.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4F29C21A-1E66-4C8F-AC24-B5B0B2842BEC} : DhcpNameServer = 192.168.1.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mimi\appdata\roaming\mozilla\firefox\profiles\prwr21mj.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BLT&o=15554&locale=en_US&apn_uid=C07EB8DA-87CD-470A-B827-19CAA97CE44B&apn_ptnrs=HH&apn_sauid=E579F608-3B9C-4ACE-B645-FAA8E0A0AEBA&apn_dtid=&&q=

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\nos\bin\np_gp.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-3-8 386840]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-3-8 64304]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-3-8 164840]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-3-8 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-3-8 141792]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-3-8 55840]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-4 22216]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-8 152960]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-3-8 313288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-4 366152]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-3-10 271480]

S2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-3-8 171168]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-3-8 52104]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-3-8 84264]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-18 1251720]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-06 11:17:31 -------- d-s---w- C:\ComboFix

2011-10-05 22:49:18 -------- d-----w- c:\program files\ESET

2011-10-05 01:42:02 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-05 01:42:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-04 00:54:04 98816 ----a-w- c:\windows\sed.exe

2011-10-04 00:54:04 518144 ----a-w- c:\windows\SWREG.exe

2011-10-04 00:54:04 256000 ----a-w- c:\windows\PEV.exe

2011-10-04 00:54:04 208896 ----a-w- c:\windows\MBR.exe

2011-10-03 22:22:32 -------- d-----w- C:\TDSSKiller_Quarantine

2011-10-03 01:45:52 -------- d-----w- c:\users\mimi\appdata\roaming\PC Cleaners

2011-10-03 01:45:49 5356304 ----a-w- c:\windows\uninst.exe

2011-10-03 01:45:48 -------- d-----w- c:\programdata\PC1Data

2011-10-03 01:45:48 -------- d-----w- c:\program files\PC Cleaners

2011-10-03 01:37:18 -------- d-----w- c:\programdata\ErrorEND

2011-10-03 01:34:06 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9ac815a5-497d-4782-ac90-48b9aed8916a}\gapaengine.dll

2011-10-03 01:33:37 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\offreg.dll

2011-10-03 01:33:34 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{43d73478-09a1-4727-8684-2410a0babf5c}\mpengine.dll

2011-10-03 01:30:10 -------- d-----w- c:\program files\Microsoft Security Client

2011-10-02 23:27:48 -------- d-----w- c:\program files\WiseFixer

2011-10-02 20:01:44 -------- d-----w- c:\programdata\PC Tools

2011-10-02 19:30:39 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-02 19:27:59 -------- d-----w- c:\users\mimi\appdata\roaming\StxA0ucS2b

2011-10-02 18:52:37 -------- d-----w- c:\users\mimi\appdata\roaming\SvD2obF4pG

2011-10-02 18:25:19 -------- d-----w- c:\users\mimi\appdata\roaming\ZG5sQJ6dE

2011-10-02 12:42:35 -------- d-----w- c:\program files\Minibar

2011-10-02 12:42:31 -------- d-----w- c:\programdata\Babylon

2011-10-02 12:42:31 -------- d-----w- c:\program files\FaceSmooch Smileys

2011-10-02 12:42:23 -------- d-----w- c:\program files\Surf Canyon

2011-10-02 12:42:21 -------- d-----w- c:\program files\PriceGong

2011-10-01 16:01:15 -------- d-----w- c:\users\mimi\.thumbnails

2011-10-01 15:55:31 -------- d-----w- c:\users\mimi\.gimp-2.6

2011-10-01 15:42:01 -------- d-----w- c:\program files\GIMP-2.0

2011-09-16 10:40:47 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

.

==================== Find3M ====================

.

2011-09-24 13:33:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-23 11:04:29 916480 ----a-w- c:\windows\system32\wininet.dll

2011-07-23 11:00:05 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-07-23 10:59:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-07-23 10:59:34 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-07-23 10:59:34 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-07-23 10:03:47 385024 ----a-w- c:\windows\system32\html.iec

2011-07-23 09:27:04 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-07-23 09:25:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

.

============= FINISH: 6:48:28.53 ===============

Link to post
Share on other sites

Please download Dr.Web CureIt . Save it to your desktop:

  • Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in the pop-up window to allow the scan.
  • This will scan the files currently running in memory and if something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, select Complete scan.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Note:this report may need to be renamed to Dr.Web.txt in order to post it on the forum.
  • Please post the Dr.Web.txt report in your next reply
  • Close Dr.Web Cureit.
    Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on the X in the upper right corner.

Link to post
Share on other sites

Hello,

I was able to run only the fast scan. I used the EPM mode (recommended). The application closed before I could click on the full scan. I tried running it few times with the same result. Each time I closed the window suggesting to download full trial version. Should I download this?

The last message I see is about a log file.

Here is the log file:

=============================================================================

Dr.Web Scanner for Windows v6.00.11 (6.00.11.07112)

© Doctor Web, Ltd., 1992-2011

Log generated on: 2011-10-07, 19:14:08 [MIMI-PC][mimi]

Command line: "C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\34c8d_xp.exe" /lng /ini:setup_xp.ini /fast

Operating system: Windows Vista Premium x86 (Build 6002), Service Pack 2

=============================================================================

DwShield started

Engine version: 5.00 (5.00.2.03300)

