Jump to content

MBAM will not run

RenoNV

By RenoNV
in Resolved Malware Removal Logs

 Share

Recommended Posts

RenoNV

RenoNV

Posted
Posted

Hello, I had MBAM installed and has run before. Now it won't run. I can install MBAM, but it will not launch. I have XP OP sys. I have tried all of the FAQ and I am still stuck. I have not seen any symptoms other than MBAM not running and DDS will not run. I don't use this comp for email or any online login so I don't know if it has been compromised. I have used another online antivirus group and we have not been able to fix this. I was directed to you specially. I cannot give you a DDS log. I can post a hjkThis. it did run. Please help. YThank you. RenoNV.

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

:welcome:

Print out these instructions as we may need to close every window that is open later in the fix.

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

Do not reboot your computer after running rkill as the malware programs will start again.

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 5 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Admin

You only need to get one of them to run, not all of them.

  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. WiNlOgOn.exe
  5. uSeRiNiT.exe

Do not reboot your computer after running rkill as the malware programs will start again.

Next:

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    MBAM.PNG
  • When the scan is complete, click OK, then Show Results to view the results.
  • mbam1.png
  • Then click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste". .

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

Thank you for your reply. I ran rkill and I am pasting the result here. I ran the mbam-setup-1.51.2.1300.exe file and setup completed and checked the two boxes at the end and mbam did not launch. Thank you for helpping. I am not sure if this symptom is related? Screen flickering. I figured it was a graphics card going bad and I installed the lasted release and now it came back -- I am not sure. Blocks of background change to one backgrond color and screen blinking and cpu resources don't allow me to do very much other than shutdown.

This log file is located at H:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Rkill was run on 10/30/2011 at 20:26:15.

Operating System: Microsoft Windows XP

Processes terminated by Rkill or while it was running:

H:\WINDOWS\Explorer.EXE

H:\WINDOWS\System32\rundll32.exe

H:\WINDOWS\System32\runonce.exe

Rkill completed on 10/30/2011 at 20:26:20.

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Please do the following to see if it resolves the issue: Post back and let us know please


  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here

    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

I originally sought the help of bleeping computer and they could not determine if it was an install problem or virus, they then instructed me to seek you all. Thank you.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:05:36 PM, on 10/22/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:24:54 AM, on 10/31/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\Program Files\Creative\Shared Files\CTAudSvc.exe

H:\Program Files\SUPERAntiSpyware\SASCORE.EXE

H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe

H:\WINDOWS\system32\CTsvcCDA.exe

H:\Program Files\Java\jre6\bin\jqs.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\Explorer.EXE

H:\Program Files\Analog Devices\Core\smax4pnp.exe

H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe

H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

H:\WINDOWS\system32\ctfmon.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMAXPnP] H:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AVP] "H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] H:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll

O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{452F1CDD-20B7-49A9-9B97-F42EC5E0BD34}: NameServer = 192.168.0.1,0.0.0.0

O20 - Winlogon Notify: !SASWinLogon - H:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - H:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - H:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - H:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - H:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe

--

End of file - 6097 bytes

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

I was recovering from a nasty rootkit virus in win2k and when I installed XP on a REVOdrive board it selected h: without me paying attention. I was so far into installing applications I went forward and hadn't seen a problem. I now wish I had gone and redone it. I have considered reinstalling, but this is more or less a work computer and reinstalling my workspace is consuming. I have started to move to Linux, unfortunately this is my next step away from all of this mess. I still appreciate your help and would like to get this solved. RenoNV

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

I thought I had seen a rootkit message somewhere during testing. Are you familar with ASWMBR? look at this log

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software

Run date: 2011-10-31 14:53:01

-----------------------------

14:53:01.156 OS Version: Windows 5.1.2600 Service Pack 3

14:53:01.156 Number of processors: 2 586 0x170A

14:53:01.156 ComputerName: FTL18 UserName: Admin

14:53:04.156 Initialize success

14:53:10.750 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\Si3124r51Port4Path0Target10Lun0

14:53:10.750 Disk 0 Vendor: SiImage_ 0000 Size: 228963MB BusType: 8

14:53:10.750 Device \Driver\usbstor -> DriverStartIo USBSTOR.SYS b83d9f26

14:53:14.750 Disk 1 MBR read successfully

14:53:14.750 Disk 1 MBR scan

14:53:14.750 Disk 1 Windows XP default MBR code

14:53:14.750 Disk 1 MBR hidden

14:53:14.750 Disk 1 scanning H:\WINDOWS\system32\drivers

14:53:26.921 Service scanning

14:53:34.234 Service KL1 H:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5

14:53:34.234 Service kl2 H:\WINDOWS\system32\DRIVERS\kl2.sys **LOCKED** 5

14:53:34.234 Service klim5 H:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5

