Jump to content

Malware Bytes being disabled by ViruS


Zhil

Recommended Posts

Hi,

I think I have recieved the virus which is known as 'Katusha.A'. My AVG picked it up a few days ago. Since then I am having issues with my browsers redirecting to other websites and I am worried about my identification etc.

I have installed Malware Bytes several times. I run the scan, and after a few seconds the program just shuts down. This occurs with all anti-virus/malware software I have tried, whenever I run a scan, the program is shutdown (I have tried loads!).

When I go back into Malware Bytes, "Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item". I found this thread: http://forums.malwarebytes.org/index.php?showtopic=93691 and followed the instructions that they recieved as I appear to be having the same problems. Here are the request logs:

TDSS LOG

18:45:50.0579 2472	TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
18:45:51.0125 2472 ============================================================
18:45:51.0125 2472 Current date / time: 2011/10/18 18:45:51.0125
18:45:51.0125 2472 SystemInfo:
18:45:51.0125 2472
18:45:51.0125 2472 OS Version: 6.0.6002 ServicePack: 2.0
18:45:51.0125 2472 Product type: Workstation
18:45:51.0125 2472 ComputerName: GEORGE-PC
18:45:51.0125 2472 UserName: George
18:45:51.0125 2472 Windows directory: C:\Windows
18:45:51.0125 2472 System windows directory: C:\Windows
18:45:51.0125 2472 Processor architecture: Intel x86
18:45:51.0125 2472 Number of processors: 4
18:45:51.0125 2472 Page size: 0x1000
18:45:51.0125 2472 Boot type: Normal boot
18:45:51.0125 2472 ============================================================
18:45:51.0593 2472 Initialize success
18:45:56.0102 4676 ============================================================
18:45:56.0102 4676 Scan started
18:45:56.0102 4676 Mode: Manual;
18:45:56.0102 4676 ============================================================
18:45:57.0241 4676 652dd031 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\835726693:2597466062.exe
18:45:57.0241 4676 Suspicious file (Hidden): C:\Windows\835726693:2597466062.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
18:45:57.0241 4676 652dd031 ( HiddenFile.Multi.Generic ) - warning
18:45:57.0241 4676 652dd031 - detected HiddenFile.Multi.Generic (1)
18:45:57.0365 4676 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:45:57.0365 4676 ACPI - ok
18:45:57.0709 4676 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:45:57.0771 4676 adp94xx - ok
18:45:58.0177 4676 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:45:58.0192 4676 adpahci - ok
18:45:58.0691 4676 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:45:58.0691 4676 adpu160m - ok
18:45:59.0003 4676 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:45:59.0003 4676 adpu320 - ok
18:45:59.0206 4676 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:45:59.0211 4676 AFD - ok
18:45:59.0446 4676 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:45:59.0456 4676 agp440 - ok
18:45:59.0596 4676 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:45:59.0596 4676 aic78xx - ok
18:45:59.0866 4676 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:45:59.0876 4676 aliide - ok
18:46:00.0140 4676 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:46:00.0156 4676 amdagp - ok
18:46:00.0328 4676 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:46:00.0328 4676 amdide - ok
18:46:00.0593 4676 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:46:00.0608 4676 AmdK7 - ok
18:46:00.0718 4676 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:46:00.0733 4676 AmdK8 - ok
18:46:01.0014 4676 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:46:01.0030 4676 arc - ok
18:46:01.0310 4676 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:46:01.0326 4676 arcsas - ok
18:46:01.0685 4676 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:46:01.0685 4676 AsyncMac - ok
18:46:01.0872 4676 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:46:01.0872 4676 atapi - ok
18:46:02.0215 4676 AVGIDSDriver (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:46:02.0231 4676 AVGIDSDriver - ok
18:46:02.0387 4676 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:46:02.0387 4676 AVGIDSEH - ok
18:46:02.0668 4676 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:46:02.0668 4676 AVGIDSFilter - ok
18:46:03.0042 4676 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
18:46:03.0042 4676 AVGIDSShim - ok
18:46:03.0260 4676 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
18:46:03.0276 4676 Avgldx86 - ok
18:46:03.0760 4676 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
18:46:03.0760 4676 Avgmfx86 - ok
18:46:04.0040 4676 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
18:46:04.0040 4676 Avgrkx86 - ok
18:46:04.0415 4676 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
18:46:04.0415 4676 Avgtdix - ok
18:46:04.0602 4676 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:46:04.0602 4676 Beep - ok
18:46:04.0945 4676 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:46:04.0961 4676 blbdrive - ok
18:46:05.0351 4676 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:46:05.0382 4676 bowser - ok
18:46:05.0647 4676 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:46:05.0647 4676 BrFiltLo - ok
18:46:06.0178 4676 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:46:06.0178 4676 BrFiltUp - ok
18:46:06.0380 4676 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:46:06.0396 4676 Brserid - ok
18:46:07.0114 4676 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:46:07.0114 4676 BrSerWdm - ok
