Sign In
Create Account
Fake "S.M.A.R.T Repair Trial Version Installed" and now at startup, Data Recovery screen along with many tiled System Messages - "Write Fault Error" shows up. Startup Menu and Desktop show nothing, therefore cannot access any folders or applications. Running MBAM (from Task Tray) repeatedly show PUM.Hijack.StartMenu and PUM.Hidden.Desktop, Trojan.QHost.Gen, Trojan.QHost.BG, Trojan.Agent.LTGen, Rootkit TDSS. More recently, Trojan.FakeAlert and Exploit.Drop.4 has been detected. They continue to appear after removal and quarantine.
Nunerous attempts to Safe Start (F8) show Security Log Full and entering administrator's password will not work because it does not allow selection of my login domain anymore.
Managed to access internet and reach you through MBAM's "About" tab with link to MBAM website. Below are my logs from 5/17 and 5/18. I will be running another scan after this message. Please advise if you need MBAM scan or protection log files.
As indicated, the only way I am accessing internet is through the MBAM site.
Thank you in advance,
moonshadow56
****************************************
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.17.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/17/2012 10:28:57 AM
mbam-log-2012-05-17 (10-28-57).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 461063
Time elapsed: 2 hour(s), 33 minute(s), 46 second(s)
Memory Processes Detected: 1
C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe (Trojan.QHost.Gen) -> 4084 -> Delete on reboot.
Memory Modules Detected: 1
C:\Documents and Settings\sshiigi\Application Data\dplayx.dll (Trojan.QHost.BG) -> Delete on reboot.
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.Gen) -> Data: C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.Gen) -> Data: C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> No action taken.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe (Trojan.QHost.Gen) -> Delete on reboot.
C:\Documents and Settings\sshiigi\Application Data\dplayx.dll (Trojan.QHost.BG) -> Delete on reboot.
(end)
*******************************
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.17.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/18/2012 5:54:47 AM
mbam-log-2012-05-18 (05-54-47).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 461653
Time elapsed: 1 hour(s), 54 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|nscob (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\sshiigi\LOCALS~1\Temp\nscob.dll",MessageBoxChecked -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Documents and Settings\sshiigi\Application Data\dplaysvr.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|npntv (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\sshiigi\LOCALS~1\Temp\npntv.dll",ComputeIMTFromPerTexelSignal -> Quarantined and deleted successfully.
Registry Data Items Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP477\A0158918.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
(end)
0
Start Menu & Desktop Disappeared - Trojan.QHost.Gen & PUM.Hijack
Started by moonshadow56, May 19 2012 03:00 PM
Trojan.QHost.Gen Trojan.QHost.BG PUM.Hijack.StartMenu PUM.Hidden.Desktop
-
This topic is locked
Back to top
#2
Posted 19 May 2012 - 07:00 PM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Download and run unhide > that should take care of the hidden items.
http://www.bleepingc...opic405109.html
Then see if you can download and run RogueKiller:
Please remove any usb or external drives from the computer before you run this scan!
Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system (don't run any other options, they're not all bad!)
Post back the report.
MrC
http://www.bleepingc...opic405109.html
Then see if you can download and run RogueKiller:
Please remove any usb or external drives from the computer before you run this scan!
Please download and run RogueKiller.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
Click Scan to scan the system (don't run any other options, they're not all bad!)
Post back the report.
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#3
Posted 20 May 2012 - 12:22 PM
-
- Members
-
- 7 posts
New Member
RE: FakeHDD
MrCharlie: Thanks! Startup & Desktop unhidden now. Scanned with RogueKiller and posting report. RK instruction says "Look the different tabs and delete elements." When you say don't run any other options, do you mean don't hit delete (shown under Options)? I have not exited RogueKiller yet and rebooted.
moonshadow56
==================
RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: sshiigi [Admin rights]
Mode: Scan -- Date: 05/20/2012 06:50:23
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 24 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : OA001Mon (C:\WINDOWS\OA001Mon.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : GQYhoLHhwMyfqNi.exe (C:\Documents and Settings\All Users\Application Data\GQYhoLHhwMyfqNi.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : pAflJBODLBxfsV.exe (C:\Documents and Settings\All Users\Application Data\pAflJBODLBxfsV.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : KxWbeXshNmDD.exe (C:\Documents and Settings\All Users\Application Data\KxWbeXshNmDD.exe) -> FOUND
[SUSP PATH] LaunchU3.exe.lnk @sshiigi : C:\Documents and Settings\sshiigi\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe -> FOUND
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[31] : NtConnectPort @ 0x805A4604 -> HOOKED (Unknown @ 0x88CC01B8)
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
93.113.196.124 www.google.com
93.113.196.125 www.bing.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2250BJ FFS G2 +++++
--- User ---
[MBR] ef730769322e9e20bcfa30bb7a1bd224
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] d91f9d547933502253d7b959971f75dd
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] d91f9d547933502253d7b959971f75dd
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo
Finished : << RKreport[1].txt >>
RKreport[1].txt
MrCharlie: Thanks! Startup & Desktop unhidden now. Scanned with RogueKiller and posting report. RK instruction says "Look the different tabs and delete elements." When you say don't run any other options, do you mean don't hit delete (shown under Options)? I have not exited RogueKiller yet and rebooted.
moonshadow56
==================
RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: sshiigi [Admin rights]
Mode: Scan -- Date: 05/20/2012 06:50:23
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 24 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : OA001Mon (C:\WINDOWS\OA001Mon.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : GQYhoLHhwMyfqNi.exe (C:\Documents and Settings\All Users\Application Data\GQYhoLHhwMyfqNi.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : pAflJBODLBxfsV.exe (C:\Documents and Settings\All Users\Application Data\pAflJBODLBxfsV.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : KxWbeXshNmDD.exe (C:\Documents and Settings\All Users\Application Data\KxWbeXshNmDD.exe) -> FOUND
[SUSP PATH] LaunchU3.exe.lnk @sshiigi : C:\Documents and Settings\sshiigi\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe -> FOUND
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[31] : NtConnectPort @ 0x805A4604 -> HOOKED (Unknown @ 0x88CC01B8)
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
93.113.196.124 www.google.com
93.113.196.125 www.bing.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2250BJ FFS G2 +++++
--- User ---
[MBR] ef730769322e9e20bcfa30bb7a1bd224
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] d91f9d547933502253d7b959971f75dd
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] d91f9d547933502253d7b959971f75dd
[BSP] 33011a5e6af84273cc2c64e92fc9f6b2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 289170 | Size: 238331 Mo
2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo
Finished : << RKreport[1].txt >>
RKreport[1].txt
#4
Posted 20 May 2012 - 12:30 PM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
OK , delete all of these under Registry: (Hit delete on the right hand column)
Then click the HostFix button on the right hand column.
--------------------------------------
Last.......
Please make sure system restore is running and create a new restore point before continuing.
XP <===> Vista & W7
XP users > please back up the registry using ERUNT.
-----------------------------------------
Please download and run TDSSKiller to your desktop as outlined below:
Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
-------------------------
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
------------------------
Click the Start Scan button.
-----------------------
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.
----------------------
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
--------------------
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
-------------------
Here's a summary of what to do if you would like to print it out:
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
MrC
Quote
¤¤¤ Registry Entries: 24 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : OA001Mon (C:\WINDOWS\OA001Mon.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : GQYhoLHhwMyfqNi.exe (C:\Documents and Settings\All Users\Application Data\GQYhoLHhwMyfqNi.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : pAflJBODLBxfsV.exe (C:\Documents and Settings\All Users\Application Data\pAflJBODLBxfsV.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : KxWbeXshNmDD.exe (C:\Documents and Settings\All Users\Application Data\KxWbeXshNmDD.exe) -> FOUND
[SUSP PATH] LaunchU3.exe.lnk @sshiigi : C:\Documents and Settings\sshiigi\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe -> FOUND
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[SUSP PATH] HKLM\[...]\Run : OA001Mon (C:\WINDOWS\OA001Mon.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : GQYhoLHhwMyfqNi.exe (C:\Documents and Settings\All Users\Application Data\GQYhoLHhwMyfqNi.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : pAflJBODLBxfsV.exe (C:\Documents and Settings\All Users\Application Data\pAflJBODLBxfsV.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Run : KxWbeXshNmDD.exe (C:\Documents and Settings\All Users\Application Data\KxWbeXshNmDD.exe) -> FOUND
[SUSP PATH] LaunchU3.exe.lnk @sshiigi : C:\Documents and Settings\sshiigi\Application Data\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe -> FOUND
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
[HIDDEN VAL] HKLM\[...]\Services : @ () -> FOUND
Then click the HostFix button on the right hand column.
--------------------------------------
Last.......
Please make sure system restore is running and create a new restore point before continuing.
XP <===> Vista & W7
XP users > please back up the registry using ERUNT.
-----------------------------------------
Please download and run TDSSKiller to your desktop as outlined below:
Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
-------------------------
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
------------------------
Click the Start Scan button.
-----------------------
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.
----------------------
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
--------------------
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
-------------------
Here's a summary of what to do if you would like to print it out:
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#5
Posted 21 May 2012 - 08:49 AM
-
- Members
-
- 7 posts
New Member
MrC:
I had to use an older version of TDSSKiller that was downloaded in Sept. 2007. Although I attempted to delete it into the recycle bin and download the current version onto my desktop, it would not run. The old version was saved into a folder on C: drive (not in Program Files) and I was unable to Uninstall because it doesn't show up in Add/Remove.
How do I get rid of the old and run the current version? It does not have the Change Parameters and Additional Options functions.
Best, moonshadow56.
===========================
012/05/21 03:13:49.0250 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2012/05/21 03:13:49.0250 ================================================================================
2012/05/21 03:13:49.0250 SystemInfo:
2012/05/21 03:13:49.0250
2012/05/21 03:13:49.0250 OS Version: 5.1.2600 ServicePack: 3.0
2012/05/21 03:13:49.0250 Product type: Workstation
2012/05/21 03:13:49.0250 ComputerName: DFB69GJ1
2012/05/21 03:13:49.0250 UserName: sshiigi
2012/05/21 03:13:49.0250 Windows directory: C:\WINDOWS
2012/05/21 03:13:49.0250 System windows directory: C:\WINDOWS
2012/05/21 03:13:49.0250 Processor architecture: Intel x86
2012/05/21 03:13:49.0250 Number of processors: 2
2012/05/21 03:13:49.0250 Page size: 0x1000
2012/05/21 03:13:49.0250 Boot type: Normal boot
2012/05/21 03:13:49.0250 ================================================================================
2012/05/21 03:13:49.0421 Initialize success
2012/05/21 03:14:36.0562 ================================================================================
2012/05/21 03:14:36.0562 Scan started
2012/05/21 03:14:36.0562 Mode: Manual;
2012/05/21 03:14:36.0562 ================================================================================
2012/05/21 03:14:37.0578 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2012/05/21 03:14:37.0625 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2012/05/21 03:14:37.0640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2012/05/21 03:14:37.0703 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2012/05/21 03:14:37.0734 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2012/05/21 03:14:37.0765 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
2012/05/21 03:14:37.0843 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
2012/05/21 03:14:38.0015 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2012/05/21 03:14:38.0046 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2012/05/21 03:14:38.0093 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2012/05/21 03:14:38.0125 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2012/05/21 03:14:38.0156 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2012/05/21 03:14:38.0203 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2012/05/21 03:14:38.0265 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2012/05/21 03:14:38.0281 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2012/05/21 03:14:38.0328 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2012/05/21 03:14:38.0375 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2012/05/21 03:14:38.0406 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2012/05/21 03:14:38.0562 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2012/05/21 03:14:38.0625 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2012/05/21 03:14:38.0703 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2012/05/21 03:14:38.0781 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2012/05/21 03:14:38.0843 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2012/05/21 03:14:39.0046 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2012/05/21 03:14:39.0093 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2012/05/21 03:14:39.0171 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2012/05/21 03:14:39.0250 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
2012/05/21 03:14:39.0296 BrSerIb (9f80879913dc2712fd0c4d734e3f519b) C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
2012/05/21 03:14:39.0406 BrUsbSIb (b67512da42c0c90bf236d5485226c1c7) C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
2012/05/21 03:14:39.0515 btaudio (f688bbbe8e3e7e03e35caabd66616ddb) C:\WINDOWS\system32\drivers\btaudio.sys
2012/05/21 03:14:39.0625 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2012/05/21 03:14:39.0734 BTKRNL (38a3331e2f690d4cdc9de0604b9416e5) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2012/05/21 03:14:39.0843 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2012/05/21 03:14:40.0000 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2012/05/21 03:14:40.0078 BTWUSB (d5af663711660d32ec230c6aaf7b6b83) C:\WINDOWS\system32\Drivers\btwusb.sys
2012/05/21 03:14:40.0171 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2012/05/21 03:14:40.0218 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2012/05/21 03:14:40.0281 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2012/05/21 03:14:40.0406 CCIDFILTER (d006b6a67b8daed85e6d91783e9b45d6) C:\WINDOWS\system32\DRIVERS\ccidflt.sys
2012/05/21 03:14:40.0468 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2012/05/21 03:14:40.0578 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2012/05/21 03:14:40.0734 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2012/05/21 03:14:40.0765 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2012/05/21 03:14:40.0843 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2012/05/21 03:14:40.0921 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2012/05/21 03:14:41.0000 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2012/05/21 03:14:41.0078 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2012/05/21 03:14:41.0218 cvusbdrv (dc6429fbc73b0b0b38cc5386c8a607ed) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
2012/05/21 03:14:41.0390 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2012/05/21 03:14:41.0468 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2012/05/21 03:14:41.0625 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2012/05/21 03:14:41.0703 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
2012/05/21 03:14:41.0765 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
2012/05/21 03:14:41.0812 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
2012/05/21 03:14:41.0875 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
2012/05/21 03:14:41.0921 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
2012/05/21 03:14:41.0968 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
2012/05/21 03:14:42.0015 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
2012/05/21 03:14:42.0062 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
2012/05/21 03:14:42.0187 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
2012/05/21 03:14:42.0265 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
2012/05/21 03:14:42.0343 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2012/05/21 03:14:42.0421 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2012/05/21 03:14:42.0500 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2012/05/21 03:14:42.0578 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2012/05/21 03:14:42.0671 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2012/05/21 03:14:42.0703 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2012/05/21 03:14:42.0734 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
2012/05/21 03:14:42.0796 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
2012/05/21 03:14:42.0843 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
2012/05/21 03:14:43.0000 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2012/05/21 03:14:43.0078 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2012/05/21 03:14:43.0265 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2012/05/21 03:14:43.0328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2012/05/21 03:14:43.0359 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2012/05/21 03:14:43.0390 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2012/05/21 03:14:43.0437 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2012/05/21 03:14:43.0500 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys
2012/05/21 03:14:43.0531 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2012/05/21 03:14:43.0593 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2012/05/21 03:14:43.0609 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2012/05/21 03:14:43.0671 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2012/05/21 03:14:43.0703 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2012/05/21 03:14:43.0734 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2012/05/21 03:14:43.0781 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2012/05/21 03:14:43.0906 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2012/05/21 03:14:43.0968 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2012/05/21 03:14:44.0015 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2012/05/21 03:14:44.0046 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2012/05/21 03:14:44.0109 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2012/05/21 03:14:44.0218 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2012/05/21 03:14:44.0296 iaStor (baabb0301949774a66b955c65319635a) C:\WINDOWS\system32\drivers\iaStor.sys
2012/05/21 03:14:44.0390 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2012/05/21 03:14:44.0437 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2012/05/21 03:14:44.0453 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2012/05/21 03:14:44.0500 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2012/05/21 03:14:44.0546 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2012/05/21 03:14:44.0593 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2012/05/21 03:14:44.0625 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2012/05/21 03:14:44.0656 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2012/05/21 03:14:44.0687 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2012/05/21 03:14:44.0734 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2012/05/21 03:14:44.0796 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2012/05/21 03:14:44.0875 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2012/05/21 03:14:44.0875 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2012/05/21 03:14:44.0953 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2012/05/21 03:14:45.0015 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2012/05/21 03:14:45.0218 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2012/05/21 03:14:45.0328 LEqdUsb (eee5a87ec378c9ad7ce91073fbd63465) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
2012/05/21 03:14:45.0359 LHidEqd (62663b385087f5977d8ebd1fdc67b639) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
2012/05/21 03:14:45.0406 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2012/05/21 03:14:45.0437 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2012/05/21 03:14:45.0484 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
2012/05/21 03:14:45.0578 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2012/05/21 03:14:45.0609 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2012/05/21 03:14:45.0671 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2012/05/21 03:14:45.0703 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2012/05/21 03:14:45.0734 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2012/05/21 03:14:45.0796 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2012/05/21 03:14:45.0875 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2012/05/21 03:14:45.0968 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2012/05/21 03:14:46.0046 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2012/05/21 03:14:46.0109 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012/05/21 03:14:46.0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012/05/21 03:14:46.0203 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2012/05/21 03:14:46.0265 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2012/05/21 03:14:46.0328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2012/05/21 03:14:46.0421 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2012/05/21 03:14:46.0500 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2012/05/21 03:14:46.0578 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\WINDOWS\system32\Drivers\iqvw32.sys
2012/05/21 03:14:46.0687 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\naveng.sys
2012/05/21 03:14:46.0750 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\navex15.sys
2012/05/21 03:14:46.0937 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2012/05/21 03:14:47.0000 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2012/05/21 03:14:47.0062 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2012/05/21 03:14:47.0109 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2012/05/21 03:14:47.0140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2012/05/21 03:14:47.0234 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2012/05/21 03:14:47.0281 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2012/05/21 03:14:47.0343 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2012/05/21 03:14:47.0765 NETw5x32 (cfe1981a47a2f7650a1ef8917dc4d1c3) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
2012/05/21 03:14:48.0031 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2012/05/21 03:14:48.0109 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2012/05/21 03:14:48.0203 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2012/05/21 03:14:48.0328 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2012/05/21 03:14:48.0375 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2012/05/21 03:14:48.0703 nv (25167771f5afad71808b0080fe4f2312) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2012/05/21 03:14:48.0984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2012/05/21 03:14:49.0046 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2012/05/21 03:14:49.0125 OA001Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA001Afx.sys
2012/05/21 03:14:49.0218 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA001Ufd.sys
2012/05/21 03:14:49.0250 OA001Vid (159e5a08a6a5231863cddbd787a4eabb) C:\WINDOWS\system32\DRIVERS\OA001Vid.sys
2012/05/21 03:14:49.0312 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2012/05/21 03:14:49.0437 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2012/05/21 03:14:49.0484 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2012/05/21 03:14:49.0531 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2012/05/21 03:14:49.0609 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
2012/05/21 03:14:49.0718 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
2012/05/21 03:14:49.0875 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2012/05/21 03:14:49.0984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2012/05/21 03:14:50.0093 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2012/05/21 03:14:50.0296 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2012/05/21 03:14:50.0453 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2012/05/21 03:14:50.0593 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2012/05/21 03:14:50.0687 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2012/05/21 03:14:50.0765 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2012/05/21 03:14:50.0890 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2012/05/21 03:14:50.0953 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2012/05/21 03:14:51.0031 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2012/05/21 03:14:51.0109 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2012/05/21 03:14:51.0250 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2012/05/21 03:14:51.0312 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2012/05/21 03:14:51.0359 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2012/05/21 03:14:51.0406 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2012/05/21 03:14:51.0421 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2012/05/21 03:14:51.0468 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2012/05/21 03:14:51.0500 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2012/05/21 03:14:51.0578 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2012/05/21 03:14:51.0609 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2012/05/21 03:14:51.0687 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
2012/05/21 03:14:51.0796 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2012/05/21 03:14:51.0937 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2012/05/21 03:14:52.0046 s24trans (1f950f97dbf5e0ba4fbbfaf074d3b47c) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2012/05/21 03:14:52.0109 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2012/05/21 03:14:52.0140 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2012/05/21 03:14:52.0171 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2012/05/21 03:14:52.0234 SAVRT (21ba125b956a513f85f6ab1dd603f917) C:\Program Files\Symantec AntiVirus\savrt.sys
2012/05/21 03:14:52.0250 SAVRTPEL (0f8e1c05fc1298f8e7cea935429f66ff) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
2012/05/21 03:14:52.0375 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
2012/05/21 03:14:52.0468 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
2012/05/21 03:14:52.0625 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
2012/05/21 03:14:52.0656 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
2012/05/21 03:14:52.0703 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
2012/05/21 03:14:52.0750 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
2012/05/21 03:14:52.0812 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
2012/05/21 03:14:52.0875 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
2012/05/21 03:14:53.0046 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2012/05/21 03:14:53.0109 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2012/05/21 03:14:53.0218 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2012/05/21 03:14:53.0265 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2012/05/21 03:14:53.0375 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2012/05/21 03:14:53.0437 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2012/05/21 03:14:53.0500 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2012/05/21 03:14:53.0687 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2012/05/21 03:14:53.0781 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2012/05/21 03:14:53.0906 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2012/05/21 03:14:54.0015 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2012/05/21 03:14:54.0156 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2012/05/21 03:14:54.0265 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2012/05/21 03:14:54.0328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2012/05/21 03:14:54.0531 STHDA (886c708c91db573656d64c626468d707) C:\WINDOWS\system32\drivers\sthda.sys