14:53:34.234 Service klmouflt H:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5

14:53:34.781 Modules scanning

14:53:36.109 Disk 1 trace - called modules:

14:53:36.109 ntkrnlpa.exe CLASSPNP.SYS disk.sys hal.dll

14:53:36.109 1 nt!IofCallDriver -> \Device\Harddisk1\DR2[0x88e16ab8]

14:53:36.109 Scan finished successfully

14:54:05.812 Disk 1 MBR has been saved successfully to "H:\Documents and Settings\Admin\Desktop\MBR.dat"

14:54:05.812 The log file has been saved successfully to "H:\Documents and Settings\Admin\Desktop\aswMBR.txt"

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Yes the default is C:

That looks OK, but I normally run TDSSKiller or combofix

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

new logs. Goored first. I bought anew graphics card to see if that is causing my flickering. I will have that done tonight. Other than that the only thing is MBAM will not run. ---> Still does not run. Thank You.

GooredFix by jpshortstuff (03.07.10.1)

Log created at 15:32 on 31/10/2011 (Admin)

Firefox version [unable to determine]

========== GooredScan ==========

========== GooredLog ==========

H:\Program Files\Mozilla Firefox\extensions\

(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [20:11 21/09/2011]

"jqs@sun.com"="H:\Program Files\Java\jre6\lib\deploy\jqs\ff" [13:11 26/08/2011]

"linkfilter@kaspersky.ru"="H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru" [03:54 27/10/2011]

"virtualKeyboard@kaspersky.ru"="H:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru" [03:54 27/10/2011]

-=E.O.F=-

15:34:00.0937 1120 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01

15:34:01.0500 1120 ============================================================

15:34:01.0500 1120 Current date / time: 2011/10/31 15:34:01.0500

15:34:01.0500 1120 SystemInfo:

15:34:01.0500 1120

15:34:01.0500 1120 OS Version: 5.1.2600 ServicePack: 3.0

15:34:01.0500 1120 Product type: Workstation

15:34:01.0500 1120 ComputerName: FTL18

15:34:01.0500 1120 UserName: Admin

15:34:01.0500 1120 Windows directory: H:\WINDOWS

15:34:01.0500 1120 System windows directory: H:\WINDOWS

15:34:01.0500 1120 Processor architecture: Intel x86

15:34:01.0500 1120 Number of processors: 2

15:34:01.0500 1120 Page size: 0x1000

15:34:01.0500 1120 Boot type: Normal boot

15:34:01.0500 1120 ============================================================

15:34:06.0265 1120 Initialize success

15:34:13.0640 2384 ============================================================

15:34:13.0640 2384 Scan started

15:34:13.0640 2384 Mode: Manual;

15:34:13.0640 2384 ============================================================

15:34:17.0390 2384 Abiosdsk - ok

15:34:17.0625 2384 abp480n5 - ok

15:34:17.0812 2384 ACPI (8fd99680a539792a30e97944fdaecf17) H:\WINDOWS\system32\DRIVERS\ACPI.sys

15:34:17.0828 2384 ACPI - ok

15:34:18.0218 2384 ACPIEC (9859c0f6936e723e4892d7141b1327d5) H:\WINDOWS\system32\drivers\ACPIEC.sys

15:34:18.0218 2384 ACPIEC - ok

15:34:18.0812 2384 ADIDILDR (8419e0f25c96eb993c48429976e0eaa4) H:\WINDOWS\system32\drivers\ADIDILDR.SYS

15:34:18.0812 2384 ADIDILDR - ok

15:34:19.0656 2384 ADIHdAudAddService (f277c43c2e0672eed28cca0d13ce175f) H:\WINDOWS\system32\drivers\ADIHdAud.sys

15:34:19.0843 2384 ADIHdAudAddService - ok

15:34:20.0046 2384 adpu160m - ok

15:34:20.0750 2384 AEAudio (fff87a9b1ab36ee4b7bec98a4cb01b79) H:\WINDOWS\system32\drivers\AEAudio.sys

15:34:20.0843 2384 AEAudio - ok

15:34:21.0046 2384 aec (8bed39e3c35d6a489438b8141717a557) H:\WINDOWS\system32\drivers\aec.sys

15:34:21.0046 2384 aec - ok

15:34:21.0046 2384 AFD (355556d9e580915118cd7ef736653a89) H:\WINDOWS\System32\drivers\afd.sys

15:34:21.0046 2384 AFD - ok

15:34:21.0046 2384 Aha154x - ok

15:34:21.0062 2384 aic78u2 - ok

15:34:21.0062 2384 aic78xx - ok

15:34:21.0062 2384 AliIde - ok

15:34:21.0078 2384 AmbFilt (f2d902f7f5973026571d20c3641c195d) H:\WINDOWS\system32\drivers\Ambfilt.sys

