Jump to content

Katusha.A got me


swoopg

Recommended Posts

Well I somehow got this little booger and it is a doosie. It has disabled my antivirus and will not let me install any new software. It redirects my web browser(s) (yes I have tried more than one). It is the worst infection I have ever gotten. I did the TDSSKiller and the DDS and they are here:TDSSfile.rtf

DDS.txt

I have tried to install MalwareBytes anti malware program and i got it installed but I can't even get it to scan my computer. My other AV(Webroot) will not even boot up. Please help me get rid of this. I am lost without my computer. Thanks guys you are the best.

Link to post
Share on other sites

I see that I should just copy and past my scan results so here they are:

22:07:33.0987 0472 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23

22:07:34.0366 0472 ============================================================

22:07:34.0366 0472 Current date / time: 2011/10/17 22:07:34.0366

22:07:34.0366 0472 SystemInfo:

22:07:34.0366 0472

22:07:34.0366 0472 OS Version: 6.1.7600 ServicePack: 0.0

22:07:34.0366 0472 Product type: Workstation

22:07:34.0366 0472 ComputerName: LAPTOP

22:07:34.0366 0472 UserName: Leuticia

22:07:34.0366 0472 Windows directory: C:\windows

22:07:34.0366 0472 System windows directory: C:\windows

22:07:34.0366 0472 Processor architecture: Intel x86

22:07:34.0366 0472 Number of processors: 2

22:07:34.0367 0472 Page size: 0x1000

22:07:34.0367 0472 Boot type: Normal boot

22:07:34.0367 0472 ============================================================

22:07:35.0445 0472 Initialize success

22:07:44.0028 1300 ============================================================

22:07:44.0028 1300 Scan started

22:07:44.0028 1300 Mode: Manual;

22:07:44.0028 1300 ============================================================

22:07:46.0603 1300 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys

22:07:46.0605 1300 1394ohci - ok

22:07:46.0677 1300 a48cb058 (8f2bb1827cac01aee6a16e30a1260199) C:\windows\1487965348:1534283687.exe

22:07:46.0677 1300 Suspicious file (Hidden): C:\windows\1487965348:1534283687.exe. md5: 8f2bb1827cac01aee6a16e30a1260199

22:07:46.0678 1300 a48cb058 ( HiddenFile.Multi.Generic ) - warning

22:07:46.0678 1300 a48cb058 - detected HiddenFile.Multi.Generic (1)

22:07:46.0723 1300 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys

22:07:46.0727 1300 ACPI - ok

22:07:46.0793 1300 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys

22:07:46.0793 1300 AcpiPmi - ok

22:07:46.0851 1300 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys

22:07:46.0857 1300 adp94xx - ok

22:07:46.0893 1300 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys

22:07:46.0897 1300 adpahci - ok

22:07:46.0917 1300 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys

22:07:46.0919 1300 adpu320 - ok

22:07:47.0002 1300 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys

22:07:47.0006 1300 AFD - ok

22:07:47.0279 1300 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys

22:07:47.0292 1300 AgereSoftModem - ok

22:07:47.0335 1300 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys

22:07:47.0336 1300 agp440 - ok

22:07:47.0381 1300 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys

22:07:47.0382 1300 aic78xx - ok

22:07:47.0446 1300 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys

22:07:47.0446 1300 aliide - ok

22:07:47.0524 1300 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys

22:07:47.0525 1300 amdagp - ok

22:07:47.0552 1300 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys

22:07:47.0553 1300 amdide - ok

22:07:47.0605 1300 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys

22:07:47.0606 1300 AmdK8 - ok

22:07:47.0646 1300 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys

22:07:47.0648 1300 AmdPPM - ok

22:07:47.0714 1300 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys

22:07:47.0715 1300 amdsata - ok

22:07:47.0748 1300 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys

22:07:47.0750 1300 amdsbs - ok

22:07:47.0779 1300 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys

22:07:47.0780 1300 amdxata - ok

22:07:47.0804 1300 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys

22:07:47.0805 1300 AppID - ok

22:07:47.0907 1300 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys

22:07:47.0908 1300 arc - ok

22:07:47.0922 1300 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys

22:07:47.0923 1300 arcsas - ok

22:07:47.0962 1300 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys

22:07:47.0963 1300 AsyncMac - ok

22:07:48.0014 1300 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys

22:07:48.0014 1300 atapi - ok

22:07:48.0073 1300 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\windows\system32\DRIVERS\athr.sys

22:07:48.0104 1300 athr - ok

22:07:48.0322 1300 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys

22:07:48.0447 1300 atikmdag - ok

22:07:48.0489 1300 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys

22:07:48.0489 1300 AtiPcie - ok

22:07:48.0568 1300 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\windows\system32\Drivers\avgldx86.sys