18:46:07.0192 4676 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:46:07.0192 4676 BrUsbMdm - ok
18:46:07.0207 4676 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:46:07.0223 4676 BrUsbSer - ok
18:46:07.0238 4676 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:46:07.0238 4676 BTHMODEM - ok
18:46:07.0270 4676 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:46:07.0270 4676 cdfs - ok
18:46:07.0301 4676 cdrom (fc82563c0ca71dbee491d9b8e7242685) C:\Windows\system32\DRIVERS\cdrom.sys
18:46:07.0301 4676 Suspicious file (Forged): C:\Windows\system32\DRIVERS\cdrom.sys. Real md5: fc82563c0ca71dbee491d9b8e7242685, Fake md5: 6b4bffb9becd728097024276430db314
18:46:07.0301 4676 cdrom ( Rootkit.Win32.ZAccess.g ) - infected
18:46:07.0301 4676 cdrom - detected Rootkit.Win32.ZAccess.g (0)
18:46:07.0332 4676 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:46:07.0332 4676 circlass - ok
18:46:07.0379 4676 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:46:07.0379 4676 CLFS - ok
18:46:07.0410 4676 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:46:07.0410 4676 cmdide - ok
18:46:07.0441 4676 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
18:46:07.0441 4676 Compbatt - ok
18:46:07.0550 4676 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
18:46:07.0550 4676 cpuz135 - ok
18:46:07.0582 4676 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:46:07.0582 4676 crcdisk - ok
18:46:07.0628 4676 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:46:07.0628 4676 Crusoe - ok
18:46:07.0706 4676 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:46:07.0706 4676 DfsC - ok
18:46:07.0784 4676 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:46:07.0784 4676 disk - ok
18:46:07.0862 4676 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:46:07.0862 4676 drmkaud - ok
18:46:07.0925 4676 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:46:07.0925 4676 dtsoftbus01 - ok
18:46:08.0034 4676 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:46:08.0034 4676 DXGKrnl - ok
18:46:08.0159 4676 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:46:08.0174 4676 E1G60 - ok
18:46:08.0190 4676 EagleXNt - ok
18:46:08.0268 4676 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:46:08.0284 4676 Ecache - ok
18:46:08.0330 4676 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:46:08.0330 4676 elxstor - ok
18:46:08.0362 4676 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:46:08.0362 4676 ErrDev - ok
18:46:08.0424 4676 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:46:08.0424 4676 exfat - ok
18:46:08.0486 4676 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:46:08.0486 4676 fastfat - ok
18:46:08.0518 4676 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:46:08.0518 4676 fdc - ok
18:46:08.0564 4676 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:46:08.0564 4676 FileInfo - ok
18:46:08.0627 4676 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:46:08.0642 4676 Filetrace - ok
18:46:08.0674 4676 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:46:08.0674 4676 flpydisk - ok
18:46:08.0720 4676 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:46:08.0720 4676 FltMgr - ok
18:46:08.0798 4676 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
18:46:08.0798 4676 fssfltr - ok
18:46:08.0845 4676 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:46:08.0845 4676 Fs_Rec - ok
18:46:08.0876 4676 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:46:08.0876 4676 gagp30kx - ok
18:46:08.0923 4676 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:46:08.0923 4676 HdAudAddService - ok
18:46:08.0970 4676 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:46:08.0970 4676 HDAudBus - ok
18:46:09.0017 4676 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:46:09.0017 4676 HidBth - ok
18:46:09.0032 4676 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:46:09.0032 4676 HidIr - ok
18:46:09.0079 4676 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:46:09.0095 4676 HidUsb - ok
18:46:09.0126 4676 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:46:09.0126 4676 HpCISSs - ok
18:46:09.0188 4676 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:46:09.0204 4676 HTTP - ok
18:46:09.0220 4676 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:46:09.0220 4676 i2omp - ok
18:46:09.0235 4676 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:46:09.0235 4676 i8042prt - ok
18:46:09.0266 4676 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:46:09.0282 4676 iaStorV - ok
18:46:09.0313 4676 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:46:09.0313 4676 iirsp - ok
18:46:09.0344 4676 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:46:09.0360 4676 intelide - ok
18:46:09.0376 4676 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:46:09.0391 4676 intelppm - ok
18:46:09.0422 4676 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:46:09.0422 4676 IpFilterDriver - ok
18:46:09.0438 4676 IpInIp - ok
18:46:09.0469 4676 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:46:09.0469 4676 IPMIDRV - ok
18:46:09.0500 4676 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:46:09.0500 4676 IPNAT - ok
18:46:09.0532 4676 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:46:09.0532 4676 IRENUM - ok
18:46:09.0563 4676 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:46:09.0563 4676 isapnp - ok
18:46:09.0610 4676 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:46:09.0610 4676 iScsiPrt - ok
18:46:09.0656 4676 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:46:09.0656 4676 iteatapi - ok