15:34:21.0093 2384 AmbFilt - ok

15:34:21.0093 2384 amsint - ok

15:34:21.0093 2384 Arp1394 (b5b8a80875c1dededa8b02765642c32f) H:\WINDOWS\system32\DRIVERS\arp1394.sys

15:34:21.0093 2384 Arp1394 - ok

15:34:21.0109 2384 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) H:\WINDOWS\system32\drivers\ASAPIW2k.sys

15:34:21.0109 2384 ASAPIW2k - ok

15:34:21.0109 2384 asc - ok

15:34:21.0109 2384 asc3350p - ok

15:34:21.0109 2384 asc3550 - ok

15:34:21.0125 2384 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) H:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:34:21.0125 2384 AsyncMac - ok

15:34:21.0125 2384 atapi (9f3a2f5aa6875c72bf062c712cfa2674) H:\WINDOWS\system32\DRIVERS\atapi.sys

15:34:21.0125 2384 atapi - ok

15:34:21.0125 2384 Atdisk - ok

15:34:21.0140 2384 Atmarpc (9916c1225104ba14794209cfa8012159) H:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:34:21.0140 2384 Atmarpc - ok

15:34:21.0140 2384 audstub (d9f724aa26c010a217c97606b160ed68) H:\WINDOWS\system32\DRIVERS\audstub.sys

15:34:21.0140 2384 audstub - ok

15:34:21.0140 2384 Beep (da1f27d85e0d1525f6621372e7b685e9) H:\WINDOWS\system32\drivers\Beep.sys

15:34:21.0140 2384 Beep - ok

15:34:21.0156 2384 catchme - ok

15:34:21.0156 2384 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) H:\WINDOWS\system32\drivers\cbidf2k.sys

15:34:21.0156 2384 cbidf2k - ok

15:34:21.0156 2384 cd20xrnt - ok

15:34:21.0156 2384 Cdaudio (c1b486a7658353d33a10cc15211a873b) H:\WINDOWS\system32\drivers\Cdaudio.sys

15:34:21.0156 2384 Cdaudio - ok

15:34:21.0171 2384 Cdfs (c885b02847f5d2fd45a24e219ed93b32) H:\WINDOWS\system32\drivers\Cdfs.sys

15:34:21.0171 2384 Cdfs - ok

15:34:21.0171 2384 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) H:\WINDOWS\system32\DRIVERS\cdrom.sys

15:34:21.0171 2384 Cdrom - ok

15:34:21.0171 2384 Changer - ok

15:34:21.0187 2384 CmdIde - ok

15:34:21.0187 2384 Cpqarray - ok

15:34:21.0187 2384 cpuz129 - ok

15:34:21.0187 2384 dac2w2k - ok

15:34:21.0203 2384 dac960nt - ok

15:34:21.0203 2384 Disk (044452051f3e02e7963599fc8f4f3e25) H:\WINDOWS\system32\DRIVERS\disk.sys

15:34:21.0203 2384 Disk - ok

15:34:21.0218 2384 dmboot (d992fe1274bde0f84ad826acae022a41) H:\WINDOWS\system32\drivers\dmboot.sys

15:34:21.0218 2384 dmboot - ok

15:34:21.0218 2384 dmio (7c824cf7bbde77d95c08005717a95f6f) H:\WINDOWS\system32\drivers\dmio.sys

15:34:21.0218 2384 dmio - ok

15:34:21.0234 2384 dmload (e9317282a63ca4d188c0df5e09c6ac5f) H:\WINDOWS\system32\drivers\dmload.sys

15:34:21.0234 2384 dmload - ok

15:34:21.0234 2384 DMusic (8a208dfcf89792a484e76c40e5f50b45) H:\WINDOWS\system32\drivers\DMusic.sys

15:34:21.0234 2384 DMusic - ok

15:34:21.0234 2384 dpti2o - ok

15:34:21.0250 2384 DriverX (5418c3432fa9c4ebc477cd4dddccd704) H:\WINDOWS\System32\Drivers\driverx.sys

15:34:21.0250 2384 DriverX - ok

15:34:21.0250 2384 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) H:\WINDOWS\system32\drivers\drmkaud.sys

15:34:21.0250 2384 drmkaud - ok

15:34:21.0250 2384 DRVXUSB (1218c753fbd3d30a8218968946e0d44a) H:\WINDOWS\system32\drivers\DRVXUSB.SYS

15:34:21.0265 2384 DRVXUSB - ok

15:34:21.0265 2384 DS1410D - ok

15:34:21.0265 2384 EZUSB (3501a9554b5c584a102b2c66f95916dc) H:\WINDOWS\system32\Drivers\ezusb.sys