22:07:48.0571 1300 AvgLdx86 - ok

22:07:48.0636 1300 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\windows\system32\Drivers\avgmfx86.sys

22:07:48.0637 1300 AvgMfx86 - ok

22:07:48.0675 1300 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\windows\system32\Drivers\avgtdix.sys

22:07:48.0678 1300 AvgTdiX - ok

22:07:48.0743 1300 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys

22:07:48.0749 1300 b06bdrv - ok

22:07:48.0792 1300 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys

22:07:48.0795 1300 b57nd60x - ok

22:07:48.0848 1300 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys

22:07:48.0849 1300 Beep - ok

22:07:48.0885 1300 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys

22:07:48.0886 1300 blbdrive - ok

22:07:48.0958 1300 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys

22:07:48.0971 1300 bowser - ok

22:07:48.0994 1300 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys

22:07:48.0995 1300 BrFiltLo - ok

22:07:49.0008 1300 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys

22:07:49.0009 1300 BrFiltUp - ok

22:07:49.0050 1300 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys

22:07:49.0053 1300 Brserid - ok

22:07:49.0069 1300 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys

22:07:49.0070 1300 BrSerWdm - ok

22:07:49.0083 1300 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys

22:07:49.0084 1300 BrUsbMdm - ok

22:07:49.0097 1300 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys

22:07:49.0098 1300 BrUsbSer - ok

22:07:49.0112 1300 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys

22:07:49.0113 1300 BTHMODEM - ok

22:07:49.0146 1300 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys

22:07:49.0148 1300 cdfs - ok

22:07:49.0206 1300 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys

22:07:49.0208 1300 cdrom - ok

22:07:49.0260 1300 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys

22:07:49.0261 1300 circlass - ok

22:07:49.0300 1300 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys

22:07:49.0304 1300 CLFS - ok

22:07:49.0371 1300 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys

22:07:49.0372 1300 CmBatt - ok

22:07:49.0429 1300 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys

22:07:49.0430 1300 cmdide - ok

22:07:49.0472 1300 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys

22:07:49.0476 1300 CNG - ok

22:07:49.0510 1300 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys

22:07:49.0511 1300 Compbatt - ok

22:07:49.0573 1300 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys

22:07:49.0574 1300 CompositeBus - ok

22:07:49.0632 1300 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys

22:07:49.0632 1300 crcdisk - ok

22:07:49.0685 1300 DfsC (6627114143057cdbf0a709d08dbaf019) C:\windows\system32\Drivers\dfsc.sys

22:07:49.0686 1300 Suspicious file (Forged): C:\windows\system32\Drivers\dfsc.sys. Real md5: 6627114143057cdbf0a709d08dbaf019, Fake md5: 83d1ecea8faae75604c0fa49ac7ad996

22:07:49.0686 1300 DfsC ( Rootkit.Win32.ZAccess.e ) - infected

22:07:49.0686 1300 DfsC - detected Rootkit.Win32.ZAccess.e (0)

22:07:49.0730 1300 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys

22:07:49.0731 1300 discache - ok

22:07:49.0792 1300 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys

22:07:49.0793 1300 Disk - ok

22:07:49.0849 1300 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys

22:07:49.0850 1300 drmkaud - ok

22:07:49.0910 1300 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys

22:07:49.0927 1300 DXGKrnl - ok

22:07:50.0071 1300 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys

22:07:50.0172 1300 ebdrv - ok

22:07:50.0229 1300 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys

22:07:50.0235 1300 elxstor - ok

22:07:50.0281 1300 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys

22:07:50.0282 1300 ErrDev - ok

22:07:50.0326 1300 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys

22:07:50.0329 1300 exfat - ok

22:07:50.0357 1300 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys

22:07:50.0361 1300 fastfat - ok

22:07:50.0383 1300 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys

22:07:50.0383 1300 fdc - ok

22:07:50.0420 1300 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys

22:07:50.0421 1300 FileInfo - ok

22:07:50.0444 1300 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys

22:07:50.0445 1300 Filetrace - ok

22:07:50.0459 1300 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys

22:07:50.0460 1300 flpydisk - ok

22:07:50.0505 1300 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys

22:07:50.0509 1300 FltMgr - ok

22:07:50.0545 1300 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys

22:07:50.0546 1300 FsDepends - ok

22:07:50.0553 1300 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys

22:07:50.0573 1300 Fs_Rec - ok

22:07:50.0630 1300 FTDIBUS (47b9cf937ac479046da289bd5a769ce9) C:\windows\system32\drivers\ftdibus.sys