Engine API version: 2.02

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\71d1616e - 451 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\12e35246 - 15297 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\05fede3c - 18573 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e85a392f - 17267 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f70175b4 - 28798 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\6233c07b - 25938 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d5e982e1 - 24658 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\909808ac - 16264 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\9c63e74a - 21563 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e94a7953 - 28282 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a947ef63 - 23517 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\0a6ec1d8 - 20563 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\cdbbf04d - 29147 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\99ebfdf6 - 20771 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a4d2d18c - 41547 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a268971d - 35434 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d6c6f6ae - 41517 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\544072b9 - 25512 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\5fac2fe9 - 28999 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\7fdb97bb - 36564 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\5feebd71 - 30676 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\986cf78f - 25157 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\7f844d09 - 21479 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\6fb0d39b - 23541 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e7188f29 - 24447 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\85d0e0c6 - 21471 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\c38407ac - 17824 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d189db7a - 18737 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\0f7f1ab2 - 8998 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\bb0dafeb - 9352 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\cea84a80 - 4901 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\07d3d344 - 7472 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\c73778b0 - 13720 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\007e93ad - 12944 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\7d89919f - 17300 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\36c6f6ac - 17443 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\31999a4e - 18483 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f161a9a2 - 14834 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ea9b83d8 - 14185 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\da3423e2 - 13370 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\140dc9a0 - 7482 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\60bde4eb - 11624 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\3d7e1301 - 10523 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2663a30d - 10122 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\bcce8e1d - 10453 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\9f8d2ba9 - 10778 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\b65b7754 - 9822 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\c17e94ea - 14045 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\778f1c98 - 7028 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\01f3dc16 - 8674 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\948363e7 - 8626 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\b028f7f8 - 8231 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\5edc1a59 - 10397 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\69b3e680 - 11234 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\4cd5f5ec - 10356 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\161e3365 - 11383 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f1594e7e - 8957 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ae2922af - 11015 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\0b77a55d - 11168 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2b5b267d - 7798 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\3a2635e5 - 7873 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\9b4aea21 - 6904 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\fe7dacc1 - 6503 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2000ec94 - 9823 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f1714e07 - 7572 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\63ed066a - 6996 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\7c50d77b - 16360 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2a7a573e - 29168 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ff063541 - 34202 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\b6591c12 - 28292 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\6aea3273 - 27164 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\74c20470 - 25131 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\69d48328 - 31464 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2fc01ab7 - 18281 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\67726bb3 - 18009 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d4a84414 - 24685 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\870a3eb7 - 13651 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ecb79a3a - 16025 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\69ef2b79 - 15644 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\46ddca0e - 23265 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d09fc6c4 - 23135 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f09287e7 - 20510 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a215a654 - 25475 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\01650c71 - 16298 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ca3999fc - 19357 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\35a7da86 - 18381 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\de3456d7 - 19562 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\f4d8d1d6 - 27102 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\c37a02f0 - 21223 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\38bb6622 - 24847 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\aab1f422 - 23251 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\616f42a1 - 14982 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d394bed2 - 16778 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\7103c265 - 18725 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e31d9cd5 - 18429 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\16b396b3 - 6220 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\6709d4af - 142240 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\42a864f7 - 66726 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2dbc4c84 - 24512 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d56abd98 - 82762 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\3356d251 - 508543 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\80ecb021 - 937 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a8a19ab0 - 1683 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\4c9ac852 - 1843 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\4b7c503c - 1694 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\c7451f4a - 1578 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\039dc04e - 1959 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2a936c65 - 2033 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e07e89d0 - 1812 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\b0e13b6b - 1738 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e1a9f036 - 1885 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\b31dee1e - 2091 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\0d31a89e - 1569 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\14e62d9e - 1834 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\25aadf42 - 932 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\efdcee00 - 2796 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\380ecabc - 2015 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\59c6db15 - 2208 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\07825a04 - 2483 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\28750bb5 - 1603 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\62b1ef05 - 1919 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a77eb01d - 1819 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\895ec109 - 2229 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2b1c6001 - 1833 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\82994feb - 1614 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\ad7cb595 - 2297 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\458ff80b - 2110 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\bd73fd61 - 2007 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\98056450 - 2370 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\01112973 - 2241 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\1179b529 - 2596 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\31d1481b - 2024 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2fec5c39 - 1609 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\70d6000c - 1471 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\3800bdac - 1445 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\8459e29e - 1895 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\31ab33be - 2312 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\67536713 - 3006 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\6aa2ec9a - 2146 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\cce2ec16 - 1714 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\8d9f078c - 2095 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\e6aa9db8 - 2715 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\2877b52f - 2545 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\d6f3bbf0 - 2801 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a15bf02f - 6197 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\a0a1370c - 28348 virus records

Total virus records: 2662833

[self-checking] C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\34c8d_xp.exe

Key file: C:\Users\mimi\AppData\Local\Temp\D1CDFA84-E3745BBE-65E8B5BC-F42267D6\setup.key

License key number: 0013622856

Registered to: An unauthorized User

License key activates on: 2011-03-10

License key expires on: 2012-03-11

=============================================================================

Link to post
Share on other sites

Delete all the files in this temp folder

C:\Users\mimi\AppData\Local\Temp <----Delete all the files

Reboot and Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

I deleted all files from folder C:\Users\mimi\AppData\Local\Temp and then restarted.

I still cannot run MBAM scan - the error I receive immediately after trying to start the application is in a window with the text "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

Link to post
Share on other sites

I would like to add that my browser gets redirected to random sites and while running Windows in Safe Mode with Network in the Task Manager I see a process with Image Name "3203397148:3809022017.exe" with description "3809022017" user SYSTEM. When I try to see the properties I receive a message "Windows cannot find c:\Windows\3203397148:3809022017.exe Make sure you typed the the name correcty and then try again."

Link to post
Share on other sites

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

In Safe Mode the result is the same.

I need to mention that after the restart, the system displayed a message if I wanted to empty the recycle bin - is this expected?

Also, after I started ComboFix in safe mode I still showed the warnings that McAfee scanner is active - it this causing the problem?

The first messages I saw briefly were

"ComboFix is preparing to run.

Access Denied. Administrator Permissions are needed to ....." and the application continued with the backup and now is showing the message "Scanning for Infected files....

This typically doesn't take more than 10 minutes

However scan times for badly infected machines may easily double"

Link to post
Share on other sites

Here is an update

I was able to re-install MBAM in safe mode and ran quick scan without updating the database because didn't have Internet connection in safe mode.