15:34:21.0265 2384 EZUSB - ok

15:34:21.0281 2384 Fastfat (38d332a6d56af32635675f132548343e) H:\WINDOWS\system32\drivers\Fastfat.sys

15:34:21.0281 2384 Fastfat - ok

15:34:21.0281 2384 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) H:\WINDOWS\system32\DRIVERS\fdc.sys

15:34:21.0281 2384 Fdc - ok

15:34:21.0281 2384 Fips (d45926117eb9fa946a6af572fbe1caa3) H:\WINDOWS\system32\drivers\Fips.sys

15:34:21.0281 2384 Fips - ok

15:34:21.0296 2384 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) H:\WINDOWS\system32\DRIVERS\flpydisk.sys

15:34:21.0296 2384 Flpydisk - ok

15:34:21.0296 2384 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) H:\WINDOWS\system32\DRIVERS\fltMgr.sys

15:34:21.0296 2384 FltMgr - ok

15:34:21.0296 2384 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) H:\WINDOWS\system32\drivers\Fs_Rec.sys

15:34:21.0296 2384 Fs_Rec - ok

15:34:21.0312 2384 Ftdisk (6ac26732762483366c3969c9e4d2259d) H:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:34:21.0312 2384 Ftdisk - ok

15:34:21.0312 2384 giveio (77ebf3e9386daa51551af429052d88d0) H:\WINDOWS\system32\giveio.sys

15:34:21.0312 2384 giveio - ok

15:34:21.0312 2384 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) H:\WINDOWS\system32\DRIVERS\msgpc.sys

15:34:21.0312 2384 Gpc - ok

15:34:21.0328 2384 HDAudBus (573c7d0a32852b48f3058cfd8026f511) H:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:34:21.0328 2384 HDAudBus - ok

15:34:21.0328 2384 hidusb (ccf82c5ec8a7326c3066de870c06daf1) H:\WINDOWS\system32\DRIVERS\hidusb.sys

15:34:21.0328 2384 hidusb - ok

15:34:21.0328 2384 hpn - ok

15:34:21.0343 2384 HTTP (f80a415ef82cd06ffaf0d971528ead38) H:\WINDOWS\system32\Drivers\HTTP.sys

15:34:21.0343 2384 HTTP - ok

15:34:21.0343 2384 i2omgmt - ok

15:34:21.0343 2384 i2omp - ok

15:34:21.0359 2384 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) H:\WINDOWS\system32\DRIVERS\i8042prt.sys

15:34:21.0359 2384 i8042prt - ok

15:34:21.0359 2384 Imapi (083a052659f5310dd8b6a6cb05edcf8e) H:\WINDOWS\system32\DRIVERS\imapi.sys

15:34:21.0359 2384 Imapi - ok

15:34:21.0359 2384 ini910u - ok

15:34:21.0359 2384 IntelIde - ok

15:34:21.0375 2384 intelppm (8c953733d8f36eb2133f5bb58808b66b) H:\WINDOWS\system32\DRIVERS\intelppm.sys

15:34:21.0375 2384 intelppm - ok

15:34:21.0375 2384 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) H:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

15:34:21.0375 2384 Ip6Fw - ok

15:34:21.0375 2384 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) H:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:34:21.0375 2384 IpFilterDriver - ok

15:34:21.0390 2384 IpInIp (b87ab476dcf76e72010632b5550955f5) H:\WINDOWS\system32\DRIVERS\ipinip.sys

15:34:21.0390 2384 IpInIp - ok

15:34:21.0390 2384 IpNat (cc748ea12c6effde940ee98098bf96bb) H:\WINDOWS\system32\DRIVERS\ipnat.sys

15:34:21.0390 2384 IpNat - ok

15:34:21.0390 2384 IPSec (23c74d75e36e7158768dd63d92789a91) H:\WINDOWS\system32\DRIVERS\ipsec.sys

15:34:21.0390 2384 IPSec - ok

15:34:21.0406 2384 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) H:\WINDOWS\system32\DRIVERS\irenum.sys

15:34:21.0406 2384 IRENUM - ok

15:34:21.0406 2384 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) H:\WINDOWS\system32\DRIVERS\isapnp.sys

15:34:21.0406 2384 isapnp - ok

15:34:21.0406 2384 Kbdclass (463c1ec80cd17420a542b7f36a36f128) H:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:34:21.0406 2384 Kbdclass - ok

15:34:21.0406 2384 KL1 (186b54479d98e48aee0e9ada4b3c4d31) H:\WINDOWS\system32\DRIVERS\kl1.sys

15:34:21.0421 2384 KL1 - ok

15:34:21.0421 2384 kl2 (bf485bfba13c0ab116701fd9c55324d0) H:\WINDOWS\system32\DRIVERS\kl2.sys