22:07:50.0631 1300 FTDIBUS - ok

22:07:50.0664 1300 FTSER2K (216b9a2191676034999785c7f94fa5d6) C:\windows\system32\drivers\ftser2k.sys

22:07:50.0665 1300 FTSER2K - ok

22:07:50.0721 1300 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys

22:07:50.0722 1300 fvevol - ok

22:07:50.0769 1300 FwLnk (0f76e205bdc60364f08a5949082771ca) C:\windows\system32\DRIVERS\FwLnk.sys

22:07:50.0770 1300 FwLnk - ok

22:07:50.0816 1300 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys

22:07:50.0817 1300 gagp30kx - ok

22:07:50.0856 1300 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

22:07:50.0857 1300 GEARAspiWDM - ok

22:07:50.0952 1300 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys

22:07:50.0953 1300 hcw85cir - ok

22:07:50.0993 1300 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys

22:07:50.0997 1300 HdAudAddService - ok

22:07:51.0032 1300 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys

22:07:51.0034 1300 HDAudBus - ok

22:07:51.0064 1300 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys

22:07:51.0065 1300 HidBatt - ok

22:07:51.0082 1300 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys

22:07:51.0087 1300 HidBth - ok

22:07:51.0120 1300 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys

22:07:51.0121 1300 HidIr - ok

22:07:51.0166 1300 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys

22:07:51.0167 1300 HidUsb - ok

22:07:51.0250 1300 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys

22:07:51.0252 1300 HpSAMD - ok

22:07:51.0292 1300 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys

22:07:51.0299 1300 HTTP - ok

22:07:51.0320 1300 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys

22:07:51.0321 1300 hwpolicy - ok

22:07:51.0361 1300 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys

22:07:51.0363 1300 i8042prt - ok

22:07:51.0409 1300 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys

22:07:51.0415 1300 iaStorV - ok

22:07:51.0494 1300 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys

22:07:51.0495 1300 iirsp - ok

22:07:51.0613 1300 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys

22:07:51.0699 1300 IntcAzAudAddService - ok

22:07:51.0735 1300 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys

22:07:51.0735 1300 intelide - ok

22:07:51.0796 1300 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys

22:07:51.0797 1300 intelppm - ok

22:07:51.0836 1300 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys

22:07:51.0837 1300 IpFilterDriver - ok

22:07:51.0876 1300 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys

22:07:51.0877 1300 IPMIDRV - ok

22:07:51.0900 1300 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys

22:07:51.0902 1300 IPNAT - ok

22:07:52.0060 1300 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys

22:07:52.0061 1300 IRENUM - ok

22:07:52.0099 1300 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys

22:07:52.0100 1300 isapnp - ok

22:07:52.0134 1300 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys

22:07:52.0137 1300 iScsiPrt - ok

22:07:52.0185 1300 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys

22:07:52.0186 1300 kbdclass - ok

22:07:52.0217 1300 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys

22:07:52.0219 1300 kbdhid - ok

22:07:52.0249 1300 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys

22:07:52.0251 1300 KSecDD - ok

22:07:52.0449 1300 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys

22:07:52.0451 1300 KSecPkg - ok

22:07:52.0515 1300 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys

22:07:52.0526 1300 lltdio - ok

22:07:52.0576 1300 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys

22:07:52.0578 1300 LSI_FC - ok

22:07:52.0593 1300 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys

22:07:52.0595 1300 LSI_SAS - ok

22:07:52.0608 1300 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys

22:07:52.0609 1300 LSI_SAS2 - ok

22:07:52.0624 1300 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys

22:07:52.0625 1300 LSI_SCSI - ok

22:07:52.0667 1300 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys

22:07:52.0667 1300 luafv - ok

22:07:52.0733 1300 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys

22:07:52.0734 1300 MBAMProtector - ok

22:07:52.0781 1300 MBAMSwissArmy (0905dc0814d738cff53577a59ccd81e0) C:\windows\system32\drivers\mbamswissarmy.sys