Here is the log:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7622

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.19120

10/9/2011 11:13:37 AM

mbam-log-2011-10-09 (11-13-37).txt

Scan type: Quick scan

Objects scanned: 231584

Time elapsed: 12 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 14

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 2

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Z-opti (Adware.EZula) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Context\Context-Ads (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26D02F99-AE5B-4533-AD67-E23B4B20D60D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{26D02F99-AE5B-4533-AD67-E23B4B20D60D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adfabonppr.adfabonppr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adfabonppr.adfabonppr (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{26D02F99-AE5B-4533-AD67-E23B4B20D60D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{26D02F99-AE5B-4533-AD67-E23B4B20D60D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{795F4311-02C9-4B7B-A9BB-78D4FE68A98D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{795F4311-02C9-4B7B-A9BB-78D4FE68A98D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\brumabonpgrm.brumabonpgrm.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\brumabonpgrm.brumabonpgrm (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{795F4311-02C9-4B7B-A9BB-78D4FE68A98D} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{795F4311-02C9-4B7B-A9BB-78D4FE68A98D} (Adware.Adrotator) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Value: 7bde84a2-f58f-46ec-9eac-f1f90fead080 -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\programdata\microsoft\Windows\start menu\Programs\dr. guard (Rogue.DrGuard) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

Files Infected:

c:\programdata\fiosejgfse.dll (Rogue.Trace) -> Quarantined and deleted successfully.

c:\Users\mimi\favorites\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.

c:\Windows\Temp\0.22523256599617691.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

c:\Windows\Temp\0.9092947492398703.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\smartshopper\smartshopper help.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.

Next I restarted and updated MBAM; Tried running another scan and received the same error "Access Denied..."

I opened the folder c:\ProgramFiles\Malwarebytes'Anti-Malware\ and noticed that mbam.exe has permission for Everyone and does not have permission for Administrators, so I added permissions for Administrators and changed Everyone removing Modify and Full control. After that I double clicked mbam.exe and was able to run full scan.

Here is the new log of the full scan;

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7908

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.19120

10/9/2011 3:40:21 PM

mbam-log-2011-10-09 (15-40-21).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 559129

Time elapsed: 1 hour(s), 22 minute(s), 47 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 4

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Windows\Temp\9b88.exe (Trojan.Exploit.Drop) -> Quarantined and deleted successfully.

c:\Users\mimi\AppData\Roaming\ldr.ini (Malware.Trace) -> Quarantined and deleted successfully.

c:\Users\mimia\AppData\Roaming\ldr.ini (Malware.Trace) -> Quarantined and deleted successfully.

c:\Windows\System32\config\systemprofile\AppData\Roaming\ldr.ini (Malware.Trace) -> Quarantined and deleted successfully.

I still receive pop-up messages that malwarebytes has blocked outgoing connections from IE. What should I do next?

Link to post
Share on other sites

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

OK here is more info - after I switched to normal mode I was stuck with the "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." messages, so I checked the file mbam.exe which I had changed and it was back to Everyone has Full control and Administrators is not there, so I changed the security again and as soon as I tried running MBAM it reset back the Everyone and removed Administrators - there is something that is resetting this... It looks like this is not active in Safe Mode because it is not changing the file settings and I am able to run MBAM in Safe Mode

I noticed that MsMpEng.exe (Microsoft Security Client) has the same security settings Everyone with Full control and Administrators, Users and SYSTEM are not there...

BTW it also seems that I can not switch to Safe Mode by pressing F8 during restart.

Link to post
Share on other sites

This infection causes that.

Running the tools in Safe Mode won't remove it because it doesn't load in Safe Mode.

Lets try this:

Please download Dr.Web CureIt . Save it to your desktop:

  • Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in the pop-up window to allow the scan.
  • This will scan the files currently running in memory and if something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, select Complete scan.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click Yes to all if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Note:this report may need to be renamed to Dr.Web.txt in order to post it on the forum.
  • Please post the Dr.Web.txt report in your next reply
  • Close Dr.Web Cureit.
    Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on the X in the upper right corner.

Link to post
Share on other sites

Here is the report from TDSS rootkit. Did not ask me to reboot.

I will try Dr.Web CureIt next

19:05:18.0757 1376 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24

19:05:18.0991 1376 ============================================================

19:05:18.0991 1376 Current date / time: 2011/10/09 19:05:18.0991

19:05:18.0991 1376 SystemInfo:

19:05:18.0991 1376

19:05:18.0991 1376 OS Version: 6.0.6002 ServicePack: 2.0

19:05:18.0991 1376 Product type: Workstation

19:05:18.0991 1376 ComputerName: MIMI-PC

19:05:18.0991 1376 UserName: mimi

19:05:18.0991 1376 Windows directory: C:\Windows

19:05:18.0991 1376 System windows directory: C:\Windows

19:05:18.0991 1376 Processor architecture: Intel x86

19:05:18.0991 1376 Number of processors: 2

19:05:18.0991 1376 Page size: 0x1000

19:05:18.0991 1376 Boot type: Safe boot with network

19:05:18.0991 1376 ============================================================

19:05:19.0240 1376 Initialize success

19:05:23.0483 1920 ============================================================

19:05:23.0483 1920 Scan started

19:05:23.0483 1920 Mode: Manual;

19:05:23.0483 1920 ============================================================

19:05:24.0248 1920 1cf6efbe (198b4150a32376abd5abca2ff5cc834b) C:\Windows\3203397148:3809022017.exe

19:05:24.0248 1920 Suspicious file (Hidden): C:\Windows\3203397148:3809022017.exe. md5: 198b4150a32376abd5abca2ff5cc834b

19:05:24.0248 1920 1cf6efbe ( HiddenFile.Multi.Generic ) - warning

19:05:24.0248 1920 1cf6efbe - detected HiddenFile.Multi.Generic (1)