18:46:09.0688 4676 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:46:09.0688 4676 iteraid - ok
18:46:09.0719 4676 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:46:09.0719 4676 kbdclass - ok
18:46:09.0797 4676 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:46:09.0797 4676 kbdhid - ok
18:46:09.0859 4676 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:46:09.0875 4676 KSecDD - ok
18:46:09.0922 4676 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:46:09.0937 4676 lltdio - ok
18:46:09.0968 4676 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:46:09.0984 4676 LSI_FC - ok
18:46:10.0000 4676 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:46:10.0000 4676 LSI_SAS - ok
18:46:10.0015 4676 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:46:10.0031 4676 LSI_SCSI - ok
18:46:10.0046 4676 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:46:10.0046 4676 luafv - ok
18:46:10.0062 4676 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
18:46:10.0078 4676 mcdbus - ok
18:46:10.0093 4676 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:46:10.0093 4676 megasas - ok
18:46:10.0124 4676 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:46:10.0124 4676 MegaSR - ok
18:46:10.0156 4676 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:46:10.0156 4676 Modem - ok
18:46:10.0187 4676 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:46:10.0187 4676 monitor - ok
18:46:10.0202 4676 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:46:10.0202 4676 mouclass - ok
18:46:10.0218 4676 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:46:10.0218 4676 mouhid - ok
18:46:10.0234 4676 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:46:10.0234 4676 MountMgr - ok
18:46:10.0249 4676 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:46:10.0249 4676 mpio - ok
18:46:10.0280 4676 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:46:10.0280 4676 mpsdrv - ok
18:46:10.0312 4676 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:46:10.0312 4676 Mraid35x - ok
18:46:10.0327 4676 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:46:10.0343 4676 MRxDAV - ok
18:46:10.0390 4676 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:46:10.0390 4676 mrxsmb - ok
18:46:10.0452 4676 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:46:10.0452 4676 mrxsmb10 - ok
18:46:10.0483 4676 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:46:10.0483 4676 mrxsmb20 - ok
18:46:10.0514 4676 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
18:46:10.0514 4676 msahci - ok
18:46:10.0546 4676 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:46:10.0546 4676 msdsm - ok
18:46:10.0592 4676 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:46:10.0592 4676 Msfs - ok
18:46:10.0608 4676 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:46:10.0608 4676 msisadrv - ok
18:46:10.0702 4676 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:46:10.0717 4676 MSKSSRV - ok
18:46:10.0748 4676 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:46:10.0748 4676 MSPCLOCK - ok
18:46:10.0764 4676 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:46:10.0764 4676 MSPQM - ok
18:46:10.0826 4676 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:46:10.0826 4676 MsRPC - ok
18:46:10.0858 4676 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:46:10.0858 4676 mssmbios - ok
18:46:10.0951 4676 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:46:10.0967 4676 MSTEE - ok
18:46:10.0982 4676 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:46:10.0982 4676 Mup - ok
18:46:11.0045 4676 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:46:11.0045 4676 NativeWifiP - ok
18:46:11.0107 4676 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:46:11.0107 4676 NDIS - ok
18:46:11.0123 4676 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:46:11.0123 4676 NdisTapi - ok
18:46:11.0154 4676 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:46:11.0154 4676 Ndisuio - ok
18:46:11.0170 4676 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:46:11.0170 4676 NdisWan - ok
18:46:11.0185 4676 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:46:11.0185 4676 NDProxy - ok
18:46:11.0201 4676 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:46:11.0201 4676 NetBIOS - ok
18:46:11.0232 4676 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:46:11.0232 4676 netbt - ok
18:46:11.0294 4676 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:46:11.0294 4676 nfrd960 - ok
18:46:11.0326 4676 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:46:11.0326 4676 Npfs - ok
18:46:11.0341 4676 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:46:11.0341 4676 nsiproxy - ok
18:46:11.0404 4676 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:46:11.0419 4676 Ntfs - ok
18:46:11.0435 4676 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:46:11.0450 4676 ntrigdigi - ok
18:46:11.0482 4676 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
18:46:11.0482 4676 NuidFltr - ok
18:46:11.0482 4676 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:46:11.0482 4676 Null - ok
18:46:11.0544 4676 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
18:46:11.0544 4676 NVENETFD - ok
18:46:12.0480 4676 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:46:12.0698 4676 nvlddmkm - ok
18:46:12.0886 4676 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
18:46:12.0886 4676 NVNET - ok
18:46:12.0932 4676 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:46:12.0948 4676 nvraid - ok