22:07:52.0782 1300 MBAMSwissArmy - ok

22:07:52.0808 1300 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys

22:07:52.0809 1300 megasas - ok

22:07:52.0860 1300 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys

22:07:52.0863 1300 MegaSR - ok

22:07:52.0896 1300 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys

22:07:52.0897 1300 Modem - ok

22:07:52.0925 1300 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys

22:07:52.0926 1300 monitor - ok

22:07:52.0984 1300 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys

22:07:52.0985 1300 mouclass - ok

22:07:53.0028 1300 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys

22:07:53.0029 1300 mouhid - ok

22:07:53.0057 1300 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys

22:07:53.0058 1300 mountmgr - ok

22:07:53.0088 1300 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys

22:07:53.0090 1300 mpio - ok

22:07:53.0120 1300 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys

22:07:53.0132 1300 mpsdrv - ok

22:07:53.0148 1300 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys

22:07:53.0151 1300 MRxDAV - ok

22:07:53.0175 1300 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys

22:07:53.0190 1300 mrxsmb - ok

22:07:53.0209 1300 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys

22:07:53.0232 1300 mrxsmb10 - ok

22:07:53.0250 1300 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys

22:07:53.0264 1300 mrxsmb20 - ok

22:07:53.0285 1300 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys

22:07:53.0286 1300 msahci - ok

22:07:53.0309 1300 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys

22:07:53.0311 1300 msdsm - ok

22:07:53.0352 1300 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys

22:07:53.0353 1300 Msfs - ok

22:07:53.0372 1300 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys

22:07:53.0373 1300 mshidkmdf - ok

22:07:53.0396 1300 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys

22:07:53.0397 1300 msisadrv - ok

22:07:53.0457 1300 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys

22:07:53.0458 1300 MSKSSRV - ok

22:07:53.0480 1300 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys

22:07:53.0481 1300 MSPCLOCK - ok

22:07:53.0506 1300 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys

22:07:53.0507 1300 MSPQM - ok

22:07:53.0560 1300 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys

22:07:53.0562 1300 MsRPC - ok

22:07:53.0616 1300 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys

22:07:53.0617 1300 mssmbios - ok

22:07:53.0653 1300 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys

22:07:53.0655 1300 MSTEE - ok

22:07:53.0668 1300 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys

22:07:53.0670 1300 MTConfig - ok

22:07:53.0698 1300 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys

22:07:53.0698 1300 Mup - ok

22:07:53.0766 1300 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys

22:07:53.0771 1300 NativeWifiP - ok

22:07:53.0827 1300 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys

22:07:53.0845 1300 NDIS - ok

22:07:53.0897 1300 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys

22:07:53.0898 1300 NdisCap - ok

22:07:53.0928 1300 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys

22:07:53.0929 1300 NdisTapi - ok

22:07:53.0975 1300 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys

22:07:53.0986 1300 Ndisuio - ok

22:07:54.0006 1300 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys

22:07:54.0008 1300 NdisWan - ok

22:07:54.0036 1300 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys

22:07:54.0037 1300 NDProxy - ok

22:07:54.0093 1300 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys

22:07:54.0106 1300 NetBIOS - ok

22:07:54.0133 1300 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys

22:07:54.0135 1300 NetBT - ok

22:07:54.0181 1300 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys

22:07:54.0181 1300 nfrd960 - ok

22:07:54.0204 1300 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys

22:07:54.0205 1300 Npfs - ok

22:07:54.0229 1300 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys

22:07:54.0230 1300 nsiproxy - ok

22:07:54.0279 1300 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys

22:07:54.0315 1300 Ntfs - ok

22:07:54.0334 1300 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys

22:07:54.0334 1300 Null - ok

22:07:54.0361 1300 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys

22:07:54.0362 1300 nvraid - ok

22:07:54.0377 1300 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys

22:07:54.0378 1300 nvstor - ok

22:07:54.0397 1300 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys

22:07:54.0399 1300 nv_agp - ok

22:07:54.0442 1300 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys

22:07:54.0443 1300 ohci1394 - ok

22:07:54.0500 1300 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys

22:07:54.0512 1300 Parport - ok

22:07:54.0538 1300 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys

22:07:54.0539 1300 partmgr - ok

22:07:54.0567 1300 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys

22:07:54.0567 1300 Parvdm - ok

22:07:54.0612 1300 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys

22:07:54.0615 1300 pci - ok

22:07:54.0658 1300 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys

22:07:54.0659 1300 pciide - ok

22:07:54.0686 1300 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys

22:07:54.0690 1300 pcmcia - ok

22:07:54.0719 1300 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys

22:07:54.0719 1300 pcw - ok