19:05:24.0638 1920 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

19:05:24.0638 1920 ACPI - ok

19:05:24.0700 1920 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

19:05:24.0700 1920 adp94xx - ok

19:05:24.0731 1920 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

19:05:24.0747 1920 adpahci - ok

19:05:24.0794 1920 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

19:05:24.0794 1920 adpu160m - ok

19:05:24.0841 1920 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

19:05:24.0841 1920 adpu320 - ok

19:05:24.0919 1920 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

19:05:24.0919 1920 AFD - ok

19:05:24.0965 1920 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

19:05:24.0965 1920 agp440 - ok

19:05:25.0012 1920 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

19:05:25.0012 1920 aic78xx - ok

19:05:25.0075 1920 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

19:05:25.0075 1920 aliide - ok

19:05:25.0137 1920 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

19:05:25.0137 1920 amdagp - ok

19:05:25.0168 1920 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

19:05:25.0184 1920 amdide - ok

19:05:25.0231 1920 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

19:05:25.0231 1920 AmdK7 - ok

19:05:25.0262 1920 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

19:05:25.0262 1920 AmdK8 - ok

19:05:25.0324 1920 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

19:05:25.0324 1920 arc - ok

19:05:25.0371 1920 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

19:05:25.0371 1920 arcsas - ok

19:05:25.0418 1920 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

19:05:25.0418 1920 AsyncMac - ok

19:05:25.0480 1920 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

19:05:25.0480 1920 atapi - ok

19:05:25.0558 1920 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys

19:05:25.0558 1920 BCM43XV - ok

19:05:25.0589 1920 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

19:05:25.0589 1920 Beep - ok

19:05:25.0636 1920 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

19:05:25.0636 1920 blbdrive - ok

19:05:25.0714 1920 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

19:05:25.0714 1920 bowser - ok

19:05:25.0745 1920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

19:05:25.0745 1920 BrFiltLo - ok

19:05:25.0792 1920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

19:05:25.0792 1920 BrFiltUp - ok

19:05:25.0823 1920 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

19:05:25.0823 1920 Brserid - ok

19:05:25.0870 1920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

19:05:25.0870 1920 BrSerWdm - ok

19:05:25.0933 1920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

19:05:25.0933 1920 BrUsbMdm - ok

19:05:25.0964 1920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

19:05:25.0979 1920 BrUsbSer - ok

19:05:26.0011 1920 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

19:05:26.0011 1920 BTHMODEM - ok

19:05:26.0073 1920 catchme - ok

19:05:26.0135 1920 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

19:05:26.0135 1920 cdfs - ok

19:05:26.0198 1920 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

19:05:26.0198 1920 cdrom - ok

19:05:26.0245 1920 cfwids (7e6f7da1c4de5680820f964562548949) C:\Windows\system32\drivers\cfwids.sys

19:05:26.0245 1920 cfwids - ok

19:05:26.0291 1920 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

19:05:26.0291 1920 circlass - ok

19:05:26.0369 1920 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

19:05:26.0369 1920 CLFS - ok

19:05:26.0447 1920 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

19:05:26.0447 1920 CmBatt - ok

19:05:26.0510 1920 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

19:05:26.0510 1920 cmdide - ok

19:05:26.0541 1920 COH_Mon - ok

19:05:26.0572 1920 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

19:05:26.0572 1920 Compbatt - ok

19:05:26.0588 1920 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

19:05:26.0588 1920 crcdisk - ok

19:05:26.0619 1920 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

19:05:26.0635 1920 Crusoe - ok

19:05:26.0713 1920 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys

19:05:26.0713 1920 ctxusbm - ok

19:05:26.0791 1920 DfsC (2cb5e3b0b607ac7fb7dfd96733986e3f) C:\Windows\system32\Drivers\dfsc.sys

19:05:26.0791 1920 Suspicious file (Forged): C:\Windows\system32\Drivers\dfsc.sys. Real md5: 2cb5e3b0b607ac7fb7dfd96733986e3f, Fake md5: 622c41a07ca7e6dd91770f50d532cb6c

19:05:26.0791 1920 DfsC ( ForgedFile.Multi.Generic ) - warning

19:05:26.0791 1920 DfsC - detected ForgedFile.Multi.Generic (1)

19:05:26.0884 1920 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

19:05:26.0884 1920 disk - ok

19:05:26.0931 1920 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

19:05:26.0931 1920 dot4 - ok

19:05:26.0993 1920 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

19:05:26.0993 1920 Dot4Print - ok

19:05:27.0040 1920 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

19:05:27.0040 1920 dot4usb - ok

19:05:27.0103 1920 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

19:05:27.0103 1920 drmkaud - ok

19:05:27.0181 1920 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

19:05:27.0181 1920 DXGKrnl - ok

19:05:27.0212 1920 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

19:05:27.0212 1920 E1G60 - ok

19:05:27.0290 1920 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

19:05:27.0290 1920 Ecache - ok

19:05:27.0368 1920 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

19:05:27.0368 1920 elxstor - ok

19:05:27.0430 1920 EraserUtilRebootDrv - ok

19:05:27.0508 1920 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

19:05:27.0508 1920 ErrDev - ok

19:05:27.0602 1920 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

19:05:27.0602 1920 exfat - ok

19:05:27.0664 1920 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

19:05:27.0664 1920 fastfat - ok

19:05:27.0711 1920 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

19:05:27.0711 1920 fdc - ok

19:05:27.0758 1920 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

19:05:27.0758 1920 FileInfo - ok

19:05:27.0805 1920 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

19:05:27.0805 1920 Filetrace - ok

19:05:27.0851 1920 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

19:05:27.0851 1920 flpydisk - ok

19:05:27.0914 1920 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

19:05:27.0929 1920 FltMgr - ok

19:05:27.0961 1920 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

19:05:27.0961 1920 Fs_Rec - ok

19:05:28.0007 1920 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

19:05:28.0007 1920 gagp30kx - ok

19:05:28.0070 1920 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys

19:05:28.0070 1920 GEARAspiWDM - ok

19:05:28.0132 1920 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

19:05:28.0132 1920 HdAudAddService - ok

19:05:28.0195 1920 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:05:28.0210 1920 HDAudBus - ok