2012/05/21 03:14:54.0671 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2012/05/21 03:14:54.0750 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2012/05/21 03:14:54.0875 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2012/05/21 03:14:54.0984 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2012/05/21 03:14:55.0078 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2012/05/21 03:14:55.0203 SymEvent (9c4737086dee2d302d5d2d69478f6611) C:\Program Files\Symantec\SYMEVENT.SYS
2012/05/21 03:14:55.0281 SYMREDRV (c1bbd1d20acc5ecadca086228ad52bdd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2012/05/21 03:14:55.0343 SYMTDI (9bf7fddab95f8aabc361774dc844f755) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2012/05/21 03:14:55.0484 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2012/05/21 03:14:55.0593 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2012/05/21 03:14:55.0703 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2012/05/21 03:14:55.0812 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2012/05/21 03:14:55.0906 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2012/05/21 03:14:55.0984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2012/05/21 03:14:56.0031 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2012/05/21 03:14:56.0156 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2012/05/21 03:14:56.0234 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2012/05/21 03:14:56.0343 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2012/05/21 03:14:56.0406 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2012/05/21 03:14:56.0531 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2012/05/21 03:14:56.0625 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2012/05/21 03:14:56.0671 USBCCID (150442fa5224dc338028543e2fffa7b4) C:\WINDOWS\system32\DRIVERS\usbccid.sys
2012/05/21 03:14:56.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2012/05/21 03:14:56.0875 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2012/05/21 03:14:56.0984 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2012/05/21 03:14:57.0109 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2012/05/21 03:14:57.0187 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2012/05/21 03:14:57.0265 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2012/05/21 03:14:57.0359 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2012/05/21 03:14:57.0531 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2012/05/21 03:14:57.0593 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2012/05/21 03:14:57.0687 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2012/05/21 03:14:57.0765 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2012/05/21 03:14:57.0843 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2012/05/21 03:14:57.0953 WavxDMgr (0be8dd6c95c5bdff9c5f3fa8095d304c) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
2012/05/21 03:14:58.0031 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2012/05/21 03:14:58.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2012/05/21 03:14:58.0296 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2012/05/21 03:14:58.0375 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2012/05/21 03:14:58.0406 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2012/05/21 03:14:58.0484 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2012/05/21 03:14:58.0515 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2012/05/21 03:14:58.0609 ================================================================================
2012/05/21 03:14:58.0609 Scan finished
2012/05/21 03:14:58.0609 ================================================================================
I had to use an older version of TDSSKiller that was downloaded in Sept. 2007. Although I attempted to delete it into the recycle bin and download the current version onto my desktop, it would not run. The old version was saved into a folder on C: drive (not in Program Files) and I was unable to Uninstall because it doesn't show up in Add/Remove.
How do I get rid of the old and run the current version? It does not have the Change Parameters and Additional Options functions.
Best, moonshadow56.
===========================
012/05/21 03:13:49.0250 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2012/05/21 03:13:49.0250 ================================================================================
2012/05/21 03:13:49.0250 SystemInfo:
2012/05/21 03:13:49.0250
2012/05/21 03:13:49.0250 OS Version: 5.1.2600 ServicePack: 3.0
2012/05/21 03:13:49.0250 Product type: Workstation
2012/05/21 03:13:49.0250 ComputerName: DFB69GJ1
2012/05/21 03:13:49.0250 UserName: sshiigi
2012/05/21 03:13:49.0250 Windows directory: C:\WINDOWS
2012/05/21 03:13:49.0250 System windows directory: C:\WINDOWS
2012/05/21 03:13:49.0250 Processor architecture: Intel x86
2012/05/21 03:13:49.0250 Number of processors: 2
2012/05/21 03:13:49.0250 Page size: 0x1000
2012/05/21 03:13:49.0250 Boot type: Normal boot
2012/05/21 03:13:49.0250 ================================================================================
2012/05/21 03:13:49.0421 Initialize success
2012/05/21 03:14:36.0562 ================================================================================
2012/05/21 03:14:36.0562 Scan started
2012/05/21 03:14:36.0562 Mode: Manual;
2012/05/21 03:14:36.0562 ================================================================================
2012/05/21 03:14:37.0578 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2012/05/21 03:14:37.0625 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2012/05/21 03:14:37.0640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2012/05/21 03:14:37.0703 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2012/05/21 03:14:37.0734 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2012/05/21 03:14:37.0765 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
2012/05/21 03:14:37.0843 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
2012/05/21 03:14:38.0015 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2012/05/21 03:14:38.0046 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2012/05/21 03:14:38.0093 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2012/05/21 03:14:38.0125 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2012/05/21 03:14:38.0156 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2012/05/21 03:14:38.0203 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2012/05/21 03:14:38.0265 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2012/05/21 03:14:38.0281 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2012/05/21 03:14:38.0328 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2012/05/21 03:14:38.0375 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2012/05/21 03:14:38.0406 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2012/05/21 03:14:38.0562 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2012/05/21 03:14:38.0625 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2012/05/21 03:14:38.0703 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2012/05/21 03:14:38.0781 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2012/05/21 03:14:38.0843 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2012/05/21 03:14:39.0046 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2012/05/21 03:14:39.0093 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2012/05/21 03:14:39.0171 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2012/05/21 03:14:39.0250 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
2012/05/21 03:14:39.0296 BrSerIb (9f80879913dc2712fd0c4d734e3f519b) C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
2012/05/21 03:14:39.0406 BrUsbSIb (b67512da42c0c90bf236d5485226c1c7) C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
2012/05/21 03:14:39.0515 btaudio (f688bbbe8e3e7e03e35caabd66616ddb) C:\WINDOWS\system32\drivers\btaudio.sys
2012/05/21 03:14:39.0625 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2012/05/21 03:14:39.0734 BTKRNL (38a3331e2f690d4cdc9de0604b9416e5) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2012/05/21 03:14:39.0843 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2012/05/21 03:14:40.0000 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2012/05/21 03:14:40.0078 BTWUSB (d5af663711660d32ec230c6aaf7b6b83) C:\WINDOWS\system32\Drivers\btwusb.sys
2012/05/21 03:14:40.0171 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2012/05/21 03:14:40.0218 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2012/05/21 03:14:40.0281 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2012/05/21 03:14:40.0406 CCIDFILTER (d006b6a67b8daed85e6d91783e9b45d6) C:\WINDOWS\system32\DRIVERS\ccidflt.sys
2012/05/21 03:14:40.0468 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2012/05/21 03:14:40.0578 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2012/05/21 03:14:40.0734 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2012/05/21 03:14:40.0765 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2012/05/21 03:14:40.0843 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2012/05/21 03:14:40.0921 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2012/05/21 03:14:41.0000 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2012/05/21 03:14:41.0078 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2012/05/21 03:14:41.0218 cvusbdrv (dc6429fbc73b0b0b38cc5386c8a607ed) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
2012/05/21 03:14:41.0390 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2012/05/21 03:14:41.0468 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2012/05/21 03:14:41.0625 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2012/05/21 03:14:41.0703 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
2012/05/21 03:14:41.0765 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
2012/05/21 03:14:41.0812 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
2012/05/21 03:14:41.0875 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
2012/05/21 03:14:41.0921 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
2012/05/21 03:14:41.0968 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
2012/05/21 03:14:42.0015 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
2012/05/21 03:14:42.0062 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
2012/05/21 03:14:42.0187 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
2012/05/21 03:14:42.0265 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
2012/05/21 03:14:42.0343 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2012/05/21 03:14:42.0421 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2012/05/21 03:14:42.0500 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2012/05/21 03:14:42.0578 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2012/05/21 03:14:42.0671 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2012/05/21 03:14:42.0703 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2012/05/21 03:14:42.0734 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
2012/05/21 03:14:42.0796 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
2012/05/21 03:14:42.0843 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
2012/05/21 03:14:43.0000 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2012/05/21 03:14:43.0078 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2012/05/21 03:14:43.0265 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2012/05/21 03:14:43.0328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2012/05/21 03:14:43.0359 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2012/05/21 03:14:43.0390 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2012/05/21 03:14:43.0437 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2012/05/21 03:14:43.0500 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys
2012/05/21 03:14:43.0531 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2012/05/21 03:14:43.0593 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2012/05/21 03:14:43.0609 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2012/05/21 03:14:43.0671 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2012/05/21 03:14:43.0703 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2012/05/21 03:14:43.0734 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2012/05/21 03:14:43.0781 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2012/05/21 03:14:43.0906 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2012/05/21 03:14:43.0968 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2012/05/21 03:14:44.0015 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2012/05/21 03:14:44.0046 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2012/05/21 03:14:44.0109 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2012/05/21 03:14:44.0218 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2012/05/21 03:14:44.0296 iaStor (baabb0301949774a66b955c65319635a) C:\WINDOWS\system32\drivers\iaStor.sys
2012/05/21 03:14:44.0390 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2012/05/21 03:14:44.0437 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2012/05/21 03:14:44.0453 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2012/05/21 03:14:44.0500 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2012/05/21 03:14:44.0546 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2012/05/21 03:14:44.0593 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2012/05/21 03:14:44.0625 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2012/05/21 03:14:44.0656 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2012/05/21 03:14:44.0687 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2012/05/21 03:14:44.0734 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2012/05/21 03:14:44.0796 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2012/05/21 03:14:44.0875 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2012/05/21 03:14:44.0875 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2012/05/21 03:14:44.0953 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2012/05/21 03:14:45.0015 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2012/05/21 03:14:45.0218 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2012/05/21 03:14:45.0328 LEqdUsb (eee5a87ec378c9ad7ce91073fbd63465) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
2012/05/21 03:14:45.0359 LHidEqd (62663b385087f5977d8ebd1fdc67b639) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
2012/05/21 03:14:45.0406 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2012/05/21 03:14:45.0437 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2012/05/21 03:14:45.0484 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
2012/05/21 03:14:45.0578 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2012/05/21 03:14:45.0609 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2012/05/21 03:14:45.0671 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2012/05/21 03:14:45.0703 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2012/05/21 03:14:45.0734 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2012/05/21 03:14:45.0796 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2012/05/21 03:14:45.0875 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2012/05/21 03:14:45.0968 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2012/05/21 03:14:46.0046 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2012/05/21 03:14:46.0109 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012/05/21 03:14:46.0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012/05/21 03:14:46.0203 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2012/05/21 03:14:46.0265 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2012/05/21 03:14:46.0328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2012/05/21 03:14:46.0421 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2012/05/21 03:14:46.0500 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2012/05/21 03:14:46.0578 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\WINDOWS\system32\Drivers\iqvw32.sys
2012/05/21 03:14:46.0687 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\naveng.sys
2012/05/21 03:14:46.0750 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\navex15.sys
2012/05/21 03:14:46.0937 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2012/05/21 03:14:47.0000 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2012/05/21 03:14:47.0062 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2012/05/21 03:14:47.0109 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2012/05/21 03:14:47.0140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2012/05/21 03:14:47.0234 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2012/05/21 03:14:47.0281 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2012/05/21 03:14:47.0343 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2012/05/21 03:14:47.0765 NETw5x32 (cfe1981a47a2f7650a1ef8917dc4d1c3) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
2012/05/21 03:14:48.0031 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2012/05/21 03:14:48.0109 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2012/05/21 03:14:48.0203 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2012/05/21 03:14:48.0328 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2012/05/21 03:14:48.0375 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2012/05/21 03:14:48.0703 nv (25167771f5afad71808b0080fe4f2312) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2012/05/21 03:14:48.0984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2012/05/21 03:14:49.0046 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2012/05/21 03:14:49.0125 OA001Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA001Afx.sys
2012/05/21 03:14:49.0218 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA001Ufd.sys
2012/05/21 03:14:49.0250 OA001Vid (159e5a08a6a5231863cddbd787a4eabb) C:\WINDOWS\system32\DRIVERS\OA001Vid.sys
2012/05/21 03:14:49.0312 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2012/05/21 03:14:49.0437 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2012/05/21 03:14:49.0484 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2012/05/21 03:14:49.0531 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2012/05/21 03:14:49.0609 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
2012/05/21 03:14:49.0718 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
2012/05/21 03:14:49.0875 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2012/05/21 03:14:49.0984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2012/05/21 03:14:50.0093 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2012/05/21 03:14:50.0296 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2012/05/21 03:14:50.0453 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2012/05/21 03:14:50.0593 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2012/05/21 03:14:50.0687 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2012/05/21 03:14:50.0765 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2012/05/21 03:14:50.0890 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2012/05/21 03:14:50.0953 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2012/05/21 03:14:51.0031 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2012/05/21 03:14:51.0109 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2012/05/21 03:14:51.0250 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2012/05/21 03:14:51.0312 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2012/05/21 03:14:51.0359 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2012/05/21 03:14:51.0406 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2012/05/21 03:14:51.0421 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2012/05/21 03:14:51.0468 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2012/05/21 03:14:51.0500 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2012/05/21 03:14:51.0578 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2012/05/21 03:14:51.0609 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2012/05/21 03:14:51.0687 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
2012/05/21 03:14:51.0796 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2012/05/21 03:14:51.0937 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2012/05/21 03:14:52.0046 s24trans (1f950f97dbf5e0ba4fbbfaf074d3b47c) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2012/05/21 03:14:52.0109 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2012/05/21 03:14:52.0140 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2012/05/21 03:14:52.0171 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2012/05/21 03:14:52.0234 SAVRT (21ba125b956a513f85f6ab1dd603f917) C:\Program Files\Symantec AntiVirus\savrt.sys
2012/05/21 03:14:52.0250 SAVRTPEL (0f8e1c05fc1298f8e7cea935429f66ff) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
2012/05/21 03:14:52.0375 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
2012/05/21 03:14:52.0468 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
2012/05/21 03:14:52.0625 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
2012/05/21 03:14:52.0656 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
2012/05/21 03:14:52.0703 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
2012/05/21 03:14:52.0750 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
2012/05/21 03:14:52.0812 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
2012/05/21 03:14:52.0875 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
2012/05/21 03:14:53.0046 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2012/05/21 03:14:53.0109 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2012/05/21 03:14:53.0218 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2012/05/21 03:14:53.0265 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2012/05/21 03:14:53.0375 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2012/05/21 03:14:53.0437 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2012/05/21 03:14:53.0500 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2012/05/21 03:14:53.0687 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2012/05/21 03:14:53.0781 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2012/05/21 03:14:53.0906 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2012/05/21 03:14:54.0015 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2012/05/21 03:14:54.0156 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2012/05/21 03:14:54.0265 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2012/05/21 03:14:54.0328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2012/05/21 03:14:54.0531 STHDA (886c708c91db573656d64c626468d707) C:\WINDOWS\system32\drivers\sthda.sys
2012/05/21 03:14:54.0671 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2012/05/21 03:14:54.0750 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2012/05/21 03:14:54.0875 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2012/05/21 03:14:54.0984 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2012/05/21 03:14:55.0078 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2012/05/21 03:14:55.0203 SymEvent (9c4737086dee2d302d5d2d69478f6611) C:\Program Files\Symantec\SYMEVENT.SYS
2012/05/21 03:14:55.0281 SYMREDRV (c1bbd1d20acc5ecadca086228ad52bdd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2012/05/21 03:14:55.0343 SYMTDI (9bf7fddab95f8aabc361774dc844f755) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2012/05/21 03:14:55.0484 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2012/05/21 03:14:55.0593 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2012/05/21 03:14:55.0703 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2012/05/21 03:14:55.0812 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2012/05/21 03:14:55.0906 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2012/05/21 03:14:55.0984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2012/05/21 03:14:56.0031 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2012/05/21 03:14:56.0156 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2012/05/21 03:14:56.0234 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2012/05/21 03:14:56.0343 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2012/05/21 03:14:56.0406 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2012/05/21 03:14:56.0531 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2012/05/21 03:14:56.0625 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2012/05/21 03:14:56.0671 USBCCID (150442fa5224dc338028543e2fffa7b4) C:\WINDOWS\system32\DRIVERS\usbccid.sys
2012/05/21 03:14:56.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2012/05/21 03:14:56.0875 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2012/05/21 03:14:56.0984 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2012/05/21 03:14:57.0109 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2012/05/21 03:14:57.0187 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2012/05/21 03:14:57.0265 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2012/05/21 03:14:57.0359 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2012/05/21 03:14:57.0531 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2012/05/21 03:14:57.0593 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2012/05/21 03:14:57.0687 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2012/05/21 03:14:57.0765 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2012/05/21 03:14:57.0843 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2012/05/21 03:14:57.0953 WavxDMgr (0be8dd6c95c5bdff9c5f3fa8095d304c) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
2012/05/21 03:14:58.0031 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2012/05/21 03:14:58.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2012/05/21 03:14:58.0296 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2012/05/21 03:14:58.0375 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2012/05/21 03:14:58.0406 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2012/05/21 03:14:58.0484 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2012/05/21 03:14:58.0515 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2012/05/21 03:14:58.0609 ================================================================================
2012/05/21 03:14:58.0609 Scan finished
2012/05/21 03:14:58.0609 ================================================================================
#6
Posted 21 May 2012 - 08:51 AM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
That was clean....please do this...........
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Please include the C:\ComboFix.txt in your next reply for further review.
MrC
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Please include the C:\ComboFix.txt in your next reply for further review.
---------->NOTE<----------
If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#7
Posted 21 May 2012 - 09:57 AM
-
- Members
-
- 7 posts
New Member
MrC:
I'm nervous about running ComboFix given all the warnings about how one should be technically qualified to use it. Before attempting it, here's some addittional info that may call for an alternative solution. My computer is running fairly well except that:
===============================
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.20.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/20/2012 1:37:13 PM
mbam-log-2012-05-20 (13-37-13).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 469416
Time elapsed: 1 hour(s), 23 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\GQYhoLHhwMyfqNi.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\KxWbeXshNmDD.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\pAflJBODLBxfsV.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
(end)
============================
2012/05/21 00:02:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 00:07:18 -1000 DFB69GJ1 sshiigi MESSAGE Starting protection
2012/05/21 00:07:37 -1000 DFB69GJ1 sshiigi MESSAGE Protection started successfully
2012/05/21 00:07:40 -1000 DFB69GJ1 sshiigi MESSAGE Starting IP protection
2012/05/21 00:08:19 -1000 DFB69GJ1 sshiigi MESSAGE IP Protection started successfully
2012/05/21 00:08:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:09:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:09:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:24:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:31:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:31:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:32:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:39:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:39:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:40:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:40:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:52:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:52:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:53:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:54:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:54:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:54:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:55:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:56:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:57:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:57:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:58:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:58:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:59:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:09:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:10:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:10:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:10:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:23:09 -1000 DFB69GJ1 sshiigi MESSAGE Starting protection
2012/05/21 01:23:35 -1000 DFB69GJ1 sshiigi MESSAGE Protection started successfully
2012/05/21 01:23:38 -1000 DFB69GJ1 sshiigi MESSAGE Starting IP protection
2012/05/21 01:23:42 -1000 DFB69GJ1 sshiigi MESSAGE IP Protection started successfully
2012/05/21 01:23:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 204.137.28.195 (Type: outgoing)