22:07:54.0749 1300 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys

22:07:54.0790 1300 PEAUTH - ok

22:07:54.0847 1300 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys

22:07:54.0848 1300 PGEffect - ok

22:07:54.0931 1300 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys

22:07:54.0933 1300 PptpMiniport - ok

22:07:54.0957 1300 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys

22:07:54.0958 1300 Processor - ok

22:07:54.0994 1300 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys

22:07:54.0996 1300 Psched - ok

22:07:55.0087 1300 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys

22:07:55.0088 1300 PxHelp20 - ok

22:07:55.0135 1300 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys

22:07:55.0169 1300 ql2300 - ok

22:07:55.0182 1300 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys

22:07:55.0184 1300 ql40xx - ok

22:07:55.0205 1300 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys

22:07:55.0208 1300 QWAVEdrv - ok

22:07:55.0239 1300 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys

22:07:55.0239 1300 RasAcd - ok

22:07:55.0294 1300 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys

22:07:55.0295 1300 RasAgileVpn - ok

22:07:55.0322 1300 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys

22:07:55.0324 1300 Rasl2tp - ok

22:07:55.0356 1300 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys

22:07:55.0359 1300 RasPppoe - ok

22:07:55.0384 1300 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys

22:07:55.0386 1300 RasSstp - ok

22:07:55.0443 1300 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys

22:07:55.0447 1300 rdbss - ok

22:07:55.0471 1300 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys

22:07:55.0472 1300 rdpbus - ok

22:07:55.0493 1300 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys

22:07:55.0493 1300 RDPCDD - ok

22:07:55.0541 1300 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys

22:07:55.0542 1300 RDPENCDD - ok

22:07:55.0566 1300 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys

22:07:55.0567 1300 RDPREFMP - ok

22:07:55.0600 1300 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys

22:07:55.0602 1300 RDPWD - ok

22:07:55.0636 1300 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys

22:07:55.0639 1300 rdyboost - ok

22:07:55.0780 1300 RkHit (b9724926c977468e544a1c66a22add4a) C:\windows\system32\drivers\RKHit.sys

22:07:55.0780 1300 RkHit - ok

22:07:55.0878 1300 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys

22:07:55.0890 1300 rspndr - ok

22:07:55.0927 1300 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys

22:07:55.0930 1300 RSUSBSTOR - ok

22:07:55.0991 1300 RTL8167 (06bd46be6141556125f89df738333720) C:\windows\system32\DRIVERS\Rt86win7.sys

22:07:55.0997 1300 RTL8167 - ok

22:07:56.0048 1300 RTL8187Se (e48daf453d773a89a44134ce4ba9af44) C:\windows\system32\DRIVERS\RTL8187Se.sys

22:07:56.0053 1300 RTL8187Se - ok

22:07:56.0065 1300 RtsUIR - ok

22:07:56.0139 1300 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys

22:07:56.0141 1300 sbp2port - ok

22:07:56.0190 1300 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys

22:07:56.0191 1300 scfilter - ok

22:07:56.0257 1300 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys

22:07:56.0263 1300 secdrv - ok

22:07:56.0333 1300 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys

22:07:56.0333 1300 Serenum - ok

22:07:56.0384 1300 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys

22:07:56.0385 1300 Serial - ok

22:07:56.0432 1300 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys

22:07:56.0433 1300 sermouse - ok

22:07:56.0468 1300 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys

22:07:56.0469 1300 sffdisk - ok

22:07:56.0516 1300 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys

22:07:56.0517 1300 sffp_mmc - ok

22:07:56.0553 1300 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys

22:07:56.0554 1300 sffp_sd - ok

22:07:56.0568 1300 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys

22:07:56.0569 1300 sfloppy - ok

22:07:56.0637 1300 silabenm (c16173316918a1360dc22947c4ff6352) C:\windows\system32\DRIVERS\silabenm.sys

22:07:56.0638 1300 silabenm - ok

22:07:56.0701 1300 silabser (093c31ec727ecbcbe38992fc69657594) C:\windows\system32\DRIVERS\silabser.sys

22:07:56.0702 1300 silabser - ok

22:07:56.0753 1300 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys

22:07:56.0754 1300 sisagp - ok

22:07:56.0778 1300 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys

22:07:56.0779 1300 SiSRaid2 - ok

22:07:56.0792 1300 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys

22:07:56.0794 1300 SiSRaid4 - ok

22:07:56.0824 1300 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys

22:07:56.0824 1300 Smb - ok

22:07:56.0872 1300 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys

22:07:56.0873 1300 spldr - ok

22:07:56.0909 1300 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys

22:07:56.0935 1300 srv - ok

22:07:56.0966 1300 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys

22:07:56.0993 1300 srv2 - ok

22:07:57.0012 1300 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys

22:07:57.0026 1300 srvnet - ok

22:07:57.0072 1300 ssfmonm (bf04a08c401400bc0da199815182745e) C:\windows\system32\DRIVERS\ssfmonm.sys

22:07:57.0091 1300 ssfmonm - ok

22:07:57.0108 1300 sshrmd (af050b5f3ffb33d5ce6eade855eaa461) C:\windows\system32\DRIVERS\sshrmd.sys

22:07:57.0109 1300 sshrmd - ok

22:07:57.0146 1300 ssidrv (6121a6526080c60d73747987c0f6a050) C:\windows\system32\DRIVERS\ssidrv.sys