19:05:28.0226 1920 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

19:05:28.0226 1920 HidBth - ok

19:05:28.0273 1920 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

19:05:28.0273 1920 HidIr - ok

19:05:28.0335 1920 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

19:05:28.0335 1920 HidUsb - ok

19:05:28.0382 1920 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

19:05:28.0382 1920 HpCISSs - ok

19:05:28.0429 1920 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

19:05:28.0429 1920 HpqKbFiltr - ok

19:05:28.0460 1920 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys

19:05:28.0460 1920 HpqRemHid - ok

19:05:28.0507 1920 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

19:05:28.0507 1920 HSFHWAZL - ok

19:05:28.0600 1920 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS

19:05:28.0600 1920 HSF_DPV - ok

19:05:28.0678 1920 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

19:05:28.0678 1920 HTTP - ok

19:05:28.0725 1920 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

19:05:28.0725 1920 i2omp - ok

19:05:28.0772 1920 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

19:05:28.0772 1920 i8042prt - ok

19:05:28.0834 1920 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys

19:05:28.0834 1920 iaStor - ok

19:05:28.0881 1920 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

19:05:28.0881 1920 iaStorV - ok

19:05:28.0990 1920 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

19:05:29.0006 1920 igfx - ok

19:05:29.0084 1920 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

19:05:29.0084 1920 iirsp - ok

19:05:29.0177 1920 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys

19:05:29.0193 1920 IntcAzAudAddService - ok

19:05:29.0255 1920 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

19:05:29.0255 1920 intelide - ok

19:05:29.0287 1920 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

19:05:29.0302 1920 intelppm - ok

19:05:29.0411 1920 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:05:29.0411 1920 IpFilterDriver - ok

19:05:29.0443 1920 IpInIp - ok

19:05:29.0489 1920 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

19:05:29.0489 1920 IPMIDRV - ok

19:05:29.0536 1920 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

19:05:29.0536 1920 IPNAT - ok

19:05:29.0630 1920 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

19:05:29.0630 1920 IRENUM - ok

19:05:29.0661 1920 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

19:05:29.0677 1920 isapnp - ok

19:05:29.0739 1920 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

19:05:29.0739 1920 iScsiPrt - ok

19:05:29.0786 1920 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

19:05:29.0801 1920 iteatapi - ok

19:05:29.0833 1920 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

19:05:29.0833 1920 iteraid - ok

19:05:29.0879 1920 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:05:29.0879 1920 kbdclass - ok

19:05:29.0942 1920 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

19:05:29.0942 1920 kbdhid - ok

19:05:30.0035 1920 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys

19:05:30.0035 1920 KSecDD - ok

19:05:30.0098 1920 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

19:05:30.0098 1920 lltdio - ok

19:05:30.0160 1920 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

19:05:30.0160 1920 LSI_FC - ok

19:05:30.0223 1920 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

19:05:30.0223 1920 LSI_SAS - ok

19:05:30.0269 1920 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

19:05:30.0269 1920 LSI_SCSI - ok

19:05:30.0316 1920 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

19:05:30.0316 1920 luafv - ok

19:05:30.0394 1920 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:05:30.0394 1920 MBAMProtector - ok

19:05:30.0535 1920 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

19:05:30.0535 1920 megasas - ok

19:05:30.0581 1920 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

19:05:30.0581 1920 MegaSR - ok

19:05:30.0644 1920 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\Windows\system32\drivers\mfeapfk.sys

19:05:30.0644 1920 mfeapfk - ok

19:05:30.0691 1920 mfeavfk (67e961988312b1a28d6f93357b0bf998) C:\Windows\system32\drivers\mfeavfk.sys

19:05:30.0706 1920 mfeavfk - ok

19:05:30.0753 1920 mfebopk (19161b1796cf74a6a326abde309062ba) C:\Windows\system32\drivers\mfebopk.sys

19:05:30.0753 1920 mfebopk - ok

19:05:30.0831 1920 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\Windows\system32\drivers\mfefirek.sys

19:05:30.0847 1920 mfefirek - ok

19:05:30.0909 1920 mfehidk (0efab2b91b27543fe589de700de07136) C:\Windows\system32\drivers\mfehidk.sys

19:05:30.0909 1920 mfehidk - ok

19:05:30.0956 1920 mfenlfk (b4022e16569bbd1a85e68e7e78e68880) C:\Windows\system32\DRIVERS\mfenlfk.sys

19:05:30.0956 1920 mfenlfk - ok

19:05:31.0003 1920 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\Windows\system32\drivers\mferkdet.sys

19:05:31.0003 1920 mferkdet - ok

19:05:31.0081 1920 mfewfpk (183f32c79d1693170df3baecec611125) C:\Windows\system32\drivers\mfewfpk.sys

19:05:31.0081 1920 mfewfpk - ok

19:05:31.0127 1920 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

19:05:31.0127 1920 Modem - ok

19:05:31.0159 1920 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

19:05:31.0159 1920 monitor - ok

19:05:31.0190 1920 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

19:05:31.0190 1920 mouclass - ok

19:05:31.0237 1920 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

19:05:31.0237 1920 mouhid - ok

19:05:31.0299 1920 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

19:05:31.0299 1920 MountMgr - ok

19:05:31.0346 1920 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

19:05:31.0346 1920 MpFilter - ok

19:05:31.0393 1920 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

19:05:31.0408 1920 mpio - ok

19:05:31.0471 1920 MpKsl601e844b - ok

19:05:31.0533 1920 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

19:05:31.0533 1920 MpNWMon - ok

19:05:31.0564 1920 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

19:05:31.0564 1920 mpsdrv - ok

19:05:31.0611 1920 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

19:05:31.0611 1920 Mraid35x - ok

19:05:31.0673 1920 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

19:05:31.0673 1920 MRxDAV - ok

19:05:31.0751 1920 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:05:31.0751 1920 mrxsmb - ok

19:05:31.0845 1920 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:05:31.0845 1920 mrxsmb10 - ok

19:05:31.0923 1920 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:05:31.0939 1920 mrxsmb20 - ok