2012/05/21 01:24:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:25:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:25:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:25:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:36:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:39:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:40:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:40:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:40:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:44:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:44:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:48:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:48:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:48:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:49:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:49:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:50:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:54:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:55:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:55:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:55:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:08:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:08:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:09:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:09:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:12:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:19:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:20:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:20:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:21:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:21:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:22:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:24:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:25:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:25:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:26:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:41:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:41:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:41:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:50:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:50:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:51:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:58:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:58:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:58:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:07:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:07:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:08:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:10:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:11:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:11:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:11:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:25:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:28:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:28:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:29:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 03:34:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:40:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:49:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 03:50:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:50:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:50:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:53:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:53:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:53:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:54:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:54:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:54:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:55:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:55:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:55:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:56:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:56:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:56:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:56:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:57:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:57:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:57:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:58:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:59:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:59:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:00:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.187 (Type: outgoing)
2012/05/21 04:00:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.119.155 (Type: outgoing)
2012/05/21 04:00:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.187 (Type: outgoing)
2012/05/21 04:00:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.119.155 (Type: outgoing)
2012/05/21 04:00:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:00:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:00:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:01:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:01:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:02:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:03:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:05:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:06:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:06:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:07:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:07:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:07:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:08:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:09:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:09:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:10:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 04:10:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:11:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:11:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:13:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:13:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:15:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:17:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:17:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:17:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:18:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:18:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:19:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:20:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:20:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:20:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:21:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:22:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:22:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:22:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:23:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 04:23:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:24:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:24:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:24:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:24:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:25:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 04:25:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:25:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:25:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:27:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:28:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:28:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:30:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:30:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:32:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:32:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:32:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:32:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:32:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:33:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:35:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:35:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:37:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
I'm nervous about running ComboFix given all the warnings about how one should be technically qualified to use it. Before attempting it, here's some addittional info that may call for an alternative solution. My computer is running fairly well except that:
- At startup, the message consisently appears: "Missing Virus Definitions: VPTray.exe - Ordinal not found. The ordinal 1109 could not be located in the dynamic link library Winsock32.dll" consistenly appears now.
- MBAM scan still detects Trojan.FakeHDD although it is reapeatedly quarantined. .
- Symentec Anti Virus message continually appears - "The feature you are trying to use is on a network resource that is unavailable." It keeps searching in F:\Symentec\CDI\SAV. Although I use the F: drive on my network at work, I've been at home and not connected.
- MBAM countinuously blocks access to a potentially malicious website.
===============================
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.20.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/20/2012 1:37:13 PM
mbam-log-2012-05-20 (13-37-13).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 469416
Time elapsed: 1 hour(s), 23 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\GQYhoLHhwMyfqNi.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\KxWbeXshNmDD.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
C:\Documents and Settings\sshiigi\Desktop\RK_Quarantine\pAflJBODLBxfsV.exe.vir (Trojan.FakeHDD) -> Quarantined and deleted successfully.
(end)
============================
2012/05/21 00:02:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 00:07:18 -1000 DFB69GJ1 sshiigi MESSAGE Starting protection
2012/05/21 00:07:37 -1000 DFB69GJ1 sshiigi MESSAGE Protection started successfully
2012/05/21 00:07:40 -1000 DFB69GJ1 sshiigi MESSAGE Starting IP protection
2012/05/21 00:08:19 -1000 DFB69GJ1 sshiigi MESSAGE IP Protection started successfully
2012/05/21 00:08:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:09:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:09:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:12:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:14:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:16:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:18:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:22:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:24:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:24:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:26:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:28:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:31:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:31:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:32:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:39:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:39:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:40:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:40:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:41:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:43:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:47:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:52:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:52:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:53:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:54:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 00:54:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:54:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:55:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:56:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:57:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:57:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:58:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:58:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 00:59:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:00:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:02:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:04:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:09:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:10:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:10:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:10:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:14:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:16:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:23:09 -1000 DFB69GJ1 sshiigi MESSAGE Starting protection
2012/05/21 01:23:35 -1000 DFB69GJ1 sshiigi MESSAGE Protection started successfully
2012/05/21 01:23:38 -1000 DFB69GJ1 sshiigi MESSAGE Starting IP protection
2012/05/21 01:23:42 -1000 DFB69GJ1 sshiigi MESSAGE IP Protection started successfully
2012/05/21 01:23:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 204.137.28.195 (Type: outgoing)
2012/05/21 01:24:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:25:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:25:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:25:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:32:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:36:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:39:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:40:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:40:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:40:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:42:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:44:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:44:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 01:48:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:48:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:48:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:49:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:49:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:50:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:51:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:54:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 01:55:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:55:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:55:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:57:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 01:59:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:01:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:03:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:07:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:08:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:08:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:09:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:09:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:12:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:16:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:18:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:19:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:20:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:20:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:21:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:21:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:22:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:24:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:25:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:25:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:26:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:27:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:31:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:39:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:41:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:41:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:41:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:43:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:45:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:47:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:48:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:50:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:50:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:51:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:52:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:54:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 02:58:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:58:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 02:58:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:00:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:02:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:07:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:07:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:08:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:10:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:11:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:11:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:11:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:15:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:17:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:23:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:25:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:25:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:27:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:28:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:28:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:29:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:33:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 03:34:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:34:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:36:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:40:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:40:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:44:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:48:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:49:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 03:50:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:50:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:50:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:52:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:53:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:53:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:53:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:53:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:53:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:54:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:54:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:54:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:55:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 03:55:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:55:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:55:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:56:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:56:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:56:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:56:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:56:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:57:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:57:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:57:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:58:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 03:58:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 03:58:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 03:59:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:59:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 03:59:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:00:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.187 (Type: outgoing)
2012/05/21 04:00:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.119.155 (Type: outgoing)
2012/05/21 04:00:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.187 (Type: outgoing)
2012/05/21 04:00:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.119.155 (Type: outgoing)
2012/05/21 04:00:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:00:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:00:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:01:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:01:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.125.41 (Type: outgoing)
2012/05/21 04:01:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:01:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:01:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:02:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:03:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:03:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:03:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:03:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:04:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:05:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:05:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:06:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:06:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:06:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:06:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:07:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:07:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:07:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:08:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:08:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:08:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:09:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:09:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:09:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:10:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 04:10:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:10:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:11:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:11:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:11:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:11:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:13:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:13:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:13:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:13:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:13:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:14:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:15:45 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:15:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:16:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:16:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:16:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:17:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:17:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:17:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:18:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:38 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:18:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:18:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:18:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:19:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:19:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:19:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:20:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:20:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:20:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:20:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:21:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:21:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:21:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:21:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:22:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:22:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:22:59 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:23:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.13.118 (Type: outgoing)
2012/05/21 04:23:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:23:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:23:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:24:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:24:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:17 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:24:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:24:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:24:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:25:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 195.3.145.57 (Type: outgoing)
2012/05/21 04:25:52 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:25:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:25:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:06 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:26:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:26:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:26:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:26:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:27:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:28:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:28:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:28:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:28:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:28:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:29:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:29:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:30:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:30:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:10 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:16 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:31:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:39 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:31:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:46 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:53 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:31:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:32:00 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:32:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:32:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:32:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:32:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:33:27 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:30 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:33 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:36 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:41 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:42 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:44 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:48 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:33:51 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:54 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:33:57 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:02 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:03 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:09 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:11 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:34:12 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:18 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:24 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:25 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:31 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:34:32 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:34:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:35:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 121.125.159.23 (Type: outgoing)
2012/05/21 04:35:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:01 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:05 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:07 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:08 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:13 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:14 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:15 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:19 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:20 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:21 -1000 DFB69GJ1 sshiigi IP-BLOCK 217.23.9.140 (Type: outgoing)
2012/05/21 04:36:22 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:23 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:26 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:28 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:29 -1000 DFB69GJ1 sshiigi IP-BLOCK 206.161.121.6 (Type: outgoing)
2012/05/21 04:36:34 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:35 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:37 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:40 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.120.247 (Type: outgoing)
2012/05/21 04:36:43 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:47 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:49 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:50 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:55 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:56 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:36:58 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
2012/05/21 04:37:04 -1000 DFB69GJ1 sshiigi IP-BLOCK 83.133.124.191 (Type: outgoing)
#8
Posted 21 May 2012 - 10:27 AM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Quote
I had to use an older version of TDSSKiller that was downloaded in Sept. 2007. Although I attempted to delete it into the recycle bin and download the current version onto my desktop, it would not run. The old version was saved into a folder on C: drive (not in Program Files) and I was unable to Uninstall because it doesn't show up in Add/Remove.
Quote
How do I get rid of the old and run the current version? It does not have the Change Parameters and Additional Options functions.
I'm sorry I missed this information.
Just download the new version to your desktop, rename it to explorer.com and see if it runs.
BTW: ComboFix is run thousands of times a day and is safe to run.
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#9
Posted 21 May 2012 - 11:49 PM
-
- Members
-
- 7 posts
New Member
MrC: I took a step back and ran the current version of TDSSKiller 2.7.36.0. It ran fine this time (although it didn't save to desktop). Found 2 suspect files, 1 cured & 1 deleted. Please let me know if I should run ComboFix next?