22:07:57.0150 1300 ssidrv - ok

22:07:57.0194 1300 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys

22:07:57.0195 1300 stexstor - ok

22:07:57.0244 1300 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys

22:07:57.0245 1300 StillCam - ok

22:07:57.0301 1300 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys

22:07:57.0302 1300 swenum - ok

22:07:57.0396 1300 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys

22:07:57.0400 1300 SynTP - ok

22:07:57.0512 1300 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys

22:07:57.0546 1300 Tcpip - ok

22:07:57.0628 1300 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys

22:07:57.0636 1300 TCPIP6 - ok

22:07:57.0688 1300 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys

22:07:57.0699 1300 tcpipreg - ok

22:07:57.0815 1300 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys

22:07:57.0816 1300 tdcmdpst - ok

22:07:57.0840 1300 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys

22:07:57.0841 1300 TDPIPE - ok

22:07:57.0863 1300 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys

22:07:57.0863 1300 TDTCP - ok

22:07:57.0903 1300 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys

22:07:57.0904 1300 tdx - ok

22:07:57.0929 1300 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys

22:07:57.0930 1300 TermDD - ok

22:07:57.0998 1300 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys

22:07:58.0003 1300 tos_sps32 - ok

22:07:58.0070 1300 TPkd (15fb67eb022a74b30e278d19b03da3b4) C:\windows\system32\drivers\TPkd.sys

22:07:58.0071 1300 TPkd - ok

22:07:58.0143 1300 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys

22:07:58.0144 1300 tssecsrv - ok

22:07:58.0195 1300 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys

22:07:58.0197 1300 tunnel - ok

22:07:58.0245 1300 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS

22:07:58.0246 1300 TVALZ - ok

22:07:58.0283 1300 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys

22:07:58.0284 1300 TVALZFL - ok

22:07:58.0311 1300 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys

22:07:58.0313 1300 uagp35 - ok

22:07:58.0353 1300 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys

22:07:58.0357 1300 udfs - ok

22:07:58.0383 1300 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys

22:07:58.0384 1300 uliagpkx - ok

22:07:58.0426 1300 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys

22:07:58.0427 1300 umbus - ok

22:07:58.0455 1300 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys

22:07:58.0456 1300 UmPass - ok

22:07:58.0554 1300 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys

22:07:58.0555 1300 USBAAPL - ok

22:07:58.0579 1300 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys

22:07:58.0580 1300 usbccgp - ok

22:07:58.0592 1300 USBCCID - ok

22:07:58.0623 1300 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys

22:07:58.0626 1300 usbcir - ok

22:07:58.0654 1300 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\DRIVERS\usbehci.sys

22:07:58.0656 1300 usbehci - ok

22:07:58.0687 1300 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys

22:07:58.0691 1300 usbhub - ok

22:07:58.0712 1300 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\DRIVERS\usbohci.sys