15:34:21.0421 2384 kl2 - ok

15:34:21.0421 2384 KLIF (5d92a03045a6a98708975b3d77b39a36) H:\WINDOWS\system32\DRIVERS\klif.sys

15:34:21.0437 2384 KLIF - ok

15:34:21.0437 2384 klim5 (96a7ec308a93da26dfe481308baac2a2) H:\WINDOWS\system32\DRIVERS\klim5.sys

15:34:21.0437 2384 klim5 - ok

15:34:21.0437 2384 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) H:\WINDOWS\system32\DRIVERS\klmouflt.sys

15:34:21.0437 2384 klmouflt - ok

15:34:21.0437 2384 kmixer (692bcf44383d056aed41b045a323d378) H:\WINDOWS\system32\drivers\kmixer.sys

15:34:21.0453 2384 kmixer - ok

15:34:21.0453 2384 KSecDD (b467646c54cc746128904e1654c750c1) H:\WINDOWS\system32\drivers\KSecDD.sys

15:34:21.0453 2384 KSecDD - ok

15:34:21.0453 2384 lbrtfdc - ok

15:34:21.0468 2384 MarvinBus (1ff75994bab460c9b809260dba779cfd) H:\WINDOWS\system32\DRIVERS\MarvinBus.sys

15:34:21.0468 2384 MarvinBus - ok

15:34:21.0468 2384 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) H:\WINDOWS\system32\drivers\mnmdd.sys

15:34:21.0468 2384 mnmdd - ok

15:34:21.0468 2384 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) H:\WINDOWS\system32\drivers\Modem.sys

15:34:21.0468 2384 Modem - ok

15:34:21.0468 2384 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) H:\WINDOWS\system32\DRIVERS\mouclass.sys

15:34:21.0484 2384 Mouclass - ok

15:34:21.0484 2384 mouhid (b1c303e17fb9d46e87a98e4ba6769685) H:\WINDOWS\system32\DRIVERS\mouhid.sys

15:34:21.0484 2384 mouhid - ok

15:34:21.0484 2384 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) H:\WINDOWS\system32\drivers\MountMgr.sys

15:34:21.0484 2384 MountMgr - ok

15:34:21.0484 2384 mraid35x - ok

15:34:21.0500 2384 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) H:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:34:21.0500 2384 MRxDAV - ok

15:34:21.0500 2384 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) H:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:34:21.0500 2384 MRxSmb - ok

15:34:21.0515 2384 Msfs (c941ea2454ba8350021d774daf0f1027) H:\WINDOWS\system32\drivers\Msfs.sys

15:34:21.0515 2384 Msfs - ok

15:34:21.0515 2384 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) H:\WINDOWS\system32\drivers\MSKSSRV.sys

15:34:21.0515 2384 MSKSSRV - ok

15:34:21.0515 2384 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) H:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:34:21.0515 2384 MSPCLOCK - ok

15:34:21.0531 2384 MSPQM (bad59648ba099da4a17680b39730cb3d) H:\WINDOWS\system32\drivers\MSPQM.sys

15:34:21.0531 2384 MSPQM - ok

15:34:21.0531 2384 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) H:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:34:21.0531 2384 mssmbios - ok

15:34:21.0531 2384 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) H:\WINDOWS\system32\DRIVERS\ASACPI.sys

15:34:21.0531 2384 MTsensor - ok

15:34:21.0531 2384 Mup (de6a75f5c270e756c5508d94b6cf68f5) H:\WINDOWS\system32\drivers\Mup.sys

15:34:21.0546 2384 Mup - ok

15:34:21.0546 2384 mv61xx (e6f48050af7548e4bf775f0d83873794) H:\WINDOWS\system32\DRIVERS\mv61xx.sys

15:34:21.0546 2384 mv61xx - ok

15:34:21.0546 2384 NDIS (1df7f42665c94b825322fae71721130d) H:\WINDOWS\system32\drivers\NDIS.sys

15:34:21.0546 2384 NDIS - ok

15:34:21.0562 2384 NdisTapi (0109c4f3850dfbab279542515386ae22) H:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:34:21.0562 2384 NdisTapi - ok

15:34:21.0562 2384 Ndisuio (f927a4434c5028758a842943ef1a3849) H:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:34:21.0562 2384 Ndisuio - ok

15:34:21.0562 2384 NdisWan (edc1531a49c80614b2cfda43ca8659ab) H:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:34:21.0562 2384 NdisWan - ok

15:34:21.0562 2384 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) H:\WINDOWS\system32\drivers\NDProxy.sys

15:34:21.0578 2384 NDProxy - ok

15:34:21.0578 2384 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) H:\WINDOWS\system32\DRIVERS\netbios.sys