Best, moonshadow56
====================================
16:59:36.0859 4880 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
16:59:37.0375 4880 ============================================================
16:59:37.0375 4880 Current date / time: 2012/05/21 16:59:37.0375
16:59:37.0375 4880 SystemInfo:
16:59:37.0375 4880
16:59:37.0375 4880 OS Version: 5.1.2600 ServicePack: 3.0
16:59:37.0375 4880 Product type: Workstation
16:59:37.0375 4880 ComputerName: DFB69GJ1
16:59:37.0375 4880 UserName: sshiigi
16:59:37.0375 4880 Windows directory: C:\WINDOWS
16:59:37.0375 4880 System windows directory: C:\WINDOWS
16:59:37.0375 4880 Processor architecture: Intel x86
16:59:37.0375 4880 Number of processors: 2
16:59:37.0375 4880 Page size: 0x1000
16:59:37.0375 4880 Boot type: Normal boot
16:59:37.0375 4880 ============================================================
16:59:38.0203 4880 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:59:38.0203 4880 ============================================================
16:59:38.0203 4880 \Device\Harddisk0\DR0:
16:59:38.0234 4880 MBR partitions:
16:59:38.0234 4880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x46992, BlocksNum 0x1D17DBEF
16:59:38.0234 4880 ============================================================
16:59:38.0359 4880 C: <-> \Device\Harddisk0\DR0\Partition0
16:59:38.0390 4880 ============================================================
16:59:38.0390 4880 Initialize success
16:59:38.0390 4880 ============================================================
17:34:37.0078 2268 ============================================================
17:34:37.0078 2268 Scan started
17:34:37.0078 2268 Mode: Manual; SigCheck; TDLFS;
17:34:37.0078 2268 ============================================================
17:34:39.0296 2268 Abiosdsk - ok
17:34:39.0328 2268 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:34:41.0203 2268 abp480n5 - ok
17:34:41.0250 2268 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:34:41.0406 2268 ACPI - ok
17:34:41.0406 2268 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:34:41.0484 2268 ACPIEC - ok
17:34:41.0718 2268 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
17:34:41.0781 2268 Ad-Aware Service - ok
17:34:41.0890 2268 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:41.0906 2268 AdobeFlashPlayerUpdateSvc - ok
17:34:42.0000 2268 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:34:42.0109 2268 adpu160m - ok
17:34:42.0156 2268 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:34:42.0281 2268 aec - ok
17:34:42.0359 2268 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
17:34:42.0468 2268 AESTAud - ok
17:34:42.0531 2268 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:34:42.0609 2268 AFD - ok
17:34:42.0625 2268 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:34:42.0781 2268 agp440 - ok
17:34:42.0796 2268 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:34:42.0890 2268 agpCPQ - ok
17:34:42.0906 2268 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:34:42.0953 2268 Aha154x - ok
17:34:42.0968 2268 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:34:43.0062 2268 aic78u2 - ok
17:34:43.0078 2268 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:34:43.0171 2268 aic78xx - ok
17:34:43.0203 2268 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:34:43.0312 2268 Alerter - ok
17:34:43.0343 2268 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:34:43.0406 2268 ALG - ok
17:34:43.0437 2268 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:34:43.0531 2268 AliIde - ok
17:34:43.0546 2268 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:34:43.0625 2268 alim1541 - ok
17:34:43.0625 2268 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:34:43.0750 2268 amdagp - ok
17:34:43.0765 2268 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:34:43.0812 2268 amsint - ok
17:34:43.0843 2268 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:34:44.0171 2268 ApfiltrService - ok
17:34:44.0218 2268 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:34:44.0281 2268 AppMgmt - ok
17:34:44.0312 2268 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:34:44.0406 2268 Arp1394 - ok
17:34:44.0421 2268 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:34:44.0500 2268 asc - ok
17:34:44.0531 2268 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:34:44.0562 2268 asc3350p - ok
17:34:44.0578 2268 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:34:44.0687 2268 asc3550 - ok
17:34:44.0812 2268 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
17:34:44.0828 2268 ASFAgent - ok
17:34:45.0000 2268 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:34:45.0078 2268 aspnet_state - ok
17:34:45.0109 2268 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:34:45.0187 2268 AsyncMac - ok
17:34:45.0218 2268 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:34:45.0343 2268 atapi - ok
17:34:45.0343 2268 Atdisk - ok
17:34:45.0406 2268 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:34:45.0484 2268 Atmarpc - ok
17:34:45.0515 2268 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:34:45.0609 2268 AudioSrv - ok
17:34:45.0656 2268 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:34:45.0750 2268 audstub - ok
17:34:45.0781 2268 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:34:45.0875 2268 Beep - ok
17:34:45.0937 2268 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:34:46.0140 2268 BITS - ok
17:34:46.0171 2268 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:34:46.0281 2268 Browser - ok
17:34:46.0328 2268 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
17:34:46.0390 2268 BrScnUsb - ok
17:34:46.0390 2268 BrSerIb (9f80879913dc2712fd0c4d734e3f519b) C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
17:34:46.0437 2268 BrSerIb - ok
17:34:46.0437 2268 BrUsbSIb (b67512da42c0c90bf236d5485226c1c7) C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
17:34:46.0468 2268 BrUsbSIb - ok
17:34:46.0734 2268 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files\Browny02\BrYNSvc.exe
17:34:46.0781 2268 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:46.0781 2268 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
17:34:46.0968 2268 btaudio (f688bbbe8e3e7e03e35caabd66616ddb) C:\WINDOWS\system32\drivers\btaudio.sys
17:34:47.0046 2268 btaudio - ok
17:34:47.0187 2268 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
17:34:47.0218 2268 BTDriver - ok
17:34:47.0484 2268 BTKRNL (38a3331e2f690d4cdc9de0604b9416e5) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
17:34:47.0593 2268 BTKRNL - ok
17:34:47.0812 2268 btwdins (d48148110ae078cb7221d0fcf20adfec) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:34:47.0875 2268 btwdins - ok
17:34:48.0062 2268 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
17:34:48.0109 2268 BTWDNDIS - ok
17:34:48.0140 2268 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
17:34:48.0171 2268 btwmodem - ok
17:34:48.0187 2268 BTWUSB (d5af663711660d32ec230c6aaf7b6b83) C:\WINDOWS\system32\Drivers\btwusb.sys
17:34:48.0218 2268 BTWUSB - ok
17:34:48.0328 2268 buttonsvc32 (4c2a9823c48882bce93e26105e1434e2) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
17:34:48.0359 2268 buttonsvc32 - ok
17:34:48.0421 2268 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:34:48.0500 2268 cbidf - ok
17:34:48.0515 2268 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:34:48.0578 2268 cbidf2k - ok
17:34:48.0609 2268 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:34:48.0703 2268 CCDECODE - ok
17:34:48.0781 2268 ccEvtMgr (c8e9f9c289eef55b97ee2c1d245b1af3) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
17:34:48.0796 2268 ccEvtMgr - ok
17:34:48.0859 2268 CCIDFILTER (d006b6a67b8daed85e6d91783e9b45d6) C:\WINDOWS\system32\DRIVERS\ccidflt.sys
17:34:48.0875 2268 CCIDFILTER - ok
17:34:48.0906 2268 ccPwdSvc (5c09a042cab7de5a50a7b65f0980d279) C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
17:34:48.0921 2268 ccPwdSvc - ok
17:34:48.0968 2268 ccSetMgr (c70b0215de5cfc5681d536506edb42dd) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
17:34:48.0984 2268 ccSetMgr - ok
17:34:49.0015 2268 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:34:49.0093 2268 cd20xrnt - ok
17:34:49.0125 2268 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:34:49.0234 2268 Cdaudio - ok
17:34:49.0250 2268 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:34:49.0328 2268 Cdfs - ok
17:34:49.0343 2268 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:34:49.0421 2268 Cdrom - ok
17:34:49.0421 2268 Changer - ok
17:34:49.0453 2268 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:34:49.0546 2268 CiSvc - ok
17:34:49.0562 2268 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:34:49.0640 2268 ClipSrv - ok
17:34:49.0750 2268 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:49.0843 2268 clr_optimization_v2.0.50727_32 - ok
17:34:49.0875 2268 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:34:49.0953 2268 CmBatt - ok
17:34:49.0984 2268 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:34:50.0093 2268 CmdIde - ok
17:34:50.0093 2268 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:34:50.0187 2268 Compbatt - ok
17:34:50.0187 2268 COMSysApp - ok
17:34:50.0203 2268 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:34:50.0296 2268 Cpqarray - ok
17:34:50.0375 2268 Credential Vault Host Control Service (9d57165906778c9e5e0ecb34b311564b) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
17:34:50.0421 2268 Credential Vault Host Control Service - ok
17:34:50.0468 2268 Credential Vault Host Storage (e31e97859deee648d5867eadfbdbf25a) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
17:34:50.0468 2268 Credential Vault Host Storage - ok
17:34:50.0500 2268 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:34:50.0562 2268 CryptSvc - ok
17:34:50.0593 2268 cvusbdrv (dc6429fbc73b0b0b38cc5386c8a607ed) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
17:34:50.0609 2268 cvusbdrv - ok
17:34:50.0656 2268 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:34:50.0765 2268 dac2w2k - ok
17:34:50.0796 2268 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:34:50.0875 2268 dac960nt - ok
17:34:50.0937 2268 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:34:51.0015 2268 DcomLaunch - ok
17:34:51.0171 2268 dcpsysmgrsvc (ce597e34d62c603871e2f2f5155a88e5) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
17:34:51.0203 2268 dcpsysmgrsvc - ok
17:34:51.0281 2268 DefWatch (1bcfdaff0e5ca8efa32295c94bc864e9) C:\Program Files\Symantec AntiVirus\DefWatch.exe
17:34:51.0296 2268 DefWatch - ok
17:34:51.0328 2268 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:34:51.0437 2268 Dhcp - ok
17:34:51.0484 2268 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:34:51.0578 2268 Disk - ok
17:34:51.0593 2268 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
17:34:51.0609 2268 DLABMFSM - ok
17:34:51.0640 2268 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
17:34:51.0640 2268 DLABOIOM - ok
17:34:51.0640 2268 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:34:51.0656 2268 DLACDBHM - ok
17:34:51.0656 2268 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
17:34:51.0671 2268 DLADResM - ok
17:34:51.0671 2268 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
17:34:51.0687 2268 DLAIFS_M - ok
17:34:51.0687 2268 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
17:34:51.0703 2268 DLAOPIOM - ok
17:34:51.0703 2268 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
17:34:51.0703 2268 DLAPoolM - ok
17:34:51.0718 2268 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
17:34:51.0718 2268 DLARTL_M - ok
17:34:51.0750 2268 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
17:34:51.0750 2268 DLAUDFAM - ok
17:34:51.0781 2268 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
17:34:51.0796 2268 DLAUDF_M - ok
17:34:51.0796 2268 dmadmin - ok
17:34:51.0890 2268 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:34:52.0031 2268 dmboot - ok
17:34:52.0046 2268 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:34:52.0156 2268 dmio - ok
17:34:52.0187 2268 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:34:52.0265 2268 dmload - ok
17:34:52.0281 2268 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:34:52.0421 2268 dmserver - ok
17:34:52.0453 2268 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:34:52.0562 2268 DMusic - ok
17:34:52.0593 2268 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:34:52.0703 2268 Dnscache - ok
17:34:52.0734 2268 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:34:52.0828 2268 Dot3svc - ok
17:34:52.0843 2268 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:34:52.0937 2268 dpti2o - ok
17:34:52.0968 2268 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:34:53.0031 2268 drmkaud - ok
17:34:53.0093 2268 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:34:53.0109 2268 DRVMCDB - ok
17:34:53.0125 2268 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:34:53.0125 2268 DRVNDDM - ok
17:34:53.0156 2268 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
17:34:53.0171 2268 e1yexpress - ok
17:34:53.0203 2268 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:34:53.0296 2268 EapHost - ok
17:34:53.0437 2268 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:34:53.0468 2268 eeCtrl - ok
17:34:53.0515 2268 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:34:53.0515 2268 EraserUtilRebootDrv - ok
17:34:53.0546 2268 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:34:53.0625 2268 ERSvc - ok
17:34:53.0687 2268 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:34:53.0718 2268 Eventlog - ok
17:34:53.0765 2268 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:34:53.0843 2268 EventSystem - ok
17:34:53.0953 2268 EvtEng (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:34:54.0015 2268 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:34:54.0015 2268 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:34:54.0140 2268 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:34:54.0281 2268 Fastfat - ok
17:34:54.0343 2268 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:34:54.0390 2268 FastUserSwitchingCompatibility - ok
17:34:54.0453 2268 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:34:54.0578 2268 Fax - ok
17:34:54.0609 2268 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:34:54.0750 2268 Fdc - ok
17:34:54.0765 2268 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:34:54.0859 2268 Fips - ok
17:34:54.0859 2268 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:34:54.0953 2268 Flpydisk - ok
17:34:54.0953 2268 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:34:55.0031 2268 FltMgr - ok
17:34:55.0140 2268 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:34:55.0187 2268 FontCache3.0.0.0 - ok
17:34:55.0218 2268 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys
17:34:55.0328 2268 FsVga - ok
17:34:55.0343 2268 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:34:55.0437 2268 Fs_Rec - ok
17:34:55.0500 2268 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:34:55.0578 2268 Ftdisk - ok
17:34:55.0625 2268 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:34:55.0703 2268 Gpc - ok
17:34:55.0875 2268 gupdate1c99ecddb6280e6 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:34:55.0875 2268 gupdate1c99ecddb6280e6 - ok
17:34:55.0890 2268 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:34:55.0890 2268 gupdatem - ok
17:34:55.0968 2268 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:34:55.0984 2268 gusvc - ok
17:34:56.0015 2268 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:34:56.0109 2268 HDAudBus - ok
17:34:56.0171 2268 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:34:56.0250 2268 helpsvc - ok
17:34:56.0281 2268 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:34:56.0359 2268 HidServ - ok
17:34:56.0390 2268 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:34:56.0484 2268 hidusb - ok
17:34:56.0515 2268 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:34:56.0609 2268 hkmsvc - ok
17:34:56.0625 2268 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:34:56.0687 2268 hpn - ok
17:34:56.0750 2268 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:34:56.0828 2268 HPZid412 - ok
17:34:56.0859 2268 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:34:56.0921 2268 HPZipr12 - ok
17:34:56.0937 2268 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:34:57.0015 2268 HPZius12 - ok
17:34:57.0046 2268 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:34:57.0093 2268 HTTP - ok
17:34:57.0109 2268 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:34:57.0187 2268 HTTPFilter - ok
17:34:57.0218 2268 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:34:57.0406 2268 i2omgmt - ok
17:34:57.0421 2268 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:34:57.0515 2268 i2omp - ok
17:34:57.0562 2268 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:34:57.0640 2268 i8042prt - ok
17:34:57.0781 2268 IAANTMON (f79525634b192f5a18de503568f94ef3) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:34:57.0812 2268 IAANTMON - ok
17:34:57.0875 2268 iaStor (baabb0301949774a66b955c65319635a) C:\WINDOWS\system32\drivers\iaStor.sys
17:34:57.0906 2268 iaStor - ok
17:34:58.0156 2268 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:34:58.0281 2268 idsvc - ok
17:34:58.0343 2268 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:34:58.0468 2268 Imapi - ok
17:34:58.0546 2268 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:34:58.0703 2268 ImapiService - ok
17:34:58.0718 2268 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:34:58.0843 2268 ini910u - ok
17:34:58.0875 2268 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:34:59.0000 2268 IntelIde - ok
17:34:59.0015 2268 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:34:59.0125 2268 intelppm - ok
17:34:59.0250 2268 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
17:34:59.0265 2268 IntuitUpdateService - ok
17:34:59.0296 2268 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:34:59.0406 2268 Ip6Fw - ok
17:34:59.0484 2268 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:34:59.0593 2268 IpFilterDriver - ok
17:34:59.0625 2268 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:34:59.0734 2268 IpInIp - ok
17:34:59.0765 2268 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:34:59.0875 2268 IpNat - ok
17:34:59.0890 2268 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:34:59.0984 2268 IPSec - ok
17:35:00.0000 2268 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:35:00.0046 2268 IRENUM - ok
17:35:00.0093 2268 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:35:00.0171 2268 isapnp - ok
17:35:00.0281 2268 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
17:35:00.0296 2268 JavaQuickStarterService - ok
17:35:00.0359 2268 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:35:00.0453 2268 Kbdclass - ok
17:35:00.0484 2268 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:35:00.0578 2268 kbdhid - ok
17:35:00.0625 2268 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:35:00.0734 2268 kmixer - ok
17:35:00.0765 2268 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:35:00.0843 2268 KSecDD - ok
17:35:00.0890 2268 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:35:00.0953 2268 LanmanServer - ok
17:35:00.0984 2268 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:35:01.0031 2268 lanmanworkstation - ok
17:35:01.0062 2268 Lavasoft Kernexplorer - ok
17:35:01.0062 2268 Lbd - ok
17:35:01.0109 2268 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
17:35:01.0125 2268 LBeepKE - ok
17:35:01.0125 2268 lbrtfdc - ok