18:46:12.0979 4676 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:46:12.0979 4676 nvstor - ok
18:46:13.0042 4676 nvstor32 (8ee374b6fb3cb2bb8d70395218b464a5) C:\Windows\system32\DRIVERS\nvstor32.sys
18:46:13.0042 4676 nvstor32 - ok
18:46:13.0073 4676 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:46:13.0073 4676 nv_agp - ok
18:46:13.0073 4676 NwlnkFlt - ok
18:46:13.0088 4676 NwlnkFwd - ok
18:46:13.0135 4676 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:46:13.0151 4676 ohci1394 - ok
18:46:13.0213 4676 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
18:46:13.0229 4676 Parport - ok
18:46:13.0260 4676 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:46:13.0276 4676 partmgr - ok
18:46:13.0291 4676 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
18:46:13.0291 4676 Parvdm - ok
18:46:13.0322 4676 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:46:13.0322 4676 pci - ok
18:46:13.0338 4676 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
18:46:13.0338 4676 pciide - ok
18:46:13.0354 4676 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:46:13.0369 4676 pcmcia - ok
18:46:13.0400 4676 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:46:13.0416 4676 PEAUTH - ok
18:46:13.0494 4676 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:46:13.0510 4676 PptpMiniport - ok
18:46:13.0556 4676 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
18:46:13.0556 4676 Processor - ok
18:46:13.0603 4676 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:46:13.0619 4676 PSched - ok
18:46:13.0775 4676 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:46:13.0822 4676 ql2300 - ok
18:46:13.0853 4676 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:46:13.0853 4676 ql40xx - ok
18:46:13.0915 4676 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:46:13.0915 4676 QWAVEdrv - ok
18:46:14.0040 4676 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:46:14.0040 4676 RasAcd - ok
18:46:14.0087 4676 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:46:14.0087 4676 Rasl2tp - ok
18:46:14.0180 4676 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:46:14.0180 4676 RasPppoe - ok
18:46:14.0212 4676 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:46:14.0227 4676 RasSstp - ok
18:46:14.0258 4676 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:46:14.0274 4676 rdbss - ok
18:46:14.0290 4676 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:46:14.0290 4676 RDPCDD - ok
18:46:14.0321 4676 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:46:14.0321 4676 rdpdr - ok
18:46:14.0336 4676 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:46:14.0336 4676 RDPENCDD - ok
18:46:14.0383 4676 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:46:14.0383 4676 RDPWD - ok
18:46:14.0461 4676 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:46:14.0477 4676 rspndr - ok
18:46:14.0586 4676 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:46:14.0586 4676 SASDIFSV - ok
18:46:14.0617 4676 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:46:14.0617 4676 SASKUTIL - ok
18:46:14.0648 4676 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:46:14.0648 4676 sbp2port - ok
18:46:14.0711 4676 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:46:14.0726 4676 secdrv - ok
18:46:14.0773 4676 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
18:46:14.0789 4676 Serenum - ok
18:46:14.0804 4676 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
18:46:14.0820 4676 Serial - ok
18:46:14.0836 4676 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:46:14.0851 4676 sermouse - ok
18:46:14.0929 4676 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:46:14.0929 4676 sffdisk - ok
18:46:14.0945 4676 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:46:14.0945 4676 sffp_mmc - ok
18:46:14.0960 4676 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:46:14.0960 4676 sffp_sd - ok
18:46:14.0992 4676 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:46:14.0992 4676 sfloppy - ok
18:46:15.0038 4676 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:46:15.0038 4676 sisagp - ok
18:46:15.0054 4676 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:46:15.0054 4676 SiSRaid2 - ok
18:46:15.0101 4676 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:46:15.0101 4676 SiSRaid4 - ok
18:46:15.0132 4676 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:46:15.0132 4676 Smb - ok
18:46:15.0163 4676 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:46:15.0179 4676 spldr - ok
18:46:15.0226 4676 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:46:15.0241 4676 srv - ok
18:46:15.0335 4676 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:46:15.0350 4676 srv2 - ok
18:46:15.0382 4676 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:46:15.0397 4676 srvnet - ok
18:46:15.0444 4676 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:46:15.0444 4676 swenum - ok
18:46:15.0506 4676 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:46:15.0506 4676 Symc8xx - ok
18:46:15.0553 4676 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:46:15.0553 4676 Sym_hi - ok
18:46:15.0569 4676 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:46:15.0569 4676 Sym_u3 - ok
18:46:15.0850 4676 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
18:46:15.0865 4676 Tcpip - ok
18:46:15.0896 4676 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
18:46:15.0896 4676 Tcpip6 - ok
18:46:15.0959 4676 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:46:15.0959 4676 tcpipreg - ok
18:46:15.0990 4676 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:46:15.0990 4676 TDPIPE - ok