15:34:21.0578 2384 NetBIOS - ok

15:34:21.0578 2384 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) H:\WINDOWS\system32\DRIVERS\netbt.sys

15:34:21.0578 2384 NetBT - ok

15:34:21.0593 2384 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) H:\WINDOWS\system32\DRIVERS\nic1394.sys

15:34:21.0593 2384 NIC1394 - ok

15:34:21.0593 2384 Npfs (3182d64ae053d6fb034f44b6def8034a) H:\WINDOWS\system32\drivers\Npfs.sys

15:34:21.0593 2384 Npfs - ok

15:34:21.0593 2384 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) H:\WINDOWS\system32\drivers\Ntfs.sys

15:34:21.0609 2384 Ntfs - ok

15:34:21.0609 2384 Null (73c1e1f395918bc2c6dd67af7591a3ad) H:\WINDOWS\system32\drivers\Null.sys

15:34:21.0609 2384 Null - ok

15:34:21.0703 2384 nv (4b54dcd6adee535df80f07c59ddd8f14) H:\WINDOWS\system32\DRIVERS\nv4_mini.sys

15:34:21.0812 2384 nv - ok

15:34:21.0828 2384 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) H:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:34:21.0828 2384 NwlnkFlt - ok

15:34:21.0828 2384 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) H:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:34:21.0828 2384 NwlnkFwd - ok

15:34:21.0828 2384 ohci1394 (ca33832df41afb202ee7aeb05145922f) H:\WINDOWS\system32\DRIVERS\ohci1394.sys

15:34:21.0828 2384 ohci1394 - ok

15:34:21.0828 2384 Parport (5575faf8f97ce5e713d108c2a58d7c7c) H:\WINDOWS\system32\drivers\Parport.sys

15:34:21.0843 2384 Parport - ok

15:34:21.0843 2384 PartMgr (beb3ba25197665d82ec7065b724171c6) H:\WINDOWS\system32\drivers\PartMgr.sys

15:34:21.0843 2384 PartMgr - ok

15:34:21.0843 2384 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) H:\WINDOWS\system32\drivers\ParVdm.sys

15:34:21.0843 2384 ParVdm - ok

15:34:21.0843 2384 PCI (a219903ccf74233761d92bef471a07b1) H:\WINDOWS\system32\DRIVERS\pci.sys

15:34:21.0843 2384 PCI - ok

15:34:21.0859 2384 PCIDump - ok

15:34:21.0859 2384 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) H:\WINDOWS\system32\DRIVERS\pciide.sys

15:34:21.0859 2384 PCIIde - ok

15:34:21.0859 2384 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) H:\WINDOWS\system32\drivers\pclepci.sys

15:34:21.0859 2384 PCLEPCI - ok

15:34:21.0859 2384 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) H:\WINDOWS\system32\drivers\Pcmcia.sys

15:34:21.0875 2384 Pcmcia - ok

15:34:21.0875 2384 PDCOMP - ok

15:34:21.0875 2384 PDFRAME - ok

15:34:21.0875 2384 PDRELI - ok

15:34:21.0875 2384 PDRFRAME - ok

15:34:21.0890 2384 perc2 - ok

15:34:21.0890 2384 perc2hib - ok

15:34:21.0890 2384 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) H:\WINDOWS\system32\DRIVERS\raspptp.sys

15:34:21.0890 2384 PptpMiniport - ok

15:34:21.0906 2384 PSched (09298ec810b07e5d582cb3a3f9255424) H:\WINDOWS\system32\DRIVERS\psched.sys

15:34:21.0906 2384 PSched - ok

15:34:21.0906 2384 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) H:\WINDOWS\system32\DRIVERS\ptilink.sys

15:34:21.0906 2384 Ptilink - ok

15:34:21.0906 2384 ql1080 - ok

15:34:21.0921 2384 Ql10wnt - ok

15:34:21.0921 2384 ql12160 - ok

15:34:21.0921 2384 ql1240 - ok

15:34:21.0921 2384 ql1280 - ok

15:34:21.0937 2384 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) H:\WINDOWS\system32\DRIVERS\rasacd.sys

15:34:21.0937 2384 RasAcd - ok

15:34:21.0937 2384 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) H:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:34:21.0937 2384 Rasl2tp - ok

15:34:21.0937 2384 RasPppoe (5bc962f2654137c9909c3d4603587dee) H:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:34:21.0937 2384 RasPppoe - ok

15:34:21.0953 2384 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) H:\WINDOWS\system32\DRIVERS\raspti.sys

15:34:21.0953 2384 Raspti - ok

15:34:21.0953 2384 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) H:\WINDOWS\system32\DRIVERS\rdbss.sys