17:35:01.0281 2268 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:35:01.0343 2268 LBTServ - ok
17:35:01.0359 2268 LEqdUsb (eee5a87ec378c9ad7ce91073fbd63465) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
17:35:01.0390 2268 LEqdUsb - ok
17:35:01.0421 2268 LHidEqd (62663b385087f5977d8ebd1fdc67b639) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
17:35:01.0437 2268 LHidEqd - ok
17:35:01.0437 2268 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:35:01.0468 2268 LHidFilt - ok
17:35:01.0500 2268 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:35:01.0625 2268 LmHosts - ok
17:35:01.0640 2268 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:35:01.0656 2268 LMouFilt - ok
17:35:01.0687 2268 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:35:01.0703 2268 MBAMProtector - ok
17:35:01.0859 2268 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:35:01.0890 2268 MBAMService - ok
17:35:02.0031 2268 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:35:02.0062 2268 MDM - ok
17:35:02.0093 2268 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:35:02.0187 2268 Messenger - ok
17:35:02.0234 2268 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:35:02.0406 2268 mnmdd - ok
17:35:02.0437 2268 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:35:02.0515 2268 mnmsrvc - ok
17:35:02.0531 2268 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:35:02.0625 2268 Modem - ok
17:35:02.0687 2268 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:35:02.0765 2268 Mouclass - ok
17:35:02.0765 2268 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:35:02.0875 2268 mouhid - ok
17:35:02.0906 2268 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:35:02.0984 2268 MountMgr - ok
17:35:03.0000 2268 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:35:03.0078 2268 mraid35x - ok
17:35:03.0093 2268 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:35:03.0203 2268 MRxDAV - ok
17:35:03.0265 2268 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:35:03.0359 2268 MRxSmb - ok
17:35:03.0406 2268 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:35:03.0484 2268 MSDTC - ok
17:35:03.0484 2268 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:35:03.0546 2268 Msfs - ok
17:35:03.0562 2268 MSIServer - ok
17:35:03.0562 2268 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:35:03.0640 2268 MSKSSRV - ok
17:35:03.0671 2268 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:35:03.0765 2268 MSPCLOCK - ok
17:35:03.0796 2268 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:35:03.0890 2268 MSPQM - ok
17:35:03.0906 2268 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:35:04.0015 2268 mssmbios - ok
17:35:04.0046 2268 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:35:04.0125 2268 MSTEE - ok
17:35:04.0156 2268 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:35:04.0218 2268 Mup - ok
17:35:04.0218 2268 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:35:04.0312 2268 NABTSFEC - ok
17:35:04.0328 2268 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\WINDOWS\system32\Drivers\iqvw32.sys
17:35:04.0343 2268 NAL - ok
17:35:04.0390 2268 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:35:04.0531 2268 napagent - ok
17:35:05.0343 2268 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\naveng.sys
17:35:05.0359 2268 NAVENG - ok
17:35:05.0531 2268 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\navex15.sys
17:35:05.0640 2268 NAVEX15 - ok
17:35:05.0906 2268 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:35:06.0093 2268 NDIS - ok
17:35:06.0125 2268 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:35:06.0218 2268 NdisIP - ok
17:35:06.0265 2268 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:35:06.0328 2268 NdisTapi - ok
17:35:06.0343 2268 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:35:06.0421 2268 Ndisuio - ok
17:35:06.0515 2268 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:35:06.0640 2268 NdisWan - ok
17:35:06.0734 2268 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:35:06.0796 2268 NDProxy - ok
17:35:06.0843 2268 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:35:06.0953 2268 NetBIOS - ok
17:35:07.0015 2268 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:35:07.0140 2268 NetBT - ok
17:35:07.0171 2268 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:07.0312 2268 NetDDE - ok
17:35:07.0312 2268 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:07.0421 2268 NetDDEdsdm - ok
17:35:07.0453 2268 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:07.0546 2268 Netlogon - ok
17:35:07.0578 2268 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:35:07.0671 2268 Netman - ok
17:35:07.0812 2268 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:35:07.0828 2268 NetTcpPortSharing - ok
17:35:08.0093 2268 NETw5x32 (cfe1981a47a2f7650a1ef8917dc4d1c3) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
17:35:08.0359 2268 NETw5x32 - ok
17:35:08.0500 2268 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:35:08.0718 2268 NIC1394 - ok
17:35:08.0750 2268 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:35:08.0796 2268 Nla - ok
17:35:08.0828 2268 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:35:08.0890 2268 Npfs - ok
17:35:08.0984 2268 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:35:09.0093 2268 Ntfs - ok
17:35:09.0140 2268 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:09.0218 2268 NtLmSsp - ok
17:35:09.0296 2268 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:35:09.0406 2268 NtmsSvc - ok
17:35:09.0453 2268 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
17:35:09.0468 2268 NuidFltr - ok
17:35:09.0515 2268 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:35:09.0593 2268 Null - ok
17:35:10.0031 2268 nv (25167771f5afad71808b0080fe4f2312) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:35:10.0578 2268 nv - ok
17:35:10.0828 2268 NVSvc (6d409284f20e21c613fd697c0640f760) C:\WINDOWS\system32\nvsvc32.exe
17:35:10.0906 2268 NVSvc - ok
17:35:10.0953 2268 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:35:11.0171 2268 NwlnkFlt - ok
17:35:11.0203 2268 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:35:11.0265 2268 NwlnkFwd - ok
17:35:11.0328 2268 OA001Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA001Afx.sys
17:35:11.0406 2268 OA001Afx - ok
17:35:11.0437 2268 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA001Ufd.sys
17:35:11.0453 2268 OA001Ufd - ok
17:35:11.0484 2268 OA001Vid (159e5a08a6a5231863cddbd787a4eabb) C:\WINDOWS\system32\DRIVERS\OA001Vid.sys
17:35:11.0500 2268 OA001Vid - ok
17:35:11.0546 2268 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:35:11.0609 2268 ohci1394 - ok
17:35:11.0750 2268 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:11.0781 2268 ose - ok
17:35:11.0812 2268 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
17:35:11.0921 2268 Parport - ok
17:35:11.0921 2268 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:35:12.0000 2268 PartMgr - ok
17:35:12.0031 2268 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:35:12.0109 2268 ParVdm - ok
17:35:12.0140 2268 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
17:35:12.0140 2268 PBADRV - ok
17:35:12.0171 2268 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
17:35:12.0187 2268 PCASp50 - ok
17:35:12.0203 2268 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:35:12.0265 2268 PCI - ok
17:35:12.0265 2268 PCIDump - ok
17:35:12.0296 2268 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:35:12.0375 2268 PCIIde - ok
17:35:12.0390 2268 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:35:12.0500 2268 Pcmcia - ok
17:35:12.0500 2268 PDCOMP - ok
17:35:12.0625 2268 PDFProFiltSrvPP (c1c3baf078be5a14384a4ba2d730817d) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
17:35:12.0656 2268 PDFProFiltSrvPP - ok
17:35:12.0656 2268 PDFRAME - ok
17:35:12.0656 2268 PDRELI - ok
17:35:12.0656 2268 PDRFRAME - ok
17:35:12.0703 2268 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:35:12.0781 2268 perc2 - ok
17:35:12.0796 2268 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:35:12.0875 2268 perc2hib - ok
17:35:12.0921 2268 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:35:12.0953 2268 PlugPlay - ok
17:35:13.0015 2268 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINDOWS\system32\HPZipm12.exe
17:35:13.0046 2268 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:35:13.0046 2268 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:35:13.0062 2268 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:13.0125 2268 PolicyAgent - ok
17:35:13.0171 2268 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:35:13.0265 2268 PptpMiniport - ok
17:35:13.0265 2268 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:13.0343 2268 ProtectedStorage - ok
17:35:13.0343 2268 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:35:13.0421 2268 PSched - ok
17:35:13.0421 2268 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:35:13.0500 2268 Ptilink - ok
17:35:13.0562 2268 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:35:13.0562 2268 PxHelp20 - ok
17:35:13.0593 2268 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:35:13.0687 2268 ql1080 - ok
17:35:13.0703 2268 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:35:13.0796 2268 Ql10wnt - ok
17:35:13.0828 2268 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:35:13.0906 2268 ql12160 - ok
17:35:13.0921 2268 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:35:14.0015 2268 ql1240 - ok
17:35:14.0031 2268 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:35:14.0109 2268 ql1280 - ok
17:35:14.0140 2268 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:35:14.0218 2268 RasAcd - ok
17:35:14.0250 2268 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:35:14.0343 2268 RasAuto - ok
17:35:14.0375 2268 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:35:14.0468 2268 Rasl2tp - ok
17:35:14.0515 2268 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:35:14.0609 2268 RasMan - ok
17:35:14.0656 2268 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:35:14.0781 2268 RasPppoe - ok
17:35:14.0796 2268 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:35:14.0921 2268 Raspti - ok
17:35:14.0968 2268 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:35:15.0078 2268 Rdbss - ok
17:35:15.0078 2268 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:35:15.0203 2268 RDPCDD - ok
17:35:15.0218 2268 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:35:15.0312 2268 rdpdr - ok
17:35:15.0343 2268 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:35:15.0375 2268 RDPWD - ok
17:35:15.0406 2268 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:35:15.0515 2268 RDSessMgr - ok
17:35:15.0562 2268 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:35:15.0640 2268 redbook - ok
17:35:15.0859 2268 RegSrvc (ed8c9f16e10c1e4c4c5d16cd04966e24) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:35:15.0890 2268 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0890 2268 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:35:15.0937 2268 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:35:16.0062 2268 RemoteAccess - ok
17:35:16.0125 2268 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:35:16.0250 2268 RemoteRegistry - ok
17:35:16.0296 2268 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:35:16.0343 2268 rimmptsk - ok
17:35:16.0390 2268 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:35:16.0500 2268 RpcLocator - ok
17:35:16.0546 2268 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:35:16.0609 2268 RpcSs - ok
17:35:16.0640 2268 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:35:16.0765 2268 RSVP - ok
17:35:16.0921 2268 S24EventMonitor (d7f1f8d85f31cbb74442ec30177885cc) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
17:35:16.0968 2268 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
17:35:16.0968 2268 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
17:35:17.0109 2268 s24trans (1f950f97dbf5e0ba4fbbfaf074d3b47c) C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:35:17.0109 2268 s24trans ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0109 2268 s24trans - detected UnsignedFile.Multi.Generic (1)
17:35:17.0140 2268 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:17.0203 2268 SamSs - ok
17:35:17.0265 2268 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:35:17.0296 2268 SASDIFSV ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0296 2268 SASDIFSV - detected UnsignedFile.Multi.Generic (1)
17:35:17.0328 2268 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
17:35:17.0406 2268 SASENUM ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0406 2268 SASENUM - detected UnsignedFile.Multi.Generic (1)
17:35:17.0453 2268 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
17:35:17.0468 2268 SASKUTIL ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0468 2268 SASKUTIL - detected UnsignedFile.Multi.Generic (1)
17:35:17.0546 2268 SavRoam (fe8792122cdb2caf105f60ea228a3b46) C:\Program Files\Symantec AntiVirus\SavRoam.exe
17:35:17.0609 2268 SavRoam - ok
17:35:17.0687 2268 SAVRT (21ba125b956a513f85f6ab1dd603f917) C:\Program Files\Symantec AntiVirus\savrt.sys
17:35:17.0765 2268 SAVRT - ok
17:35:17.0796 2268 SAVRTPEL (0f8e1c05fc1298f8e7cea935429f66ff) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
17:35:17.0828 2268 SAVRTPEL - ok
17:35:18.0687 2268 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
17:35:19.0031 2268 SBAMSvc - ok
17:35:19.0234 2268 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
17:35:19.0265 2268 sbaphd - ok
17:35:19.0296 2268 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
17:35:19.0328 2268 sbapifs - ok
17:35:19.0406 2268 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
17:35:19.0453 2268 SbFw - ok
17:35:19.0500 2268 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
17:35:19.0546 2268 SBFWIMCL - ok
17:35:19.0546 2268 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
17:35:19.0578 2268 SBFWIMCLMP - ok
17:35:19.0593 2268 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
17:35:19.0640 2268 sbhips - ok
17:35:19.0687 2268 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
17:35:19.0703 2268 SBRE - ok
17:35:19.0703 2268 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
17:35:19.0718 2268 sbtis - ok
17:35:19.0765 2268 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:35:19.0843 2268 SCardSvr - ok
17:35:19.0875 2268 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:35:19.0953 2268 Schedule - ok
17:35:20.0015 2268 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:35:20.0125 2268 sdbus - ok
17:35:20.0140 2268 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:35:20.0187 2268 Secdrv - ok
17:35:20.0203 2268 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:35:20.0281 2268 seclogon - ok
17:35:20.0437 2268 SecureStorageService (e80163f46ae96cc0a05fb9f3f55deb18) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
17:35:20.0546 2268 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
17:35:20.0546 2268 SecureStorageService - detected UnsignedFile.Multi.Generic (1)
17:35:20.0609 2268 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:35:20.0687 2268 SENS - ok
17:35:20.0703 2268 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:35:20.0781 2268 Serenum - ok
17:35:20.0796 2268 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:35:20.0921 2268 Serial - ok
17:35:20.0953 2268 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:35:21.0093 2268 sffdisk - ok
17:35:21.0125 2268 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:35:21.0218 2268 sffp_sd - ok
17:35:21.0250 2268 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:35:21.0359 2268 Sfloppy - ok
17:35:21.0437 2268 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:21.0484 2268 ShellHWDetection - ok
17:35:21.0484 2268 Simbad - ok
17:35:21.0500 2268 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:35:21.0625 2268 sisagp - ok
17:35:21.0640 2268 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:35:21.0734 2268 SLIP - ok
17:35:21.0843 2268 SMManager (24d62fc9201d172f69c47355d185213b) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
17:35:21.0859 2268 SMManager ( UnsignedFile.Multi.Generic ) - warning
17:35:21.0859 2268 SMManager - detected UnsignedFile.Multi.Generic (1)
17:35:21.0953 2268 SNDSrvc (262c62aa7e74e7cdc0bd8926741b6a60) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
17:35:22.0000 2268 SNDSrvc - ok
17:35:22.0031 2268 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:35:22.0109 2268 Sparrow - ok
17:35:22.0171 2268 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
17:35:22.0203 2268 SPBBCDrv - ok
17:35:22.0281 2268 SPBBCSvc (ea07435c72a8534c3a8e02d87246e546) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
17:35:22.0375 2268 SPBBCSvc - ok
17:35:22.0593 2268 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:35:22.0718 2268 splitter - ok
17:35:22.0781 2268 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:35:22.0828 2268 Spooler - ok
17:35:22.0921 2268 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:35:22.0984 2268 sr - ok
17:35:23.0046 2268 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:35:23.0109 2268 srservice - ok
17:35:23.0156 2268 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:35:23.0234 2268 Srv - ok
17:35:23.0281 2268 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:35:23.0359 2268 SSDPSRV - ok
17:35:23.0390 2268 STacSV (cb2449150a5ea17caa0b94363d9440cc) c:\drivers\audio\r205445\stacsv.exe
17:35:23.0468 2268 STacSV - ok
17:35:23.0640 2268 STHDA (886c708c91db573656d64c626468d707) C:\WINDOWS\system32\drivers\sthda.sys
17:35:23.0812 2268 STHDA - ok
17:35:24.0031 2268 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:35:24.0265 2268 stisvc - ok
17:35:24.0406 2268 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:35:24.0437 2268 stllssvr ( UnsignedFile.Multi.Generic ) - warning
17:35:24.0437 2268 stllssvr - detected UnsignedFile.Multi.Generic (1)
17:35:24.0484 2268 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:35:24.0562 2268 streamip - ok
17:35:24.0640 2268 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:35:24.0718 2268 swenum - ok
17:35:24.0734 2268 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:35:24.0828 2268 swmidi - ok
17:35:24.0843 2268 SwPrv - ok
17:35:25.0031 2268 Symantec AntiVirus (85ecc034b4dec0b3640c2d72509c03be) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
17:35:25.0140 2268 Symantec AntiVirus - ok
17:35:25.0312 2268 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:35:25.0484 2268 symc810 - ok
17:35:25.0515 2268 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:35:25.0625 2268 symc8xx - ok
17:35:25.0734 2268 SymEvent (9c4737086dee2d302d5d2d69478f6611) C:\Program Files\Symantec\SYMEVENT.SYS
17:35:25.0765 2268 SymEvent - ok
17:35:25.0781 2268 SYMREDRV (c1bbd1d20acc5ecadca086228ad52bdd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
17:35:25.0796 2268 SYMREDRV - ok
17:35:25.0828 2268 SYMTDI (9bf7fddab95f8aabc361774dc844f755) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
17:35:25.0875 2268 SYMTDI - ok
17:35:25.0906 2268 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:35:26.0015 2268 sym_hi - ok
17:35:26.0046 2268 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:35:26.0109 2268 sym_u3 - ok
17:35:26.0156 2268 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:35:26.0218 2268 sysaudio - ok
17:35:26.0265 2268 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:35:26.0343 2268 SysmonLog - ok
17:35:26.0390 2268 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:35:26.0468 2268 TapiSrv - ok