18:46:16.0006 4676 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:46:16.0021 4676 TDTCP - ok
18:46:16.0037 4676 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:46:16.0037 4676 tdx - ok
18:46:16.0068 4676 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:46:16.0068 4676 TermDD - ok
18:46:16.0115 4676 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:46:16.0130 4676 tssecsrv - ok
18:46:16.0146 4676 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:46:16.0146 4676 tunmp - ok
18:46:16.0162 4676 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
18:46:16.0162 4676 tunnel - ok
18:46:16.0177 4676 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:46:16.0193 4676 uagp35 - ok
18:46:16.0208 4676 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:46:16.0224 4676 udfs - ok
18:46:16.0349 4676 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:46:16.0364 4676 uliagpkx - ok
18:46:16.0396 4676 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:46:16.0411 4676 uliahci - ok
18:46:16.0442 4676 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:46:16.0442 4676 UlSata - ok
18:46:16.0474 4676 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:46:16.0474 4676 ulsata2 - ok
18:46:16.0505 4676 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:46:16.0520 4676 umbus - ok
18:46:16.0614 4676 USBADVAU (659fd4da8580d2b9620a9ebc48120060) C:\Windows\system32\drivers\cm112.sys
18:46:16.0661 4676 USBADVAU - ok
18:46:16.0692 4676 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
18:46:16.0708 4676 usbaudio - ok
18:46:16.0739 4676 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:46:16.0754 4676 usbccgp - ok
18:46:16.0786 4676 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:46:16.0786 4676 usbcir - ok
18:46:16.0832 4676 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:46:16.0832 4676 usbehci - ok
18:46:16.0879 4676 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:46:16.0879 4676 usbhub - ok
18:46:16.0926 4676 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
18:46:16.0926 4676 usbohci - ok
18:46:16.0957 4676 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
18:46:16.0957 4676 usbprint - ok
18:46:16.0988 4676 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:46:16.0988 4676 USBSTOR - ok
18:46:17.0035 4676 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:46:17.0051 4676 usbuhci - ok
18:46:17.0082 4676 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
18:46:17.0082 4676 VClone - ok
18:46:17.0113 4676 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:46:17.0129 4676 vga - ok
18:46:17.0160 4676 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:46:17.0160 4676 VgaSave - ok
18:46:17.0191 4676 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:46:17.0191 4676 viaagp - ok
18:46:17.0207 4676 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:46:17.0222 4676 ViaC7 - ok
18:46:17.0316 4676 VIAHdAudAddService (4b1c025d194bbb41b1d7e86b54d88dc1) C:\Windows\system32\drivers\viahduaa.sys
18:46:17.0332 4676 VIAHdAudAddService - ok
18:46:17.0363 4676 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:46:17.0363 4676 viaide - ok
18:46:17.0394 4676 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:46:17.0394 4676 volmgr - ok
18:46:17.0441 4676 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:46:17.0441 4676 volmgrx - ok
18:46:17.0488 4676 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:46:17.0503 4676 volsnap - ok
18:46:17.0519 4676 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:46:17.0534 4676 vsmraid - ok
18:46:17.0566 4676 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:46:17.0566 4676 WacomPen - ok
18:46:17.0597 4676 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:46:17.0597 4676 Wanarp - ok
18:46:17.0597 4676 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:46:17.0612 4676 Wanarpv6 - ok
18:46:17.0644 4676 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:46:17.0659 4676 Wd - ok
18:46:17.0706 4676 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:46:17.0706 4676 Wdf01000 - ok
18:46:17.0800 4676 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
18:46:17.0800 4676 WmiAcpi - ok
18:46:17.0831 4676 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:46:17.0831 4676 ws2ifsl - ok
18:46:17.0878 4676 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:46:17.0878 4676 WUDFRd - ok
18:46:17.0924 4676 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:46:17.0971 4676 \Device\Harddisk0\DR0 - ok
18:46:17.0987 4676 Boot (0x1200) (410e5632d962c46f21ebc78d229f3893) \Device\Harddisk0\DR0\Partition0
18:46:18.0002 4676 \Device\Harddisk0\DR0\Partition0 - ok
18:46:18.0002 4676 ============================================================
18:46:18.0002 4676 Scan finished
18:46:18.0002 4676 ============================================================
18:46:18.0018 4668 Detected object count: 2
18:46:18.0018 4668 Actual detected object count: 2
18:46:38.0438 4668 HKLM\SYSTEM\ControlSet002\services\652dd031 - will be deleted on reboot
18:46:38.0501 4668 HKLM\SYSTEM\ControlSet003\services\652dd031 - will be deleted on reboot
18:46:38.0532 4668 C:\Windows\835726693:2597466062.exe - will be deleted on reboot
18:46:38.0532 4668 652dd031 ( HiddenFile.Multi.Generic ) - User select action: Delete
18:46:38.0938 4668 Backup copy found, using it..
18:46:38.0953 4668 C:\Windows\system32\DRIVERS\cdrom.sys - will be cured on reboot
18:46:38.0953 4668 cdrom ( Rootkit.Win32.ZAccess.g ) - User select action: Cure
18:46:42.0900 4844 Deinitialize success