15:34:21.0953 2384 Rdbss - ok

15:34:21.0953 2384 RDPCDD (4912d5b403614ce99c28420f75353332) H:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:34:21.0953 2384 RDPCDD - ok

15:34:21.0968 2384 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) H:\WINDOWS\system32\drivers\RDPWD.sys

15:34:21.0968 2384 RDPWD - ok

15:34:21.0968 2384 redbook (f828dd7e1419b6653894a8f97a0094c5) H:\WINDOWS\system32\DRIVERS\redbook.sys

15:34:21.0968 2384 redbook - ok

15:34:21.0968 2384 rtl8139 (d507c1400284176573224903819ffda3) H:\WINDOWS\system32\DRIVERS\RTL8139.SYS

15:34:21.0968 2384 rtl8139 - ok

15:34:21.0984 2384 SASDIFSV (39763504067962108505bff25f024345) H:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

15:34:21.0984 2384 SASDIFSV - ok

15:34:21.0984 2384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) H:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

15:34:21.0984 2384 SASKUTIL - ok

15:34:21.0984 2384 Secdrv (90a3935d05b494a5a39d37e71f09a677) H:\WINDOWS\system32\DRIVERS\secdrv.sys

15:34:21.0984 2384 Secdrv - ok

15:34:22.0000 2384 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) H:\WINDOWS\system32\drivers\Serial.sys

15:34:22.0000 2384 Serial - ok

15:34:22.0000 2384 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) H:\WINDOWS\system32\drivers\Sfloppy.sys

15:34:22.0000 2384 Sfloppy - ok

15:34:22.0000 2384 Si3124r5 (7d0b4d3a5fd85f13160946db7b43f387) H:\WINDOWS\system32\drivers\Si3124r5.sys

15:34:22.0000 2384 Si3124r5 - ok

15:34:22.0015 2384 SiFilter (5a1838089b6dec7b3d76705f18af7460) H:\WINDOWS\system32\DRIVERS\SiWinAcc.sys

15:34:22.0015 2384 SiFilter - ok

15:34:22.0015 2384 Simbad - ok

15:34:22.0015 2384 SiRemFil (2c2f19869c51d3e3acaad65d9e098890) H:\WINDOWS\system32\drivers\SiRemFil.sys

15:34:22.0015 2384 SiRemFil - ok

15:34:22.0031 2384 SiWinAcc (5a1838089b6dec7b3d76705f18af7460) H:\WINDOWS\system32\drivers\SiWinAcc.sys

15:34:22.0031 2384 SiWinAcc - ok

15:34:22.0031 2384 Sparrow - ok

15:34:22.0031 2384 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) H:\WINDOWS\system32\speedfan.sys

15:34:22.0031 2384 speedfan - ok

15:34:22.0031 2384 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) H:\WINDOWS\system32\drivers\splitter.sys

15:34:22.0031 2384 splitter - ok

15:34:22.0046 2384 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) H:\WINDOWS\system32\DRIVERS\sr.sys

15:34:22.0046 2384 sr - ok

15:34:22.0046 2384 Srv (47ddfc2f003f7f9f0592c6874962a2e7) H:\WINDOWS\system32\DRIVERS\srv.sys

15:34:22.0046 2384 Srv - ok

15:34:22.0062 2384 swenum (3941d127aef12e93addf6fe6ee027e0f) H:\WINDOWS\system32\DRIVERS\swenum.sys

15:34:22.0062 2384 swenum - ok

15:34:22.0062 2384 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) H:\WINDOWS\system32\drivers\swmidi.sys

15:34:22.0062 2384 swmidi - ok

15:34:22.0062 2384 symc810 - ok

15:34:22.0078 2384 symc8xx - ok

15:34:22.0078 2384 sym_hi - ok

15:34:22.0078 2384 sym_u3 - ok

15:34:22.0078 2384 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) H:\WINDOWS\system32\drivers\sysaudio.sys

15:34:22.0093 2384 sysaudio - ok

15:34:22.0093 2384 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) H:\WINDOWS\system32\DRIVERS\tcpip.sys

15:34:22.0093 2384 Tcpip - ok

15:34:22.0093 2384 TDPIPE (6471a66807f5e104e4885f5b67349397) H:\WINDOWS\system32\drivers\TDPIPE.sys

15:34:22.0093 2384 TDPIPE - ok

15:34:22.0109 2384 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) H:\WINDOWS\system32\drivers\TDTCP.sys

15:34:22.0109 2384 TDTCP - ok

15:34:22.0109 2384 TermDD (88155247177638048422893737429d9e) H:\WINDOWS\system32\DRIVERS\termdd.sys

15:34:22.0109 2384 TermDD - ok

15:34:22.0109 2384 TosIde - ok

15:34:22.0125 2384 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) H:\WINDOWS\system32\drivers\Udfs.sys