17:35:26.0531 2268 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:35:26.0609 2268 Tcpip - ok
17:35:26.0734 2268 tcsd_win32.exe (ba9202e263a6fc1ffd7889fea186a2c4) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:35:26.0812 2268 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
17:35:26.0812 2268 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)
17:35:27.0015 2268 TdmService (ea63bf38938ad9917beb1846d6d15c84) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:35:27.0109 2268 TdmService ( UnsignedFile.Multi.Generic ) - warning
17:35:27.0109 2268 TdmService - detected UnsignedFile.Multi.Generic (1)
17:35:27.0296 2268 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:35:27.0500 2268 TDPIPE - ok
17:35:27.0531 2268 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:35:27.0593 2268 TDTCP - ok
17:35:27.0640 2268 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:35:27.0734 2268 TermDD - ok
17:35:27.0781 2268 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:35:27.0875 2268 TermService - ok
17:35:27.0921 2268 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:27.0953 2268 Themes - ok
17:35:27.0968 2268 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:35:28.0031 2268 TlntSvr - ok
17:35:28.0046 2268 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:35:28.0156 2268 TosIde - ok
17:35:28.0171 2268 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:35:28.0281 2268 TrkWks - ok
17:35:28.0296 2268 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:35:28.0406 2268 Udfs - ok
17:35:28.0421 2268 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:35:28.0484 2268 ultra - ok
17:35:28.0515 2268 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:35:28.0609 2268 Update - ok
17:35:28.0640 2268 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:35:28.0703 2268 upnphost - ok
17:35:28.0734 2268 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:35:28.0812 2268 UPS - ok
17:35:28.0859 2268 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:35:28.0937 2268 usbaudio - ok
17:35:28.0984 2268 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:35:29.0031 2268 usbccgp - ok
17:35:29.0046 2268 USBCCID (150442fa5224dc338028543e2fffa7b4) C:\WINDOWS\system32\DRIVERS\usbccid.sys
17:35:29.0062 2268 USBCCID - ok
17:35:29.0109 2268 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:35:29.0203 2268 usbehci - ok
17:35:29.0218 2268 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:35:29.0296 2268 usbhub - ok
17:35:29.0312 2268 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:35:29.0406 2268 usbprint - ok
17:35:29.0437 2268 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:35:29.0515 2268 usbscan - ok
17:35:29.0531 2268 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:35:29.0625 2268 USBSTOR - ok
17:35:29.0625 2268 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:35:29.0734 2268 usbuhci - ok
17:35:29.0781 2268 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:35:29.0859 2268 usbvideo - ok
17:35:29.0906 2268 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:35:29.0968 2268 VgaSave - ok
17:35:30.0000 2268 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:35:30.0062 2268 viaagp - ok
17:35:30.0078 2268 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:35:30.0171 2268 ViaIde - ok
17:35:30.0187 2268 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:35:30.0265 2268 VolSnap - ok
17:35:30.0328 2268 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:35:30.0421 2268 VSS - ok
17:35:30.0453 2268 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:35:30.0531 2268 w32time - ok
17:35:30.0578 2268 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:35:30.0656 2268 Wanarp - ok
17:35:30.0718 2268 WavxDMgr (0be8dd6c95c5bdff9c5f3fa8095d304c) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
17:35:30.0750 2268 WavxDMgr - ok
17:35:30.0859 2268 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:35:30.0906 2268 Wdf01000 - ok
17:35:30.0921 2268 WDICA - ok
17:35:30.0953 2268 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:35:31.0078 2268 wdmaud - ok
17:35:31.0125 2268 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:35:31.0250 2268 WebClient - ok
17:35:31.0343 2268 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:35:31.0453 2268 winmgmt - ok
17:35:31.0656 2268 WLANKEEPER (bd4dacd31bd71cfcd5610bf9ad6e06e7) C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
17:35:31.0687 2268 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
17:35:31.0687 2268 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
17:35:31.0750 2268 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:35:31.0812 2268 WmdmPmSN - ok
17:35:31.0921 2268 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:35:32.0015 2268 Wmi - ok
17:35:32.0171 2268 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:35:32.0343 2268 WmiAcpi - ok
17:35:32.0421 2268 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:35:32.0531 2268 WmiApSrv - ok
17:35:32.0625 2268 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
17:35:32.0734 2268 WMPNetworkSvc - ok
17:35:32.0781 2268 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:35:32.0875 2268 WS2IFSL - ok
17:35:32.0875 2268 WSearch - ok
17:35:32.0906 2268 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:35:33.0046 2268 WSTCODEC - ok
17:35:33.0062 2268 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:35:33.0187 2268 wuauserv - ok
17:35:33.0218 2268 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:35:33.0281 2268 WudfPf - ok
17:35:33.0312 2268 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:35:33.0343 2268 WudfRd - ok
17:35:33.0375 2268 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:35:33.0390 2268 WudfSvc - ok
17:35:33.0453 2268 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:35:33.0609 2268 WZCSVC - ok
17:35:33.0640 2268 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:35:33.0734 2268 xmlprov - ok
17:35:33.0765 2268 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:35:33.0812 2268 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
17:35:33.0812 2268 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
17:35:33.0812 2268 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:35:33.0812 2268 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:35:33.0828 2268 Boot (0x1200) (09cf8354a803e5109a031af29784fa35) \Device\Harddisk0\DR0\Partition0
17:35:33.0828 2268 \Device\Harddisk0\DR0\Partition0 - ok
17:35:33.0828 2268 ============================================================
17:35:33.0828 2268 Scan finished
17:35:33.0828 2268 ============================================================
17:35:33.0984 1820 Detected object count: 17
17:35:33.0984 1820 Actual detected object count: 17
17:47:31.0890 1820 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0890 1820 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0890 1820 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASDIFSV ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASDIFSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASENUM ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASKUTIL ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASKUTIL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 SMManager ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 SMManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 TdmService ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 TdmService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:33.0125 1820 \Device\Harddisk0\DR0\# - copied to quarantine
17:47:33.0125 1820 \Device\Harddisk0\DR0 - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
17:47:33.0187 1820 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:47:33.0562 1820 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:47:33.0625 1820 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:47:33.0671 1820 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:47:33.0718 1820 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
17:47:33.0718 1820 \Device\Harddisk0\DR0 - ok
17:47:33.0718 1820 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
17:47:33.0718 1820 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:47:33.0750 1820 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:47:33.0765 1820 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:47:33.0781 1820 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:47:33.0796 1820 \Device\Harddisk0\DR0\TDLFS - deleted
17:47:33.0796 1820 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
17:50:44.0578 4148 Deinitialize success
Best, moonshadow56
====================================
16:59:36.0859 4880 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
16:59:37.0375 4880 ============================================================
16:59:37.0375 4880 Current date / time: 2012/05/21 16:59:37.0375
16:59:37.0375 4880 SystemInfo:
16:59:37.0375 4880
16:59:37.0375 4880 OS Version: 5.1.2600 ServicePack: 3.0
16:59:37.0375 4880 Product type: Workstation
16:59:37.0375 4880 ComputerName: DFB69GJ1
16:59:37.0375 4880 UserName: sshiigi
16:59:37.0375 4880 Windows directory: C:\WINDOWS
16:59:37.0375 4880 System windows directory: C:\WINDOWS
16:59:37.0375 4880 Processor architecture: Intel x86
16:59:37.0375 4880 Number of processors: 2
16:59:37.0375 4880 Page size: 0x1000
16:59:37.0375 4880 Boot type: Normal boot
16:59:37.0375 4880 ============================================================
16:59:38.0203 4880 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:59:38.0203 4880 ============================================================
16:59:38.0203 4880 \Device\Harddisk0\DR0:
16:59:38.0234 4880 MBR partitions:
16:59:38.0234 4880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x46992, BlocksNum 0x1D17DBEF
16:59:38.0234 4880 ============================================================
16:59:38.0359 4880 C: <-> \Device\Harddisk0\DR0\Partition0
16:59:38.0390 4880 ============================================================
16:59:38.0390 4880 Initialize success
16:59:38.0390 4880 ============================================================
17:34:37.0078 2268 ============================================================
17:34:37.0078 2268 Scan started
17:34:37.0078 2268 Mode: Manual; SigCheck; TDLFS;
17:34:37.0078 2268 ============================================================
17:34:39.0296 2268 Abiosdsk - ok
17:34:39.0328 2268 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:34:41.0203 2268 abp480n5 - ok
17:34:41.0250 2268 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:34:41.0406 2268 ACPI - ok
17:34:41.0406 2268 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:34:41.0484 2268 ACPIEC - ok
17:34:41.0718 2268 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
17:34:41.0781 2268 Ad-Aware Service - ok
17:34:41.0890 2268 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:41.0906 2268 AdobeFlashPlayerUpdateSvc - ok
17:34:42.0000 2268 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:34:42.0109 2268 adpu160m - ok
17:34:42.0156 2268 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:34:42.0281 2268 aec - ok
17:34:42.0359 2268 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
17:34:42.0468 2268 AESTAud - ok
17:34:42.0531 2268 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:34:42.0609 2268 AFD - ok
17:34:42.0625 2268 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:34:42.0781 2268 agp440 - ok
17:34:42.0796 2268 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:34:42.0890 2268 agpCPQ - ok
17:34:42.0906 2268 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:34:42.0953 2268 Aha154x - ok
17:34:42.0968 2268 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:34:43.0062 2268 aic78u2 - ok
17:34:43.0078 2268 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:34:43.0171 2268 aic78xx - ok
17:34:43.0203 2268 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:34:43.0312 2268 Alerter - ok
17:34:43.0343 2268 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:34:43.0406 2268 ALG - ok
17:34:43.0437 2268 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:34:43.0531 2268 AliIde - ok
17:34:43.0546 2268 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:34:43.0625 2268 alim1541 - ok
17:34:43.0625 2268 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:34:43.0750 2268 amdagp - ok
17:34:43.0765 2268 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:34:43.0812 2268 amsint - ok
17:34:43.0843 2268 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:34:44.0171 2268 ApfiltrService - ok
17:34:44.0218 2268 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:34:44.0281 2268 AppMgmt - ok
17:34:44.0312 2268 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:34:44.0406 2268 Arp1394 - ok
17:34:44.0421 2268 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:34:44.0500 2268 asc - ok
17:34:44.0531 2268 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:34:44.0562 2268 asc3350p - ok
17:34:44.0578 2268 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:34:44.0687 2268 asc3550 - ok
17:34:44.0812 2268 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
17:34:44.0828 2268 ASFAgent - ok
17:34:45.0000 2268 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:34:45.0078 2268 aspnet_state - ok
17:34:45.0109 2268 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:34:45.0187 2268 AsyncMac - ok
17:34:45.0218 2268 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:34:45.0343 2268 atapi - ok
17:34:45.0343 2268 Atdisk - ok
17:34:45.0406 2268 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:34:45.0484 2268 Atmarpc - ok
17:34:45.0515 2268 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:34:45.0609 2268 AudioSrv - ok
17:34:45.0656 2268 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:34:45.0750 2268 audstub - ok
17:34:45.0781 2268 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:34:45.0875 2268 Beep - ok
17:34:45.0937 2268 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:34:46.0140 2268 BITS - ok
17:34:46.0171 2268 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:34:46.0281 2268 Browser - ok
17:34:46.0328 2268 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
17:34:46.0390 2268 BrScnUsb - ok
17:34:46.0390 2268 BrSerIb (9f80879913dc2712fd0c4d734e3f519b) C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
17:34:46.0437 2268 BrSerIb - ok
17:34:46.0437 2268 BrUsbSIb (b67512da42c0c90bf236d5485226c1c7) C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
17:34:46.0468 2268 BrUsbSIb - ok
17:34:46.0734 2268 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files\Browny02\BrYNSvc.exe
17:34:46.0781 2268 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
17:34:46.0781 2268 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
17:34:46.0968 2268 btaudio (f688bbbe8e3e7e03e35caabd66616ddb) C:\WINDOWS\system32\drivers\btaudio.sys
17:34:47.0046 2268 btaudio - ok
17:34:47.0187 2268 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
17:34:47.0218 2268 BTDriver - ok
17:34:47.0484 2268 BTKRNL (38a3331e2f690d4cdc9de0604b9416e5) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
17:34:47.0593 2268 BTKRNL - ok
17:34:47.0812 2268 btwdins (d48148110ae078cb7221d0fcf20adfec) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:34:47.0875 2268 btwdins - ok
17:34:48.0062 2268 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
17:34:48.0109 2268 BTWDNDIS - ok
17:34:48.0140 2268 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
17:34:48.0171 2268 btwmodem - ok
17:34:48.0187 2268 BTWUSB (d5af663711660d32ec230c6aaf7b6b83) C:\WINDOWS\system32\Drivers\btwusb.sys
17:34:48.0218 2268 BTWUSB - ok
17:34:48.0328 2268 buttonsvc32 (4c2a9823c48882bce93e26105e1434e2) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
17:34:48.0359 2268 buttonsvc32 - ok
17:34:48.0421 2268 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:34:48.0500 2268 cbidf - ok
17:34:48.0515 2268 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:34:48.0578 2268 cbidf2k - ok
17:34:48.0609 2268 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:34:48.0703 2268 CCDECODE - ok
17:34:48.0781 2268 ccEvtMgr (c8e9f9c289eef55b97ee2c1d245b1af3) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
17:34:48.0796 2268 ccEvtMgr - ok
17:34:48.0859 2268 CCIDFILTER (d006b6a67b8daed85e6d91783e9b45d6) C:\WINDOWS\system32\DRIVERS\ccidflt.sys
17:34:48.0875 2268 CCIDFILTER - ok
17:34:48.0906 2268 ccPwdSvc (5c09a042cab7de5a50a7b65f0980d279) C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
17:34:48.0921 2268 ccPwdSvc - ok
17:34:48.0968 2268 ccSetMgr (c70b0215de5cfc5681d536506edb42dd) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
17:34:48.0984 2268 ccSetMgr - ok
17:34:49.0015 2268 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:34:49.0093 2268 cd20xrnt - ok
17:34:49.0125 2268 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:34:49.0234 2268 Cdaudio - ok
17:34:49.0250 2268 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:34:49.0328 2268 Cdfs - ok
17:34:49.0343 2268 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:34:49.0421 2268 Cdrom - ok
17:34:49.0421 2268 Changer - ok
17:34:49.0453 2268 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:34:49.0546 2268 CiSvc - ok
17:34:49.0562 2268 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:34:49.0640 2268 ClipSrv - ok
17:34:49.0750 2268 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:49.0843 2268 clr_optimization_v2.0.50727_32 - ok
17:34:49.0875 2268 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:34:49.0953 2268 CmBatt - ok
17:34:49.0984 2268 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:34:50.0093 2268 CmdIde - ok
17:34:50.0093 2268 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:34:50.0187 2268 Compbatt - ok
17:34:50.0187 2268 COMSysApp - ok
17:34:50.0203 2268 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:34:50.0296 2268 Cpqarray - ok
17:34:50.0375 2268 Credential Vault Host Control Service (9d57165906778c9e5e0ecb34b311564b) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
17:34:50.0421 2268 Credential Vault Host Control Service - ok
17:34:50.0468 2268 Credential Vault Host Storage (e31e97859deee648d5867eadfbdbf25a) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
17:34:50.0468 2268 Credential Vault Host Storage - ok
17:34:50.0500 2268 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:34:50.0562 2268 CryptSvc - ok
17:34:50.0593 2268 cvusbdrv (dc6429fbc73b0b0b38cc5386c8a607ed) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
17:34:50.0609 2268 cvusbdrv - ok
17:34:50.0656 2268 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:34:50.0765 2268 dac2w2k - ok
17:34:50.0796 2268 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:34:50.0875 2268 dac960nt - ok
17:34:50.0937 2268 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:34:51.0015 2268 DcomLaunch - ok
17:34:51.0171 2268 dcpsysmgrsvc (ce597e34d62c603871e2f2f5155a88e5) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
17:34:51.0203 2268 dcpsysmgrsvc - ok
17:34:51.0281 2268 DefWatch (1bcfdaff0e5ca8efa32295c94bc864e9) C:\Program Files\Symantec AntiVirus\DefWatch.exe
17:34:51.0296 2268 DefWatch - ok
17:34:51.0328 2268 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:34:51.0437 2268 Dhcp - ok
17:34:51.0484 2268 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:34:51.0578 2268 Disk - ok
17:34:51.0593 2268 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
17:34:51.0609 2268 DLABMFSM - ok
17:34:51.0640 2268 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
17:34:51.0640 2268 DLABOIOM - ok