19:05:31.0954 1920 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

19:05:31.0954 1920 msahci - ok

19:05:32.0001 1920 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

19:05:32.0001 1920 msdsm - ok

19:05:32.0063 1920 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

19:05:32.0079 1920 Msfs - ok

19:05:32.0126 1920 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

19:05:32.0126 1920 msisadrv - ok

19:05:32.0173 1920 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

19:05:32.0173 1920 MSKSSRV - ok

19:05:32.0219 1920 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

19:05:32.0219 1920 MSPCLOCK - ok

19:05:32.0266 1920 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

19:05:32.0266 1920 MSPQM - ok

19:05:32.0329 1920 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

19:05:32.0329 1920 MsRPC - ok

19:05:32.0391 1920 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

19:05:32.0391 1920 mssmbios - ok

19:05:32.0438 1920 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

19:05:32.0438 1920 MSTEE - ok

19:05:32.0469 1920 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

19:05:32.0469 1920 Mup - ok

19:05:32.0547 1920 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

19:05:32.0547 1920 NativeWifiP - ok

19:05:32.0609 1920 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

19:05:32.0625 1920 NDIS - ok

19:05:32.0687 1920 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

19:05:32.0687 1920 NdisTapi - ok

19:05:32.0703 1920 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

19:05:32.0703 1920 Ndisuio - ok

19:05:32.0781 1920 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

19:05:32.0781 1920 NdisWan - ok

19:05:32.0828 1920 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

19:05:32.0828 1920 NDProxy - ok

19:05:32.0859 1920 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

19:05:32.0859 1920 NetBIOS - ok

19:05:32.0937 1920 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

19:05:32.0937 1920 netbt - ok

19:05:33.0077 1920 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys

19:05:33.0077 1920 NETw4v32 - ok

19:05:33.0124 1920 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

19:05:33.0124 1920 nfrd960 - ok

19:05:33.0202 1920 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:05:33.0202 1920 NisDrv - ok

19:05:33.0296 1920 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

19:05:33.0296 1920 Npfs - ok

19:05:33.0343 1920 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

19:05:33.0343 1920 nsiproxy - ok

19:05:33.0452 1920 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

19:05:33.0452 1920 Ntfs - ok

19:05:33.0499 1920 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

19:05:33.0499 1920 ntrigdigi - ok

19:05:33.0530 1920 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

19:05:33.0530 1920 Null - ok

19:05:33.0577 1920 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys

19:05:33.0577 1920 NVENETFD - ok

19:05:33.0623 1920 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

19:05:33.0623 1920 nvraid - ok

19:05:33.0670 1920 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

19:05:33.0670 1920 nvstor - ok

19:05:33.0748 1920 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

19:05:33.0748 1920 nv_agp - ok

19:05:33.0764 1920 NwlnkFlt - ok

19:05:33.0811 1920 NwlnkFwd - ok

19:05:33.0873 1920 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

19:05:33.0873 1920 ohci1394 - ok

19:05:33.0920 1920 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

19:05:33.0920 1920 Parport - ok

19:05:34.0013 1920 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

19:05:34.0013 1920 partmgr - ok

19:05:34.0029 1920 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

19:05:34.0029 1920 Parvdm - ok

19:05:34.0123 1920 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

19:05:34.0123 1920 pci - ok

19:05:34.0154 1920 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

19:05:34.0154 1920 pciide - ok

19:05:34.0201 1920 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

19:05:34.0201 1920 pcmcia - ok

19:05:34.0279 1920 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

19:05:34.0294 1920 PEAUTH - ok

19:05:34.0372 1920 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

19:05:34.0372 1920 PptpMiniport - ok

19:05:34.0403 1920 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

19:05:34.0403 1920 Processor - ok

19:05:34.0497 1920 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

19:05:34.0497 1920 PSched - ok

19:05:34.0559 1920 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

19:05:34.0559 1920 ql2300 - ok

19:05:34.0637 1920 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

19:05:34.0637 1920 ql40xx - ok

19:05:34.0684 1920 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

19:05:34.0700 1920 QWAVEdrv - ok

19:05:34.0731 1920 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

19:05:34.0731 1920 RasAcd - ok

19:05:34.0762 1920 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:05:34.0762 1920 Rasl2tp - ok

19:05:34.0825 1920 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

19:05:34.0825 1920 RasPppoe - ok

19:05:34.0918 1920 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

19:05:34.0918 1920 RasSstp - ok

19:05:34.0996 1920 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

19:05:34.0996 1920 rdbss - ok

19:05:35.0043 1920 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:05:35.0043 1920 RDPCDD - ok

19:05:35.0090 1920 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

19:05:35.0090 1920 rdpdr - ok

19:05:35.0137 1920 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

19:05:35.0137 1920 RDPENCDD - ok

19:05:35.0215 1920 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

19:05:35.0215 1920 RDPWD - ok

19:05:35.0293 1920 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

19:05:35.0293 1920 rimmptsk - ok

19:05:35.0324 1920 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

19:05:35.0324 1920 rimsptsk - ok

19:05:35.0355 1920 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

19:05:35.0355 1920 rismxdp - ok

19:05:35.0433 1920 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

19:05:35.0433 1920 rspndr - ok

19:05:35.0480 1920 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys

19:05:35.0480 1920 RTL8169 - ok

19:05:35.0527 1920 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

19:05:35.0527 1920 sbp2port - ok

19:05:35.0620 1920 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

19:05:35.0620 1920 sdbus - ok

19:05:35.0698 1920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:05:35.0698 1920 secdrv - ok