15:34:22.0125 2384 Udfs - ok

15:34:22.0125 2384 ultra - ok

15:34:22.0125 2384 Update (402ddc88356b1bac0ee3dd1580c76a31) H:\WINDOWS\system32\DRIVERS\update.sys

15:34:22.0140 2384 Update - ok

15:34:22.0140 2384 usbccgp (173f317ce0db8e21322e71b7e60a27e8) H:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:34:22.0140 2384 usbccgp - ok

15:34:22.0140 2384 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) H:\WINDOWS\system32\DRIVERS\usbehci.sys

15:34:22.0140 2384 usbehci - ok

15:34:22.0156 2384 usbhub (1ab3cdde553b6e064d2e754efe20285c) H:\WINDOWS\system32\DRIVERS\usbhub.sys

15:34:22.0156 2384 usbhub - ok

15:34:22.0156 2384 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) H:\WINDOWS\system32\DRIVERS\usbscan.sys

15:34:22.0156 2384 usbscan - ok

15:34:22.0156 2384 usbstor (a32426d9b14a089eaa1d922e0c5801a9) H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:34:22.0156 2384 usbstor - ok

15:34:22.0171 2384 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) H:\WINDOWS\system32\DRIVERS\usbuhci.sys

15:34:22.0171 2384 usbuhci - ok

15:34:22.0171 2384 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) H:\WINDOWS\System32\drivers\vga.sys

15:34:22.0171 2384 VgaSave - ok

15:34:22.0171 2384 ViaIde - ok

15:34:22.0171 2384 VolSnap (4c8fcb5cc53aab716d810740fe59d025) H:\WINDOWS\system32\drivers\VolSnap.sys

15:34:22.0171 2384 VolSnap - ok

15:34:22.0187 2384 Wanarp (e20b95baedb550f32dd489265c1da1f6) H:\WINDOWS\system32\DRIVERS\wanarp.sys

15:34:22.0187 2384 Wanarp - ok

15:34:22.0187 2384 WDICA - ok

15:34:22.0187 2384 wdmaud (6768acf64b18196494413695f0c3a00f) H:\WINDOWS\system32\drivers\wdmaud.sys

15:34:22.0187 2384 wdmaud - ok

15:34:22.0203 2384 WinDriver6 (6cb18d5c6f952ffefca4c3d904956fe1) H:\WINDOWS\system32\drivers\windrvr6.sys

15:34:22.0203 2384 WinDriver6 - ok

15:34:22.0218 2384 XilinxFirmwarePusb2Loader (8591e33badd8b742c4cadea23e6e3aab) H:\WINDOWS\system32\Drivers\xusb_xp2.sys

15:34:22.0218 2384 XilinxFirmwarePusb2Loader - ok

15:34:22.0218 2384 XilinxPC4Driver (6104f397127feeccce16bd16cd3843a6) H:\WINDOWS\System32\drivers\XPC4DRVR.SYS

15:34:22.0218 2384 XilinxPC4Driver - ok

15:34:22.0234 2384 yukonwxp (67331fd053f97a874a60374be6b59523) H:\WINDOWS\system32\DRIVERS\yk51x86.sys

15:34:22.0234 2384 yukonwxp - ok

15:34:22.0234 2384 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

15:34:22.0281 2384 \Device\Harddisk0\DR0 - ok

15:34:22.0281 2384 Boot (0x1200) (ea3764f40314b9c2a14e9deedf8df794) \Device\Harddisk0\DR0\Partition0

15:34:22.0281 2384 \Device\Harddisk0\DR0\Partition0 - ok

15:34:22.0281 2384 ============================================================

15:34:22.0281 2384 Scan finished

15:34:22.0281 2384 ============================================================

15:34:22.0296 2424 Detected object count: 0

15:34:22.0296 2424 Actual detected object count: 0

Link to post
Share on other sites
RenoNV

RenoNV

Posted
  • Author
Posted

MBAM logs. quick first then full. Thany You again.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8053

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/31/2011 3:52:45 PM

mbam-log-2011-10-31 (15-52-39).txt

Scan type: Quick scan

Objects scanned: 197783

Time elapsed: 1 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

h:\documents and settings\Admin\Desktop\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

h:\documents and settings\Admin\Desktop\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8053

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/31/2011 4:13:19 PM

mbam-log-2011-10-31 (16-13-19).txt

Scan type: Full scan (H:\|)

Objects scanned: 508880

Time elapsed: 20 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Thank You again. This issue with the C: what should I do or not do until it is changed and will I need to do anything once it has? RenoNV

When the new version comes out, which should be very soon, you shouldn't have to do any more thatn download and install.

Your AV will hopefully help until then.

You can however run the batch and do a quick scan with MBAM whenever you want.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.