DDS LOG

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_22
Run by George at 18:55:51 on 2011-10-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3071.1518 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\835726693:2597466062.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\George\Local Settings\Apps\F.lux\flux.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
"C:\Windows\system32\svchost.exe"
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\George\Downloads\mbam-setup-1.51.2.1300.exe
C:\Users\George\AppData\Local\Temp\is-DS235.tmp\mbam-setup-1.51.2.1300.tmp
C:\Users\George\Downloads\mbam-setup-1.51.2.1300.exe
C:\Users\George\AppData\Local\Temp\is-K5A57.tmp\mbam-setup-1.51.2.1300.tmp
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Malwarebytes' Anti-Malware2\mbam.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mystart.incredimail.com/mb59?u=92541448427544069
uDefault_Page_URL = hxxp://www.uk.maxiwe.com
mStart Page = hxxp://www.uk.maxiwe.com
mDefault_Page_URL = hxxp://www.uk.maxiwe.com
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: Reganam Toolbar: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - c:\program files\reganam\tbRega.dll
uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfir.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Reganam Toolbar: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - c:\program files\reganam\tbRega.dll
mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfir.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfir.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Reganam Toolbar: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - c:\program files\reganam\tbRega.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: Reganam Toolbar: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - c:\program files\reganam\tbRega.dll
TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfir.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
uRun: [ASRockOCTuner]
uRun: [ASRockIES]
uRun: [zASRockInstantBoot]
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [F.lux] "c:\users\george\local settings\apps\f.lux\flux.exe" /noshow
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
mRun: [VIAAUD] c:\program files\via\viaudioi\vdeck\VIAAUD.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [VolPanel] "c:\program files\creative\sb x-fi mb\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [RunDLLEntry] c:\windows\system32\rundll32.exe c:\windows\system32\AmbRunE.dll,RunDLLEntry
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Cm112Sound] RunDll32 cm112.cpl,CMICtrlWnd
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware2\mbamgui.exe /install /silent
dRunOnce: [DeleteEngineAfterUpdate] reg DELETE HKCU\Software\AppDataLow\Software\ConduitEngine /f
StartupFolder: c:\users\george\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ventrilo.lnk - c:\program files\ventrilo\Ventrilo.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BDBAA1F0-9851-4D2C-9D2B-2248EA2F0C62} : DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\george\appdata\roaming\mozilla\firefox\profiles\tpeznbr9.default\
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff7.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\onlive\plugin\npolgdet.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\thrixxx\weblaunch\binaries\npWebLaunch.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg10\Firefox4
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: AVG Security Toolbar em:version=7.007.026.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared
FF - Ext: User Agent Switcher: {e968fc70-8f95-4ab9-9e79-304de2a71ee1} - %profile%\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
FF - Ext: wmlbrowser: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} - %profile%\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-10-18 21992]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-10-18 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-10-16 369256]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-30 218688]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-11-23 1108480]
S2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\teamviewer_service.exe --> c:\program files\teamviewer\version6\TeamViewer_Service.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-12 1025352]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2010-11-23 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2010-11-23 79360]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-21 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\common files\creative labs shared\service\XMBLicensing.exe [2010-11-23 79360]
S3 USBADVAU;USB Advance Audio Interface;c:\windows\system32\drivers\cm112.sys [2011-1-18 1313792]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-10-18 17:47:58 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2d5836f6-dcfa-4c99-99d9-14b0c0df5dd1}\offreg.dll
2011-10-18 17:47:49 48016 --sha-w- c:\windows\system32\c_21144.nl_
2011-10-18 17:45:31 1559856 ----a-w- C:\TDSSKiller.exe
2011-10-18 17:45:30 -------- d-----w- C:\folder