22:07:58.0714 1300 usbohci - ok

22:07:58.0745 1300 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys

22:07:58.0746 1300 usbprint - ok

22:07:58.0767 1300 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS

22:07:58.0768 1300 USBSTOR - ok

22:07:58.0798 1300 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys

22:07:58.0798 1300 usbuhci - ok

22:07:58.0840 1300 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys

22:07:58.0842 1300 usbvideo - ok

22:07:58.0886 1300 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys

22:07:58.0886 1300 vdrvroot - ok

22:07:58.0916 1300 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys

22:07:58.0916 1300 vga - ok

22:07:58.0977 1300 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys

22:07:58.0978 1300 VgaSave - ok

22:07:59.0021 1300 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys

22:07:59.0024 1300 vhdmp - ok

22:07:59.0052 1300 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys

22:07:59.0053 1300 viaagp - ok

22:07:59.0085 1300 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys

22:07:59.0086 1300 ViaC7 - ok

22:07:59.0107 1300 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys

22:07:59.0108 1300 viaide - ok

22:07:59.0141 1300 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys

22:07:59.0142 1300 volmgr - ok

22:07:59.0174 1300 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys

22:07:59.0177 1300 volmgrx - ok

22:07:59.0213 1300 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys

22:07:59.0216 1300 volsnap - ok

22:07:59.0265 1300 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys

22:07:59.0267 1300 vsmraid - ok

22:07:59.0302 1300 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys

22:07:59.0303 1300 vwifibus - ok

22:07:59.0340 1300 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys

22:07:59.0341 1300 vwififlt - ok

22:07:59.0370 1300 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys

22:07:59.0372 1300 WacomPen - ok

22:07:59.0502 1300 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

22:07:59.0503 1300 WANARP - ok

22:07:59.0510 1300 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

22:07:59.0511 1300 Wanarpv6 - ok

22:07:59.0591 1300 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys

22:07:59.0592 1300 Wd - ok

22:07:59.0639 1300 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys

22:07:59.0645 1300 Wdf01000 - ok

22:07:59.0773 1300 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys

22:07:59.0774 1300 WfpLwf - ok

22:07:59.0799 1300 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys

22:07:59.0800 1300 WIMMount - ok

22:07:59.0931 1300 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys

22:07:59.0932 1300 WinUsb - ok

22:07:59.0983 1300 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys

22:07:59.0983 1300 WmiAcpi - ok

22:08:00.0075 1300 WRkrn (22100fa2492aa1e57d59e63de14f7851) C:\windows\system32\drivers\WRkrn.sys

22:08:00.0077 1300 WRkrn - ok

22:08:00.0124 1300 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys

22:08:00.0125 1300 ws2ifsl - ok

22:08:00.0239 1300 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys

22:08:00.0240 1300 WSDPrintDevice - ok

22:08:00.0307 1300 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys

22:08:00.0310 1300 WudfPf - ok

22:08:00.0341 1300 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys

22:08:00.0344 1300 WUDFRd - ok

22:08:00.0390 1300 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

22:08:00.0404 1300 \Device\Harddisk0\DR0 - ok

22:08:00.0423 1300 Boot (0x1200) (5d23c7fb3ae2f4e4543dcf7c11664442) \Device\Harddisk0\DR0\Partition0

22:08:00.0424 1300 \Device\Harddisk0\DR0\Partition0 - ok

22:08:00.0425 1300 ============================================================

22:08:00.0425 1300 Scan finished

22:08:00.0425 1300 ============================================================

22:08:00.0438 1468 Detected object count: 2

22:08:00.0438 1468 Actual detected object count: 2

22:08:19.0023 1468 C:\windows\1487965348:1534283687.exe - copied to quarantine

22:08:19.0024 1468 a48cb058 ( HiddenFile.Multi.Generic ) - User select action: Quarantine

22:08:19.0109 1468 C:\windows\system32\Drivers\dfsc.sys - copied to quarantine

22:08:19.0109 1468 DfsC ( Rootkit.Win32.ZAccess.e ) - User select action: Quarantine

Link to post
Share on other sites

here is DSS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Leuticia at 20:57:06 on 2011-10-17

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1737 [GMT -5:00]

.

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\explorer.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k hpdevmgmt

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe

C:\Program Files\TOSHIBA\TECO\TEco.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\windows\system32\svchost.exe -k HPService

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\DllHost.exe

C:\windows\system32\taskeng.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\servicing\TrustedInstaller.exe

C:\windows\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uInternet Settings,ProxyOverride = *.local

uWinlogon: Shell=c:\users\leuticia\appdata\local\a48cb058\X

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - c:\programdata\wrdata\pkg\LPBar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - c:\programdata\wrdata\pkg\LPBar.dll

uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

uRun: [AdobeBridge]

mRun: [RtHDVCpl] "c:\program files\realtek\audio\hda\RtHDVCpl.exe"

mRun: [synTPEnh] "%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"

mRun: [TPwrMain] "%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"

mRun: [smoothView] "%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe"

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60

mRun: [TosWaitSrv] "%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe"

mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r

mRun: [smartFaceVWatcher] "%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe"

mRun: [TosSENotify] "c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe"

mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [<NO NAME>]

mRun: [WebrootTrayApp] "c:\program files\webroot\security\current\framework\WRTray.exe"

mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul

mRun: [switchBoard] "c:\program files\common files\adobe\switchboard\SwitchBoard.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [bestSpywareScanner.exe] c:\program files\best spyware scanner\BestSpywareScanner.exe

mRun: [bSSHelper.exe] c:\program files\best spyware scanner\BSSHelper.exe -0

dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000

IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mif5ba~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{6F2FE512-B952-45D1-BE75-B07A8C2B2713} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{6F2FE512-B952-45D1-BE75-B07A8C2B2713}\2375942554835333 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{6F2FE512-B952-45D1-BE75-B07A8C2B2713}\B456964786723702E4564777F627B6 : DhcpNameServer = 216.136.95.2 64.132.94.250

TCP: Interfaces\{6F2FE512-B952-45D1-BE75-B07A8C2B2713}\C416E646279702E4564777F627B6 : DhcpNameServer = 192.168.1.254

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: avgrsstx.dll

mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP

.

============= SERVICES / DRIVERS ===============

.

R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2011-8-24 106312]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-5 216400]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-5 29712]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-5 243152]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 ssfmonm;ssfmonm;c:\windows\system32\drivers\ssfmonm.sys [2011-4-27 45584]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-10-9 7680]

R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-9 24064]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-9 171520]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-19 249888]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe --> c:\windows\system32\atiesrxx.exe [?]