19:05:35.0745 1920 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

19:05:35.0745 1920 Serenum - ok

19:05:35.0792 1920 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

19:05:35.0792 1920 Serial - ok

19:05:35.0823 1920 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

19:05:35.0823 1920 sermouse - ok

19:05:35.0885 1920 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

19:05:35.0885 1920 sffdisk - ok

19:05:35.0917 1920 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

19:05:35.0917 1920 sffp_mmc - ok

19:05:35.0979 1920 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

19:05:35.0979 1920 sffp_sd - ok

19:05:36.0010 1920 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

19:05:36.0010 1920 sfloppy - ok

19:05:36.0057 1920 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

19:05:36.0057 1920 sisagp - ok

19:05:36.0104 1920 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

19:05:36.0104 1920 SiSRaid2 - ok

19:05:36.0151 1920 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

19:05:36.0151 1920 SiSRaid4 - ok

19:05:36.0229 1920 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

19:05:36.0229 1920 Smb - ok

19:05:36.0322 1920 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys

19:05:36.0338 1920 smserial - ok

19:05:36.0385 1920 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

19:05:36.0385 1920 spldr - ok

19:05:36.0463 1920 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

19:05:36.0463 1920 srv - ok

19:05:36.0525 1920 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

19:05:36.0525 1920 srv2 - ok

19:05:36.0572 1920 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

19:05:36.0587 1920 srvnet - ok

19:05:36.0650 1920 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

19:05:36.0665 1920 swenum - ok

19:05:36.0728 1920 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

19:05:36.0728 1920 Symc8xx - ok

19:05:36.0759 1920 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

19:05:36.0759 1920 Sym_hi - ok

19:05:36.0806 1920 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

19:05:36.0806 1920 Sym_u3 - ok

19:05:36.0868 1920 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys

19:05:36.0868 1920 SynTP - ok

19:05:36.0977 1920 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys

19:05:36.0977 1920 Tcpip - ok

19:05:37.0055 1920 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys

19:05:37.0055 1920 Tcpip6 - ok

19:05:37.0087 1920 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys

19:05:37.0087 1920 tcpipreg - ok

19:05:37.0118 1920 tdisnap - ok

19:05:37.0165 1920 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

19:05:37.0165 1920 TDPIPE - ok

19:05:37.0227 1920 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

19:05:37.0227 1920 TDTCP - ok

19:05:37.0305 1920 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

19:05:37.0305 1920 tdx - ok

19:05:37.0367 1920 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

19:05:37.0367 1920 TermDD - ok

19:05:37.0430 1920 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:05:37.0430 1920 tssecsrv - ok

19:05:37.0461 1920 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

19:05:37.0461 1920 tunmp - ok

19:05:37.0508 1920 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

19:05:37.0508 1920 tunnel - ok

19:05:37.0555 1920 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

19:05:37.0570 1920 uagp35 - ok

19:05:37.0633 1920 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

19:05:37.0633 1920 udfs - ok

19:05:37.0679 1920 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

19:05:37.0679 1920 uliagpkx - ok

19:05:37.0742 1920 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

19:05:37.0757 1920 uliahci - ok

19:05:37.0804 1920 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

19:05:37.0804 1920 UlSata - ok

19:05:37.0851 1920 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

19:05:37.0851 1920 ulsata2 - ok

19:05:37.0882 1920 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

19:05:37.0882 1920 umbus - ok

19:05:37.0913 1920 USBAAPL (df38374e12e73c25b37b6f8a9b8622ef) C:\Windows\system32\Drivers\usbaapl.sys

19:05:37.0913 1920 USBAAPL - ok

19:05:37.0960 1920 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

19:05:37.0976 1920 usbccgp - ok

19:05:38.0038 1920 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

19:05:38.0038 1920 usbcir - ok

19:05:38.0101 1920 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

19:05:38.0101 1920 usbehci - ok

19:05:38.0132 1920 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

19:05:38.0147 1920 usbhub - ok

19:05:38.0179 1920 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys

19:05:38.0179 1920 usbohci - ok

19:05:38.0210 1920 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

19:05:38.0210 1920 usbprint - ok

19:05:38.0257 1920 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:05:38.0257 1920 USBSTOR - ok

19:05:38.0303 1920 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

19:05:38.0303 1920 usbuhci - ok

19:05:38.0366 1920 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

19:05:38.0366 1920 usbvideo - ok

19:05:38.0444 1920 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

19:05:38.0444 1920 vga - ok

19:05:38.0475 1920 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

19:05:38.0475 1920 VgaSave - ok

19:05:38.0506 1920 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

19:05:38.0506 1920 viaagp - ok

19:05:38.0553 1920 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

19:05:38.0553 1920 ViaC7 - ok

19:05:38.0615 1920 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

19:05:38.0615 1920 viaide - ok

19:05:38.0647 1920 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

19:05:38.0647 1920 volmgr - ok

19:05:38.0725 1920 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

19:05:38.0725 1920 volmgrx - ok

19:05:38.0771 1920 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

19:05:38.0771 1920 volsnap - ok

19:05:38.0818 1920 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

19:05:38.0818 1920 vsmraid - ok

19:05:38.0896 1920 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

19:05:38.0896 1920 WacomPen - ok

19:05:38.0959 1920 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:05:38.0959 1920 Wanarp - ok

19:05:38.0959 1920 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:05:38.0959 1920 Wanarpv6 - ok

19:05:39.0021 1920 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

19:05:39.0037 1920 Wd - ok

19:05:39.0083 1920 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

19:05:39.0083 1920 Wdf01000 - ok

19:05:39.0161 1920 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

19:05:39.0161 1920 winachsf - ok

19:05:39.0224 1920 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:05:39.0224 1920 WmiAcpi - ok

19:05:39.0333 1920 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

19:05:39.0333 1920 WpdUsb - ok

19:05:39.0380 1920 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

19:05:39.0380 1920 ws2ifsl - ok

19:05:39.0427 1920 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:05:39.0427 1920 WUDFRd - ok

19:05:39.0458 1920 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0

19:05:39.0489 1920 \Device\Harddisk0\DR0 - ok

19:05:39.0489 1920 Boot (0x1200) (1fac30270fc209710d1e782b8d80a8f2) \Device\Harddisk0\DR0\Partition0

19:05:39.0489 1920 \Device\Harddisk0\DR0\Partition0 - ok

19:05:39.0489 1920 Boot (0x1200) (486b6d319a106d46b6871fbb06ea3800) \Device\Harddisk0\DR0\Partition1

19:05:39.0489 1920 \Device\Harddisk0\DR0\Partition1 - ok

19:05:39.0489 1920 ============================================================

19:05:39.0489 1920 Scan finished

19:05:39.0489 1920 ============================================================

19:05:39.0505 0840 Detected object count: 2

19:05:39.0505 0840 Actual detected object count: 2

19:05:58.0583 0840 1cf6efbe ( HiddenFile.Multi.Generic ) - skipped by user

19:05:58.0583 0840 1cf6efbe ( HiddenFile.Multi.Generic ) - User select action: Skip

19:05:58.0583 0840 DfsC ( ForgedFile.Multi.Generic ) - skipped by user

19:05:58.0583 0840 DfsC ( ForgedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Same as before - I can not run the full scan - the application closes automatically.