2011-10-18 17:42:19 -------- d-----w- c:\users\george\appdata\local\{35A01542-2C1E-49EB-B6C5-AA2AFA805AA9}
2011-10-18 17:41:57 -------- d-----w- c:\users\george\appdata\local\{E624136B-62F0-4D7E-8BA7-984845486906}
2011-10-18 16:45:02 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-18 16:44:26 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-18 16:44:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2
2011-10-18 16:43:23 -------- d-----w- c:\users\george\appdata\roaming\SUPERAntiSpyware.com
2011-10-18 16:42:35 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-10-18 16:42:35 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-18 16:33:15 -------- d-----w- c:\users\george\DoctorWeb
2011-10-18 16:23:35 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-10-18 16:23:29 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2d5836f6-dcfa-4c99-99d9-14b0c0df5dd1}\mpengine.dll
2011-10-18 16:23:27 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-18 16:21:13 -------- d-----w- c:\users\george\appdata\local\{583FC39B-0F47-47F9-A88F-02ACEF4DCEC9}
2011-10-18 15:29:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-18 15:29:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-18 15:03:39 -------- d-----w- c:\users\george\appdata\local\{55C6CC08-1756-4F00-90C5-26C6EC58ECBF}
2011-10-18 03:59:13 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-10-18 03:59:13 -------- d-----w- c:\program files\CPUID
2011-10-18 02:57:36 -------- d-----w- c:\users\george\appdata\local\{F9EBC37F-E935-4E12-97DB-14B6AD9609F7}
2011-10-18 02:57:15 -------- d-----w- c:\users\george\appdata\local\{2A0DCBC5-2897-42B2-A459-2C19B212F74F}
2011-10-17 15:48:52 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-10-17 15:43:48 -------- d-sh--w- c:\users\george\appdata\local\652dd031
2011-10-17 15:29:20 -------- d-----w- c:\users\george\appdata\local\{B5E5AD9B-656F-419F-950F-880E15E9842F}
2011-10-17 15:28:58 -------- d-----w- c:\users\george\appdata\local\{ED8C46AA-62CA-4B6E-93F8-55142BC8F67D}
2011-10-16 15:00:33 -------- d-----w- c:\users\george\appdata\local\{39245AC5-BAA8-4555-ABFD-3C721A3703B4}
2011-10-16 15:00:18 -------- d-----w- c:\users\george\appdata\local\{D25CE2C7-2933-474B-BA78-6038C85D3216}
2011-10-16 01:20:21 -------- d-----w- c:\users\george\appdata\local\{3E01F26B-3B50-4009-BBB4-6C1BA518DB86}
2011-10-14 15:43:51 -------- d-----w- c:\users\george\appdata\local\{F8AC7D74-DA70-44E3-996B-7501FD81F95F}
2011-10-14 15:43:33 -------- d-----w- c:\users\george\appdata\local\{1B0A258A-8796-443C-BA34-C4DE8FBD45EF}
2011-10-14 09:43:07 -------- d-----w- c:\users\george\appdata\local\{8B2B4FE9-1C1C-480B-AB1A-C3D62C9F7F74}
2011-10-14 09:42:56 -------- d-----w- c:\users\george\appdata\local\{5E72B264-8DDE-48B8-9E1C-D3FC8015B89F}
2011-10-14 01:44:31 -------- d-----w- c:\users\george\appdata\local\{54079BA4-B829-4BD6-989A-3D4074CAF0B5}
2011-10-14 01:44:19 -------- d-----w- c:\users\george\appdata\local\{FA837D14-6BF6-4581-A0CE-F99F47313B97}
2011-10-13 14:46:26 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 14:46:26 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 14:46:26 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-13 14:46:26 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 14:38:57 -------- d-----w- c:\users\george\appdata\local\{30D4142F-C632-445A-82BF-4198702E83E5}
2011-10-13 14:38:46 -------- d-----w- c:\users\george\appdata\local\{96EC68AF-D77F-44DE-A649-BAD444F85844}
2011-10-12 20:27:31 -------- d-----w- c:\users\george\appdata\local\{AE579C57-F203-44C8-8B28-973A972841E0}
2011-10-12 20:27:21 -------- d-----w- c:\users\george\appdata\local\{2487A974-3C6C-4240-ADDD-C8D816DD121B}
2011-10-12 16:03:56 -------- d-----w- c:\users\george\appdata\local\{0452E3A0-7430-4632-B365-E81692F77BEF}
2011-10-12 16:03:37 -------- d-----w- c:\users\george\appdata\local\{2926A0DE-1FE7-4DDA-844B-DA08FA7A7117}
2011-10-12 02:34:37 -------- d-----w- c:\users\george\appdata\local\{999BA7B6-3D9C-4E1A-93CE-AA162C61173F}
2011-10-12 02:34:23 -------- d-----w- c:\users\george\appdata\local\{1461E5C4-21D3-4F1A-B5AF-6550E683B2DF}
2011-10-11 19:12:36 -------- d-----w- c:\users\george\appdata\local\{8E5DD901-8D2F-40F4-97CC-B3C08F051EDC}
2011-10-11 19:11:59 -------- d-----w- c:\users\george\appdata\local\{FB34A169-C800-4FFF-B249-F18648214CA0}
2011-10-11 16:30:14 -------- d-----w- c:\users\george\appdata\local\{BF0A88E6-60E3-4297-A684-5870FB6F1FD2}
2011-10-11 16:30:04 -------- d-----w- c:\users\george\appdata\local\{A536AA50-DC87-4FA1-99C9-8BC3606C57E5}
2011-10-10 15:48:09 -------- d-----w- c:\users\george\appdata\local\{7B744C84-FE8D-4030-8A9D-0A5211B0B021}
2011-10-10 15:47:56 -------- d-----w- c:\users\george\appdata\local\{4EB868A5-4EFA-434D-86CD-14C048ACCE51}
2011-10-09 17:46:23 -------- d-----w- c:\users\george\appdata\local\{0DA9F51B-9F5A-40DB-8166-183548394642}
2011-10-09 17:46:11 -------- d-----w- c:\users\george\appdata\local\{F092163F-FB58-4DE3-9563-C494C3162954}
2011-10-09 13:15:23 -------- d-----w- c:\users\george\appdata\local\{3DD6AE1E-831A-40B9-88AA-1DC75EE3F613}
2011-10-09 13:15:11 -------- d-----w- c:\users\george\appdata\local\{88258AF9-66BC-495D-A1F7-138F93E295D9}