17:34:51.0640 2268 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:34:51.0656 2268 DLACDBHM - ok
17:34:51.0656 2268 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
17:34:51.0671 2268 DLADResM - ok
17:34:51.0671 2268 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
17:34:51.0687 2268 DLAIFS_M - ok
17:34:51.0687 2268 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
17:34:51.0703 2268 DLAOPIOM - ok
17:34:51.0703 2268 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
17:34:51.0703 2268 DLAPoolM - ok
17:34:51.0718 2268 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
17:34:51.0718 2268 DLARTL_M - ok
17:34:51.0750 2268 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
17:34:51.0750 2268 DLAUDFAM - ok
17:34:51.0781 2268 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
17:34:51.0796 2268 DLAUDF_M - ok
17:34:51.0796 2268 dmadmin - ok
17:34:51.0890 2268 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:34:52.0031 2268 dmboot - ok
17:34:52.0046 2268 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:34:52.0156 2268 dmio - ok
17:34:52.0187 2268 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:34:52.0265 2268 dmload - ok
17:34:52.0281 2268 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:34:52.0421 2268 dmserver - ok
17:34:52.0453 2268 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:34:52.0562 2268 DMusic - ok
17:34:52.0593 2268 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:34:52.0703 2268 Dnscache - ok
17:34:52.0734 2268 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:34:52.0828 2268 Dot3svc - ok
17:34:52.0843 2268 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:34:52.0937 2268 dpti2o - ok
17:34:52.0968 2268 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:34:53.0031 2268 drmkaud - ok
17:34:53.0093 2268 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:34:53.0109 2268 DRVMCDB - ok
17:34:53.0125 2268 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:34:53.0125 2268 DRVNDDM - ok
17:34:53.0156 2268 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
17:34:53.0171 2268 e1yexpress - ok
17:34:53.0203 2268 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:34:53.0296 2268 EapHost - ok
17:34:53.0437 2268 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:34:53.0468 2268 eeCtrl - ok
17:34:53.0515 2268 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:34:53.0515 2268 EraserUtilRebootDrv - ok
17:34:53.0546 2268 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:34:53.0625 2268 ERSvc - ok
17:34:53.0687 2268 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:34:53.0718 2268 Eventlog - ok
17:34:53.0765 2268 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:34:53.0843 2268 EventSystem - ok
17:34:53.0953 2268 EvtEng (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:34:54.0015 2268 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:34:54.0015 2268 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:34:54.0140 2268 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:34:54.0281 2268 Fastfat - ok
17:34:54.0343 2268 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:34:54.0390 2268 FastUserSwitchingCompatibility - ok
17:34:54.0453 2268 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:34:54.0578 2268 Fax - ok
17:34:54.0609 2268 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:34:54.0750 2268 Fdc - ok
17:34:54.0765 2268 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:34:54.0859 2268 Fips - ok
17:34:54.0859 2268 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:34:54.0953 2268 Flpydisk - ok
17:34:54.0953 2268 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:34:55.0031 2268 FltMgr - ok
17:34:55.0140 2268 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:34:55.0187 2268 FontCache3.0.0.0 - ok
17:34:55.0218 2268 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys
17:34:55.0328 2268 FsVga - ok
17:34:55.0343 2268 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:34:55.0437 2268 Fs_Rec - ok
17:34:55.0500 2268 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:34:55.0578 2268 Ftdisk - ok
17:34:55.0625 2268 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:34:55.0703 2268 Gpc - ok
17:34:55.0875 2268 gupdate1c99ecddb6280e6 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:34:55.0875 2268 gupdate1c99ecddb6280e6 - ok
17:34:55.0890 2268 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:34:55.0890 2268 gupdatem - ok
17:34:55.0968 2268 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:34:55.0984 2268 gusvc - ok
17:34:56.0015 2268 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:34:56.0109 2268 HDAudBus - ok
17:34:56.0171 2268 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:34:56.0250 2268 helpsvc - ok
17:34:56.0281 2268 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:34:56.0359 2268 HidServ - ok
17:34:56.0390 2268 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:34:56.0484 2268 hidusb - ok
17:34:56.0515 2268 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:34:56.0609 2268 hkmsvc - ok
17:34:56.0625 2268 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:34:56.0687 2268 hpn - ok
17:34:56.0750 2268 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:34:56.0828 2268 HPZid412 - ok
17:34:56.0859 2268 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:34:56.0921 2268 HPZipr12 - ok
17:34:56.0937 2268 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:34:57.0015 2268 HPZius12 - ok
17:34:57.0046 2268 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:34:57.0093 2268 HTTP - ok
17:34:57.0109 2268 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:34:57.0187 2268 HTTPFilter - ok
17:34:57.0218 2268 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:34:57.0406 2268 i2omgmt - ok
17:34:57.0421 2268 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:34:57.0515 2268 i2omp - ok
17:34:57.0562 2268 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:34:57.0640 2268 i8042prt - ok
17:34:57.0781 2268 IAANTMON (f79525634b192f5a18de503568f94ef3) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:34:57.0812 2268 IAANTMON - ok
17:34:57.0875 2268 iaStor (baabb0301949774a66b955c65319635a) C:\WINDOWS\system32\drivers\iaStor.sys
17:34:57.0906 2268 iaStor - ok
17:34:58.0156 2268 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:34:58.0281 2268 idsvc - ok
17:34:58.0343 2268 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:34:58.0468 2268 Imapi - ok
17:34:58.0546 2268 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:34:58.0703 2268 ImapiService - ok
17:34:58.0718 2268 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:34:58.0843 2268 ini910u - ok
17:34:58.0875 2268 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:34:59.0000 2268 IntelIde - ok
17:34:59.0015 2268 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:34:59.0125 2268 intelppm - ok
17:34:59.0250 2268 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
17:34:59.0265 2268 IntuitUpdateService - ok
17:34:59.0296 2268 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:34:59.0406 2268 Ip6Fw - ok
17:34:59.0484 2268 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:34:59.0593 2268 IpFilterDriver - ok
17:34:59.0625 2268 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:34:59.0734 2268 IpInIp - ok
17:34:59.0765 2268 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:34:59.0875 2268 IpNat - ok
17:34:59.0890 2268 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:34:59.0984 2268 IPSec - ok
17:35:00.0000 2268 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:35:00.0046 2268 IRENUM - ok
17:35:00.0093 2268 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:35:00.0171 2268 isapnp - ok
17:35:00.0281 2268 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
17:35:00.0296 2268 JavaQuickStarterService - ok
17:35:00.0359 2268 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:35:00.0453 2268 Kbdclass - ok
17:35:00.0484 2268 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:35:00.0578 2268 kbdhid - ok
17:35:00.0625 2268 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:35:00.0734 2268 kmixer - ok
17:35:00.0765 2268 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:35:00.0843 2268 KSecDD - ok
17:35:00.0890 2268 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:35:00.0953 2268 LanmanServer - ok
17:35:00.0984 2268 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:35:01.0031 2268 lanmanworkstation - ok
17:35:01.0062 2268 Lavasoft Kernexplorer - ok
17:35:01.0062 2268 Lbd - ok
17:35:01.0109 2268 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
17:35:01.0125 2268 LBeepKE - ok
17:35:01.0125 2268 lbrtfdc - ok
17:35:01.0281 2268 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:35:01.0343 2268 LBTServ - ok
17:35:01.0359 2268 LEqdUsb (eee5a87ec378c9ad7ce91073fbd63465) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
17:35:01.0390 2268 LEqdUsb - ok
17:35:01.0421 2268 LHidEqd (62663b385087f5977d8ebd1fdc67b639) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
17:35:01.0437 2268 LHidEqd - ok
17:35:01.0437 2268 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:35:01.0468 2268 LHidFilt - ok
17:35:01.0500 2268 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:35:01.0625 2268 LmHosts - ok
17:35:01.0640 2268 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:35:01.0656 2268 LMouFilt - ok
17:35:01.0687 2268 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:35:01.0703 2268 MBAMProtector - ok
17:35:01.0859 2268 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:35:01.0890 2268 MBAMService - ok
17:35:02.0031 2268 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:35:02.0062 2268 MDM - ok
17:35:02.0093 2268 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:35:02.0187 2268 Messenger - ok
17:35:02.0234 2268 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:35:02.0406 2268 mnmdd - ok
17:35:02.0437 2268 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:35:02.0515 2268 mnmsrvc - ok
17:35:02.0531 2268 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:35:02.0625 2268 Modem - ok
17:35:02.0687 2268 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:35:02.0765 2268 Mouclass - ok
17:35:02.0765 2268 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:35:02.0875 2268 mouhid - ok
17:35:02.0906 2268 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:35:02.0984 2268 MountMgr - ok
17:35:03.0000 2268 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:35:03.0078 2268 mraid35x - ok
17:35:03.0093 2268 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:35:03.0203 2268 MRxDAV - ok
17:35:03.0265 2268 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:35:03.0359 2268 MRxSmb - ok
17:35:03.0406 2268 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:35:03.0484 2268 MSDTC - ok
17:35:03.0484 2268 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:35:03.0546 2268 Msfs - ok
17:35:03.0562 2268 MSIServer - ok
17:35:03.0562 2268 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:35:03.0640 2268 MSKSSRV - ok
17:35:03.0671 2268 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:35:03.0765 2268 MSPCLOCK - ok
17:35:03.0796 2268 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:35:03.0890 2268 MSPQM - ok
17:35:03.0906 2268 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:35:04.0015 2268 mssmbios - ok
17:35:04.0046 2268 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:35:04.0125 2268 MSTEE - ok
17:35:04.0156 2268 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:35:04.0218 2268 Mup - ok
17:35:04.0218 2268 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:35:04.0312 2268 NABTSFEC - ok
17:35:04.0328 2268 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\WINDOWS\system32\Drivers\iqvw32.sys
17:35:04.0343 2268 NAL - ok
17:35:04.0390 2268 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:35:04.0531 2268 napagent - ok
17:35:05.0343 2268 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\naveng.sys
17:35:05.0359 2268 NAVENG - ok
17:35:05.0531 2268 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120510.002\navex15.sys
17:35:05.0640 2268 NAVEX15 - ok
17:35:05.0906 2268 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:35:06.0093 2268 NDIS - ok
17:35:06.0125 2268 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:35:06.0218 2268 NdisIP - ok
17:35:06.0265 2268 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:35:06.0328 2268 NdisTapi - ok
17:35:06.0343 2268 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:35:06.0421 2268 Ndisuio - ok
17:35:06.0515 2268 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:35:06.0640 2268 NdisWan - ok
17:35:06.0734 2268 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:35:06.0796 2268 NDProxy - ok
17:35:06.0843 2268 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:35:06.0953 2268 NetBIOS - ok
17:35:07.0015 2268 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:35:07.0140 2268 NetBT - ok
17:35:07.0171 2268 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:07.0312 2268 NetDDE - ok
17:35:07.0312 2268 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:35:07.0421 2268 NetDDEdsdm - ok
17:35:07.0453 2268 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:07.0546 2268 Netlogon - ok
17:35:07.0578 2268 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:35:07.0671 2268 Netman - ok
17:35:07.0812 2268 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:35:07.0828 2268 NetTcpPortSharing - ok
17:35:08.0093 2268 NETw5x32 (cfe1981a47a2f7650a1ef8917dc4d1c3) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
17:35:08.0359 2268 NETw5x32 - ok
17:35:08.0500 2268 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:35:08.0718 2268 NIC1394 - ok
17:35:08.0750 2268 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:35:08.0796 2268 Nla - ok
17:35:08.0828 2268 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:35:08.0890 2268 Npfs - ok
17:35:08.0984 2268 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:35:09.0093 2268 Ntfs - ok
17:35:09.0140 2268 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:09.0218 2268 NtLmSsp - ok
17:35:09.0296 2268 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:35:09.0406 2268 NtmsSvc - ok
17:35:09.0453 2268 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
17:35:09.0468 2268 NuidFltr - ok
17:35:09.0515 2268 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:35:09.0593 2268 Null - ok
17:35:10.0031 2268 nv (25167771f5afad71808b0080fe4f2312) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:35:10.0578 2268 nv - ok
17:35:10.0828 2268 NVSvc (6d409284f20e21c613fd697c0640f760) C:\WINDOWS\system32\nvsvc32.exe
17:35:10.0906 2268 NVSvc - ok
17:35:10.0953 2268 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:35:11.0171 2268 NwlnkFlt - ok
17:35:11.0203 2268 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:35:11.0265 2268 NwlnkFwd - ok
17:35:11.0328 2268 OA001Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA001Afx.sys
17:35:11.0406 2268 OA001Afx - ok
17:35:11.0437 2268 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA001Ufd.sys
17:35:11.0453 2268 OA001Ufd - ok
17:35:11.0484 2268 OA001Vid (159e5a08a6a5231863cddbd787a4eabb) C:\WINDOWS\system32\DRIVERS\OA001Vid.sys
17:35:11.0500 2268 OA001Vid - ok
17:35:11.0546 2268 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:35:11.0609 2268 ohci1394 - ok
17:35:11.0750 2268 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:11.0781 2268 ose - ok
17:35:11.0812 2268 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
17:35:11.0921 2268 Parport - ok
17:35:11.0921 2268 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:35:12.0000 2268 PartMgr - ok
17:35:12.0031 2268 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:35:12.0109 2268 ParVdm - ok
17:35:12.0140 2268 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
17:35:12.0140 2268 PBADRV - ok
17:35:12.0171 2268 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
17:35:12.0187 2268 PCASp50 - ok
17:35:12.0203 2268 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:35:12.0265 2268 PCI - ok
17:35:12.0265 2268 PCIDump - ok
17:35:12.0296 2268 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:35:12.0375 2268 PCIIde - ok
17:35:12.0390 2268 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:35:12.0500 2268 Pcmcia - ok
17:35:12.0500 2268 PDCOMP - ok
17:35:12.0625 2268 PDFProFiltSrvPP (c1c3baf078be5a14384a4ba2d730817d) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
17:35:12.0656 2268 PDFProFiltSrvPP - ok
17:35:12.0656 2268 PDFRAME - ok
17:35:12.0656 2268 PDRELI - ok
17:35:12.0656 2268 PDRFRAME - ok
17:35:12.0703 2268 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:35:12.0781 2268 perc2 - ok
17:35:12.0796 2268 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:35:12.0875 2268 perc2hib - ok
17:35:12.0921 2268 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:35:12.0953 2268 PlugPlay - ok
17:35:13.0015 2268 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINDOWS\system32\HPZipm12.exe
17:35:13.0046 2268 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:35:13.0046 2268 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:35:13.0062 2268 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:13.0125 2268 PolicyAgent - ok
17:35:13.0171 2268 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:35:13.0265 2268 PptpMiniport - ok
17:35:13.0265 2268 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:13.0343 2268 ProtectedStorage - ok
17:35:13.0343 2268 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:35:13.0421 2268 PSched - ok
17:35:13.0421 2268 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:35:13.0500 2268 Ptilink - ok
17:35:13.0562 2268 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:35:13.0562 2268 PxHelp20 - ok
17:35:13.0593 2268 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:35:13.0687 2268 ql1080 - ok
17:35:13.0703 2268 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:35:13.0796 2268 Ql10wnt - ok
17:35:13.0828 2268 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:35:13.0906 2268 ql12160 - ok
17:35:13.0921 2268 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:35:14.0015 2268 ql1240 - ok
17:35:14.0031 2268 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:35:14.0109 2268 ql1280 - ok
17:35:14.0140 2268 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:35:14.0218 2268 RasAcd - ok
17:35:14.0250 2268 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:35:14.0343 2268 RasAuto - ok
17:35:14.0375 2268 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:35:14.0468 2268 Rasl2tp - ok
17:35:14.0515 2268 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:35:14.0609 2268 RasMan - ok
17:35:14.0656 2268 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:35:14.0781 2268 RasPppoe - ok
17:35:14.0796 2268 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:35:14.0921 2268 Raspti - ok
17:35:14.0968 2268 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:35:15.0078 2268 Rdbss - ok
17:35:15.0078 2268 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:35:15.0203 2268 RDPCDD - ok
17:35:15.0218 2268 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:35:15.0312 2268 rdpdr - ok
17:35:15.0343 2268 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:35:15.0375 2268 RDPWD - ok
17:35:15.0406 2268 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:35:15.0515 2268 RDSessMgr - ok
17:35:15.0562 2268 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:35:15.0640 2268 redbook - ok