S2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-6-23 921952]

S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-23 308136]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-14 135664]

S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\toshiba\rselect\RSelSvc.exe [2009-7-7 62832]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]

S2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\toolbarupdaterservice.exe --> c:\program files\startnow toolbar\ToolbarUpdaterService.exe [?]

S2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\security\current\plugins\antimalware\AEI.exe [2011-4-27 3997912]

S2 WRConsumerService;Webroot Client Service;"c:\program files\webroot\security\current\framework\wrconsumerservice.exe" --> c:\program files\webroot\security\current\framework\WRConsumerService.exe [?]

S2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2011-8-24 599616]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-14 135664]

S3 RkHit;RkHit;c:\windows\system32\drivers\RKHit.sys [2011-10-17 29312]

S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2008-7-15 17920]

S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2008-7-15 60544]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-10-9 51512]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]

S3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-5 1343400]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]

.

=============== Created Last 30 ================

.

2011-10-18 01:44:57 48016 --sha-w- c:\windows\system32\c_92293.nl_

2011-10-18 01:43:32 -------- d-----w- C:\TDSSKiller_Quarantine

2011-10-17 19:03:58 29312 ----a-w- c:\windows\system32\drivers\RKHit.sys

2011-10-17 19:03:57 -------- d-----w- c:\program files\Best Spyware Scanner

2011-10-16 03:34:15 -------- d-----w- c:\windows\system32\SPReview

2011-10-15 13:54:30 -------- d-sh--w- c:\windows\system32\%APPDATA%

2011-10-15 00:51:36 -------- d--h--w- C:\$AVG

2011-10-15 00:37:54 -------- d-sh--w- c:\users\leuticia\appdata\local\a48cb058

2011-10-14 19:55:48 -------- d-----w- c:\users\leuticia\appdata\local\Cyberlink

2011-10-13 23:15:40 -------- d-----w- c:\program files\iPod

2011-10-13 23:15:38 -------- d-----w- c:\program files\iTunes

2011-10-13 23:01:34 -------- d-----w- c:\program files\Bonjour

2011-10-13 20:13:11 75776 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-13 20:13:10 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-13 20:13:09 204288 ----a-w- c:\windows\system32\MSNP.ax

2011-10-13 20:13:08 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-10-13 20:13:07 59904 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-10-13 20:13:03 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-13 20:13:02 233472 ----a-w- c:\windows\system32\oleacc.dll

2011-10-13 20:12:58 2332672 ----a-w- c:\windows\system32\win32k.sys

2011-10-01 21:51:31 -------- d-----w- c:\users\leuticia\appdata\local\lptmp12483

2011-09-29 08:02:40 -------- d-----w- C:\c694c16c08f7dec5d2bd383be81a40

2011-09-27 00:05:51 -------- d-----w- c:\program files\common files\Nikon

2011-09-26 23:53:52 -------- d-----w- c:\programdata\install_clap

2011-09-23 20:08:20 117507 ----a-w- c:\windows\system32\Msinet.ocx

2011-09-23 20:08:19 109248 ----a-w- c:\windows\system32\Mswinsck.ocx

2011-09-23 20:07:59 2267368 ----a-w- c:\windows\system32\Flash9d.ocx

2011-09-23 20:07:56 368912 ----a-w- c:\windows\system32\vbar332.dll

2011-09-23 20:07:09 -------- d-----w- C:\LogoSmartz Trial

2011-09-23 19:43:00 -------- d-----w- c:\users\leuticia\appdata\local\Configure

2011-09-23 19:42:50 -------- d-----w- c:\users\leuticia\appdata\local\Maker3D

2011-09-19 16:49:52 -------- d-----w- c:\program files\ADLSoft UnCompressor

2011-09-19 16:48:59 -------- d-----w- c:\program files\StartNow Toolbar

2011-09-19 16:40:19 -------- d-----w- c:\programdata\FileCure

2011-09-18 22:16:09 -------- d-----w- c:\users\leuticia\appdata\roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2011-09-18 22:09:33 -------- d-----w- c:\users\leuticia\appdata\roaming\com.adobe.DC3Module.AdobeADC

2011-09-18 20:02:49 -------- d-----w- c:\program files\common files\PX Storage Engine

.

==================== Find3M ====================

.

2011-10-18 01:44:39 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-10-14 16:52:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 01:41:22 140760 ----a-w- c:\windows\system32\WRusr.dll

2011-10-10 01:41:22 106312 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2011-09-10 18:08:14 1409 ----a-w- c:\windows\QTFont.for

2011-08-31 04:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 04:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll

.

============= FINISH: 20:58:00.12 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.