2011-10-08 02:37:32 -------- d-----w- c:\users\george\appdata\local\{F24C1133-339C-4C4B-8A28-9EE65430690C}
2011-10-07 12:58:05 -------- d-----w- c:\users\george\appdata\local\{C1ABE624-2E65-42A6-8FBC-C42E0ACF260E}
2011-10-07 00:24:34 -------- d-----w- c:\users\george\appdata\local\{EA8CA8BC-EDC4-426D-81CB-B9D7ECE29DEB}
2011-10-07 00:24:15 -------- d-----w- c:\users\george\appdata\local\{E118A4AD-C0DC-45DB-823B-AA7FFBDF7ED6}
2011-10-06 17:31:12 -------- d-----w- c:\users\george\appdata\local\{874B1D7A-8EC6-450F-A339-76F1723CD878}
2011-10-06 17:30:46 -------- d-----w- c:\users\george\appdata\local\{35B6B403-5ADE-4687-8F9F-6AE026F1399F}
2011-10-06 13:25:25 -------- d-----w- c:\users\george\appdata\local\{48FE8231-DCBA-467B-8138-2A206161CD32}
2011-10-05 23:02:04 -------- d-----w- C:\StarCraft II
2011-10-05 21:24:33 -------- d-----w- c:\users\george\appdata\local\{CEFA05F0-947E-4224-B86A-B83C1B9764B7}
2011-10-05 11:30:27 -------- d-----w- c:\users\george\appdata\local\{03022E15-8610-4857-A0D9-D70DB8683380}
2011-10-05 07:35:17 -------- d-----w- c:\users\george\appdata\local\{0D5E155F-861A-42A6-90A0-2E558EDC5F63}
2011-10-05 07:35:03 -------- d-----w- c:\users\george\appdata\local\{8794D375-06CB-44F3-AA36-0F5327A18B9E}
2011-10-04 17:50:48 -------- d-----w- c:\users\george\appdata\local\{1A6B840A-6BD3-4623-BF5C-24A212A7B2FF}
2011-10-02 22:45:48 -------- d-----w- c:\users\george\appdata\local\{B25A98A4-26C7-4359-B5FA-828FD627E8AB}
2011-10-02 18:25:02 -------- d-----w- c:\users\george\appdata\local\{DEC150F7-06EF-449E-B7BD-A812F9D8BEB8}
2011-10-02 14:49:14 -------- d-----w- c:\users\george\appdata\local\{94856C51-015E-4078-9B6A-51A9C7DE54B2}
2011-10-01 13:25:43 -------- d-----w- c:\users\george\appdata\local\{5ABC9F4F-546C-4D7A-B485-D5F724C52235}
2011-09-30 17:21:32 -------- d-----w- c:\users\george\appdata\local\{DC95D608-A953-4D28-B3F3-9867D2C34135}
2011-09-29 16:07:15 -------- d-----w- c:\users\george\appdata\local\{5A117BE4-BE02-48FF-B0EA-569CA12FCC39}
2011-09-29 13:05:13 -------- d-----w- c:\users\george\appdata\local\{D04DB61A-867F-451E-BB4B-88CDA3C1E620}
2011-09-28 23:04:25 -------- d-----w- c:\users\george\appdata\local\{68316493-A5D1-47A9-A79A-209A8DBF75B5}
2011-09-28 23:04:17 -------- d-----w- c:\users\george\appdata\local\{5E474EC0-EFA0-447C-9473-23FDE9F70CF7}
2011-09-28 11:12:28 -------- d-----w- c:\users\george\appdata\local\{6F87AA10-90AC-44E0-98BF-9F363378F214}
2011-09-28 11:12:20 -------- d-----w- c:\users\george\appdata\local\{1B9C18AB-88AD-4CE1-B61E-C7195AC42E39}
2011-09-27 11:20:35 -------- d-----w- c:\users\george\appdata\local\{D7ED256F-F6C2-4696-B5D7-1E8465B69A0D}
2011-09-27 11:18:27 -------- d-----w- c:\users\george\appdata\local\{F10E5790-4614-45E4-9CD4-89FB34C463AD}
2011-09-26 13:30:15 -------- d-----w- c:\users\george\appdata\local\{FF838BC2-427A-41B6-92F7-FB18E1749D90}
2011-09-26 13:28:07 -------- d-----w- c:\users\george\appdata\local\{DF520321-B6B6-4CFC-B701-A8149DC31CE9}
2011-09-26 02:15:52 -------- d-----w- c:\users\george\appdata\roaming\OnLive App
2011-09-26 02:15:35 -------- d-----w- c:\program files\OnLive
2011-09-25 14:20:40 -------- d-----w- c:\users\george\appdata\local\{9DF5D2AF-65AB-4227-9E98-AFE02794DFA6}
2011-09-25 14:18:33 -------- d-----w- c:\users\george\appdata\local\{53AC13BB-67EF-4682-98BD-0C69E7025319}
2011-09-24 13:59:51 -------- d-----w- c:\users\george\appdata\local\{8319A040-7702-496E-AA87-FDA417399414}
2011-09-24 13:59:41 -------- d-----w- c:\users\george\appdata\local\{49195EE9-6F89-4F5F-974B-E22F9A89234A}
2011-09-24 01:43:50 -------- d-----w- c:\users\george\appdata\local\{4EB1D3DF-3927-46E6-8134-E1B1183B7C29}
2011-09-24 01:43:43 -------- d-----w- c:\users\george\appdata\local\{04EBF9DE-A26E-4E87-8FE2-D444771CE8F8}
2011-09-23 14:55:42 -------- d-----w- c:\users\george\appdata\local\{5D9162E8-7722-4284-9269-3333C5C8501B}
2011-09-22 14:44:22 -------- d-----w- c:\users\george\appdata\local\{7AE6C65C-A37E-49B5-8D58-30614DE748DD}
2011-09-22 14:44:14 -------- d-----w- c:\users\george\appdata\local\{4B2B0E18-F75A-405C-8E9E-C77292465EB7}
2011-09-21 14:03:02 -------- d-----w- c:\users\george\appdata\local\{0B175096-E6AD-4477-9B70-C4854946CB40}
2011-09-21 14:02:53 -------- d-----w- c:\users\george\appdata\local\{F24B46C7-9FD6-4378-8611-44C725BB4611}
.
==================== Find3M ====================
.
2011-10-18 17:47:38 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-03 20:01:19 53248 ----a-w- c:\windows\system32\unrar.dll
2011-08-26 22:21:30 42392 ----a-w- c:\windows\system32\xfcodec.dll
2011-08-02 01:43:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-29 16:01:34 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-07-29 16:01:33 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-07-29 16:00:14 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-07-29 16:00:05 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
.
============= FINISH: 18:56:32.02 ===============

Any help would be much appreciated, I really don't want to have to format because of some damned virus. :(

Kind regards,

George

Link to post
Share on other sites

  • Staff

Hello and welcome to Malwarebytes.

Don't use code tags please.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.