There is one log file after the fast scan. Should I run this in safe mode?

=============================================================================

Dr.Web Scanner for Windows v6.00.11 (6.00.11.07112)

© Doctor Web, Ltd., 1992-2011

Log generated on: 2011-10-09, 19:27:26 [MIMI-PC][mimi]

Command line: "C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\136d6_xp.exe" /lng /ini:setup_xp.ini /fast

Operating system: Windows Vista Premium x86 (Build 6002), Service Pack 2

=============================================================================

DwShield started

Engine version: 5.00 (5.00.2.03300)

Engine API version: 2.02

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\da5dd916 - 2726 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\72dfa24d - 17338 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a8b49923 - 18573 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\81f955f6 - 17267 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\23a895b8 - 28798 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\014f71e3 - 25938 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\c389be8a - 24658 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d4e54985 - 16264 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\fc61c9da - 21563 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1d423e6f - 28282 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\7f5bf697 - 23517 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\fb4e4278 - 20563 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\124d4359 - 29147 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ed63f0f1 - 20771 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\366422cf - 41547 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5f9e1f83 - 35434 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\233363bb - 41517 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\fbee5a8e - 25512 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\13ae0cd8 - 28999 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5a574b00 - 36564 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ed83bd4a - 30676 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\644c3f9e - 25157 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\caca6a9e - 21479 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1032978b - 23541 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\f012eda0 - 24447 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8b8f606b - 21471 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a6f89e55 - 17824 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ef1810c8 - 18737 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\73d9eeec - 8998 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\bfa1f164 - 9352 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\876a18bc - 4901 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ad380078 - 7472 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\96009758 - 13720 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1903f1f2 - 12944 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5d3dcb87 - 17300 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\22624dd1 - 17443 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0376ded7 - 18483 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\60b67436 - 14834 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\2a14351d - 14185 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\f4413097 - 13370 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8b67de90 - 7482 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\01a06fb1 - 11624 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\7ef97df1 - 10523 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0281d0ad - 10122 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8070b6dc - 10453 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\fcd3cbd5 - 10778 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\150ef9f4 - 9822 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\2d53aac8 - 14045 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1bd0e709 - 7028 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a8f8b092 - 8674 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6e5374b2 - 8626 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\644c6a33 - 8231 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\57d79e05 - 10397 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\daecbf1d - 11234 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6d90d08d - 10356 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\691c5328 - 11383 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\dd48431c - 8957 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\61d89cd8 - 11015 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8e4fd055 - 11168 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\894c6394 - 7798 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\cec9a890 - 7873 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\91d9cdc8 - 6904 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\94783650 - 6503 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\66b27f18 - 9823 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a69ada9b - 7572 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\184e1c4b - 6996 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\72912cfe - 16360 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0dc6ce18 - 29168 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\4cd5b2b1 - 34202 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\038fe15c - 28292 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d89af206 - 27164 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\e5539223 - 25131 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\9389d544 - 31464 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1b9f7c74 - 18281 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a5954de1 - 18009 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0e3ba111 - 24685 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\bac30782 - 13651 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\cd167094 - 16025 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\e98a5158 - 15644 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6b464432 - 23265 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d3043151 - 23135 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\616c970c - 20510 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\96ff980b - 25475 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\65619cc3 - 16298 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d689c6b3 - 19357 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\4259ff54 - 18381 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\9e471039 - 19562 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\cce59fa3 - 27102 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\28a4f5a6 - 21223 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\369bb375 - 24847 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\05ee1c38 - 23251 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a7471f3c - 14982 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\9373ccf0 - 16778 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\e9cb8fab - 18725 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\c36b8f92 - 18429 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ba5e4e2b - 6220 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a00dc16f - 142240 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\c9c76ff7 - 66726 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\34e29519 - 24512 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6ff55e73 - 82762 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\cb34b3a0 - 508543 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\aa2901f7 - 977 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d631480c - 1683 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ffd7fcd0 - 1843 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1d81ca40 - 1694 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0a5913cc - 1578 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\550daf9a - 1959 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a45f2e13 - 2033 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6e1c08c3 - 1812 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\b9e4b064 - 1738 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\2fa45f6d - 1885 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1650916e - 2091 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\aaf9e9c2 - 1569 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8f1dcdde - 1834 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\e613093e - 985 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5aef7875 - 2796 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\75269342 - 2015 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\76b4c9f1 - 2208 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ba79102e - 2483 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\920c7ed5 - 1603 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\4f1d6196 - 1919 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5151f26a - 1819 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\83f8000a - 2229 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\4e9b55f9 - 1833 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\2c61c14a - 1614 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\ec968177 - 2297 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5db0ea76 - 2110 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\b1629cf2 - 2007 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\526cc4a1 - 2370 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\966fe4e8 - 2241 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\bd732948 - 2596 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0e1f7f43 - 2024 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\d7c5db3f - 1609 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\44bfadb0 - 1471 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\7ef2cda2 - 1445 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\e58fba23 - 1895 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\0a2ef1e5 - 2312 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\c3027dc0 - 3006 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\9014d398 - 2146 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\a6466608 - 1714 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\5e79ab21 - 2095 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\51d2e7b7 - 2715 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\2db7cb84 - 2545 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\6f8ec899 - 2801 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\8f3ee197 - 6197 virus records

[Virus database] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\1fc1cf83 - 28348 virus records

Total virus records: 2667242

[self-checking] C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\136d6_xp.exe

Key file: C:\Users\mimi\AppData\Local\Temp\11F1F26A-343C9E89-113F5BF5-B2F47535\setup.key

License key number: 0013622856

Registered to: An unauthorized User

License key activates on: 2011-03-10

License key expires on: 2012-03-11

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.