17:35:15.0859 2268 RegSrvc (ed8c9f16e10c1e4c4c5d16cd04966e24) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:35:15.0890 2268 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:35:15.0890 2268 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:35:15.0937 2268 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:35:16.0062 2268 RemoteAccess - ok
17:35:16.0125 2268 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:35:16.0250 2268 RemoteRegistry - ok
17:35:16.0296 2268 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:35:16.0343 2268 rimmptsk - ok
17:35:16.0390 2268 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:35:16.0500 2268 RpcLocator - ok
17:35:16.0546 2268 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:35:16.0609 2268 RpcSs - ok
17:35:16.0640 2268 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:35:16.0765 2268 RSVP - ok
17:35:16.0921 2268 S24EventMonitor (d7f1f8d85f31cbb74442ec30177885cc) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
17:35:16.0968 2268 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
17:35:16.0968 2268 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
17:35:17.0109 2268 s24trans (1f950f97dbf5e0ba4fbbfaf074d3b47c) C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:35:17.0109 2268 s24trans ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0109 2268 s24trans - detected UnsignedFile.Multi.Generic (1)
17:35:17.0140 2268 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:35:17.0203 2268 SamSs - ok
17:35:17.0265 2268 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:35:17.0296 2268 SASDIFSV ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0296 2268 SASDIFSV - detected UnsignedFile.Multi.Generic (1)
17:35:17.0328 2268 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
17:35:17.0406 2268 SASENUM ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0406 2268 SASENUM - detected UnsignedFile.Multi.Generic (1)
17:35:17.0453 2268 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
17:35:17.0468 2268 SASKUTIL ( UnsignedFile.Multi.Generic ) - warning
17:35:17.0468 2268 SASKUTIL - detected UnsignedFile.Multi.Generic (1)
17:35:17.0546 2268 SavRoam (fe8792122cdb2caf105f60ea228a3b46) C:\Program Files\Symantec AntiVirus\SavRoam.exe
17:35:17.0609 2268 SavRoam - ok
17:35:17.0687 2268 SAVRT (21ba125b956a513f85f6ab1dd603f917) C:\Program Files\Symantec AntiVirus\savrt.sys
17:35:17.0765 2268 SAVRT - ok
17:35:17.0796 2268 SAVRTPEL (0f8e1c05fc1298f8e7cea935429f66ff) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
17:35:17.0828 2268 SAVRTPEL - ok
17:35:18.0687 2268 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
17:35:19.0031 2268 SBAMSvc - ok
17:35:19.0234 2268 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
17:35:19.0265 2268 sbaphd - ok
17:35:19.0296 2268 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
17:35:19.0328 2268 sbapifs - ok
17:35:19.0406 2268 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
17:35:19.0453 2268 SbFw - ok
17:35:19.0500 2268 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
17:35:19.0546 2268 SBFWIMCL - ok
17:35:19.0546 2268 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
17:35:19.0578 2268 SBFWIMCLMP - ok
17:35:19.0593 2268 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
17:35:19.0640 2268 sbhips - ok
17:35:19.0687 2268 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
17:35:19.0703 2268 SBRE - ok
17:35:19.0703 2268 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
17:35:19.0718 2268 sbtis - ok
17:35:19.0765 2268 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:35:19.0843 2268 SCardSvr - ok
17:35:19.0875 2268 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:35:19.0953 2268 Schedule - ok
17:35:20.0015 2268 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:35:20.0125 2268 sdbus - ok
17:35:20.0140 2268 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:35:20.0187 2268 Secdrv - ok
17:35:20.0203 2268 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:35:20.0281 2268 seclogon - ok
17:35:20.0437 2268 SecureStorageService (e80163f46ae96cc0a05fb9f3f55deb18) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
17:35:20.0546 2268 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
17:35:20.0546 2268 SecureStorageService - detected UnsignedFile.Multi.Generic (1)
17:35:20.0609 2268 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:35:20.0687 2268 SENS - ok
17:35:20.0703 2268 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:35:20.0781 2268 Serenum - ok
17:35:20.0796 2268 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:35:20.0921 2268 Serial - ok
17:35:20.0953 2268 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:35:21.0093 2268 sffdisk - ok
17:35:21.0125 2268 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:35:21.0218 2268 sffp_sd - ok
17:35:21.0250 2268 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:35:21.0359 2268 Sfloppy - ok
17:35:21.0437 2268 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:21.0484 2268 ShellHWDetection - ok
17:35:21.0484 2268 Simbad - ok
17:35:21.0500 2268 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:35:21.0625 2268 sisagp - ok
17:35:21.0640 2268 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:35:21.0734 2268 SLIP - ok
17:35:21.0843 2268 SMManager (24d62fc9201d172f69c47355d185213b) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
17:35:21.0859 2268 SMManager ( UnsignedFile.Multi.Generic ) - warning
17:35:21.0859 2268 SMManager - detected UnsignedFile.Multi.Generic (1)
17:35:21.0953 2268 SNDSrvc (262c62aa7e74e7cdc0bd8926741b6a60) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
17:35:22.0000 2268 SNDSrvc - ok
17:35:22.0031 2268 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:35:22.0109 2268 Sparrow - ok
17:35:22.0171 2268 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
17:35:22.0203 2268 SPBBCDrv - ok
17:35:22.0281 2268 SPBBCSvc (ea07435c72a8534c3a8e02d87246e546) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
17:35:22.0375 2268 SPBBCSvc - ok
17:35:22.0593 2268 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:35:22.0718 2268 splitter - ok
17:35:22.0781 2268 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:35:22.0828 2268 Spooler - ok
17:35:22.0921 2268 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:35:22.0984 2268 sr - ok
17:35:23.0046 2268 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:35:23.0109 2268 srservice - ok
17:35:23.0156 2268 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:35:23.0234 2268 Srv - ok
17:35:23.0281 2268 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:35:23.0359 2268 SSDPSRV - ok
17:35:23.0390 2268 STacSV (cb2449150a5ea17caa0b94363d9440cc) c:\drivers\audio\r205445\stacsv.exe
17:35:23.0468 2268 STacSV - ok
17:35:23.0640 2268 STHDA (886c708c91db573656d64c626468d707) C:\WINDOWS\system32\drivers\sthda.sys
17:35:23.0812 2268 STHDA - ok
17:35:24.0031 2268 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:35:24.0265 2268 stisvc - ok
17:35:24.0406 2268 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:35:24.0437 2268 stllssvr ( UnsignedFile.Multi.Generic ) - warning
17:35:24.0437 2268 stllssvr - detected UnsignedFile.Multi.Generic (1)
17:35:24.0484 2268 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:35:24.0562 2268 streamip - ok
17:35:24.0640 2268 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:35:24.0718 2268 swenum - ok
17:35:24.0734 2268 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:35:24.0828 2268 swmidi - ok
17:35:24.0843 2268 SwPrv - ok
17:35:25.0031 2268 Symantec AntiVirus (85ecc034b4dec0b3640c2d72509c03be) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
17:35:25.0140 2268 Symantec AntiVirus - ok
17:35:25.0312 2268 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:35:25.0484 2268 symc810 - ok
17:35:25.0515 2268 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:35:25.0625 2268 symc8xx - ok
17:35:25.0734 2268 SymEvent (9c4737086dee2d302d5d2d69478f6611) C:\Program Files\Symantec\SYMEVENT.SYS
17:35:25.0765 2268 SymEvent - ok
17:35:25.0781 2268 SYMREDRV (c1bbd1d20acc5ecadca086228ad52bdd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
17:35:25.0796 2268 SYMREDRV - ok
17:35:25.0828 2268 SYMTDI (9bf7fddab95f8aabc361774dc844f755) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
17:35:25.0875 2268 SYMTDI - ok
17:35:25.0906 2268 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:35:26.0015 2268 sym_hi - ok
17:35:26.0046 2268 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:35:26.0109 2268 sym_u3 - ok
17:35:26.0156 2268 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:35:26.0218 2268 sysaudio - ok
17:35:26.0265 2268 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:35:26.0343 2268 SysmonLog - ok
17:35:26.0390 2268 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:35:26.0468 2268 TapiSrv - ok
17:35:26.0531 2268 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:35:26.0609 2268 Tcpip - ok
17:35:26.0734 2268 tcsd_win32.exe (ba9202e263a6fc1ffd7889fea186a2c4) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:35:26.0812 2268 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
17:35:26.0812 2268 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)
17:35:27.0015 2268 TdmService (ea63bf38938ad9917beb1846d6d15c84) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:35:27.0109 2268 TdmService ( UnsignedFile.Multi.Generic ) - warning
17:35:27.0109 2268 TdmService - detected UnsignedFile.Multi.Generic (1)
17:35:27.0296 2268 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:35:27.0500 2268 TDPIPE - ok
17:35:27.0531 2268 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:35:27.0593 2268 TDTCP - ok
17:35:27.0640 2268 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:35:27.0734 2268 TermDD - ok
17:35:27.0781 2268 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:35:27.0875 2268 TermService - ok
17:35:27.0921 2268 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:35:27.0953 2268 Themes - ok
17:35:27.0968 2268 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:35:28.0031 2268 TlntSvr - ok
17:35:28.0046 2268 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:35:28.0156 2268 TosIde - ok
17:35:28.0171 2268 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:35:28.0281 2268 TrkWks - ok
17:35:28.0296 2268 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:35:28.0406 2268 Udfs - ok
17:35:28.0421 2268 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:35:28.0484 2268 ultra - ok
17:35:28.0515 2268 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:35:28.0609 2268 Update - ok
17:35:28.0640 2268 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:35:28.0703 2268 upnphost - ok
17:35:28.0734 2268 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:35:28.0812 2268 UPS - ok
17:35:28.0859 2268 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:35:28.0937 2268 usbaudio - ok
17:35:28.0984 2268 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:35:29.0031 2268 usbccgp - ok
17:35:29.0046 2268 USBCCID (150442fa5224dc338028543e2fffa7b4) C:\WINDOWS\system32\DRIVERS\usbccid.sys
17:35:29.0062 2268 USBCCID - ok
17:35:29.0109 2268 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:35:29.0203 2268 usbehci - ok
17:35:29.0218 2268 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:35:29.0296 2268 usbhub - ok
17:35:29.0312 2268 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:35:29.0406 2268 usbprint - ok
17:35:29.0437 2268 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:35:29.0515 2268 usbscan - ok
17:35:29.0531 2268 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:35:29.0625 2268 USBSTOR - ok
17:35:29.0625 2268 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:35:29.0734 2268 usbuhci - ok
17:35:29.0781 2268 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:35:29.0859 2268 usbvideo - ok
17:35:29.0906 2268 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:35:29.0968 2268 VgaSave - ok
17:35:30.0000 2268 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:35:30.0062 2268 viaagp - ok
17:35:30.0078 2268 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:35:30.0171 2268 ViaIde - ok
17:35:30.0187 2268 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:35:30.0265 2268 VolSnap - ok
17:35:30.0328 2268 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:35:30.0421 2268 VSS - ok
17:35:30.0453 2268 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:35:30.0531 2268 w32time - ok
17:35:30.0578 2268 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:35:30.0656 2268 Wanarp - ok
17:35:30.0718 2268 WavxDMgr (0be8dd6c95c5bdff9c5f3fa8095d304c) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
17:35:30.0750 2268 WavxDMgr - ok
17:35:30.0859 2268 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:35:30.0906 2268 Wdf01000 - ok
17:35:30.0921 2268 WDICA - ok
17:35:30.0953 2268 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:35:31.0078 2268 wdmaud - ok
17:35:31.0125 2268 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:35:31.0250 2268 WebClient - ok
17:35:31.0343 2268 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:35:31.0453 2268 winmgmt - ok
17:35:31.0656 2268 WLANKEEPER (bd4dacd31bd71cfcd5610bf9ad6e06e7) C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
17:35:31.0687 2268 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
17:35:31.0687 2268 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
17:35:31.0750 2268 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:35:31.0812 2268 WmdmPmSN - ok
17:35:31.0921 2268 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:35:32.0015 2268 Wmi - ok
17:35:32.0171 2268 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:35:32.0343 2268 WmiAcpi - ok
17:35:32.0421 2268 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:35:32.0531 2268 WmiApSrv - ok
17:35:32.0625 2268 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
17:35:32.0734 2268 WMPNetworkSvc - ok
17:35:32.0781 2268 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:35:32.0875 2268 WS2IFSL - ok
17:35:32.0875 2268 WSearch - ok
17:35:32.0906 2268 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:35:33.0046 2268 WSTCODEC - ok
17:35:33.0062 2268 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:35:33.0187 2268 wuauserv - ok
17:35:33.0218 2268 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:35:33.0281 2268 WudfPf - ok
17:35:33.0312 2268 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:35:33.0343 2268 WudfRd - ok
17:35:33.0375 2268 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:35:33.0390 2268 WudfSvc - ok
17:35:33.0453 2268 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:35:33.0609 2268 WZCSVC - ok
17:35:33.0640 2268 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:35:33.0734 2268 xmlprov - ok
17:35:33.0765 2268 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:35:33.0812 2268 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
17:35:33.0812 2268 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
17:35:33.0812 2268 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:35:33.0812 2268 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:35:33.0828 2268 Boot (0x1200) (09cf8354a803e5109a031af29784fa35) \Device\Harddisk0\DR0\Partition0
17:35:33.0828 2268 \Device\Harddisk0\DR0\Partition0 - ok
17:35:33.0828 2268 ============================================================
17:35:33.0828 2268 Scan finished
17:35:33.0828 2268 ============================================================
17:35:33.0984 1820 Detected object count: 17
17:35:33.0984 1820 Actual detected object count: 17
17:47:31.0890 1820 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0890 1820 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0890 1820 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0890 1820 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASDIFSV ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASDIFSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASENUM ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SASKUTIL ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SASKUTIL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0906 1820 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0906 1820 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 SMManager ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 SMManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 TdmService ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 TdmService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:31.0921 1820 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
17:47:31.0921 1820 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:47:33.0125 1820 \Device\Harddisk0\DR0\# - copied to quarantine
17:47:33.0125 1820 \Device\Harddisk0\DR0 - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:47:33.0171 1820 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
17:47:33.0187 1820 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:47:33.0562 1820 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:47:33.0625 1820 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:47:33.0671 1820 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:47:33.0718 1820 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
17:47:33.0718 1820 \Device\Harddisk0\DR0 - ok
17:47:33.0718 1820 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
17:47:33.0718 1820 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
17:47:33.0734 1820 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:47:33.0750 1820 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:47:33.0765 1820 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:47:33.0781 1820 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:47:33.0796 1820 \Device\Harddisk0\DR0\TDLFS - deleted
17:47:33.0796 1820 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
17:50:44.0578 4148 Deinitialize success
#10
Posted 22 May 2012 - 06:50 AM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
OK Good....TDSSKiller found the infection.
We have to run ComboFix now......
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Please include the C:\ComboFix.txt in your next reply for further review.
MrC
We have to run ComboFix now......
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Please include the C:\ComboFix.txt in your next reply for further review.
---------->NOTE<----------
If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#11
Posted 22 May 2012 - 08:25 PM
-
- Members
-
- 7 posts
New Member
MrC: ComboFix log below. Thanks, moonshadow56
==========================
ComboFix 12-05-22.02 - sshiigi 05/22/2012 14:59:42.1.2 - x86
Running from: c:\documents and settings\sshiigi\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\DragToDiscUserNameD.txt
c:\documents and settings\All Users\Application Data\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\sshiigi\.COMMgr
c:\documents and settings\sshiigi\Application Data\~ygw.tmp
c:\documents and settings\sshiigi\g2mdlhlpx.exe
C:\install.exe
c:\program files\Retrogamer_2zEI
c:\program files\Search Toolbar
c:\program files\Search Toolbar\basis.xml
c:\program files\Search Toolbar\bg.bmp
c:\program files\Search Toolbar\bing_logo.png
c:\program files\Search Toolbar\celebrity.png
c:\program files\Search Toolbar\drop_images.png
c:\program files\Search Toolbar\drop_maps.png
c:\program files\Search Toolbar\drop_news.png
c:\program files\Search Toolbar\drop_videos.png
c:\program files\Search Toolbar\drop_web.png
c:\program files\Search Toolbar\facebook.png
c:\program files\Search Toolbar\favicon.png
c:\program files\Search Toolbar\games.png
c:\program files\Search Toolbar\hotmail.png
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\images.png
c:\program files\Search Toolbar\include.xml
c:\program files\Search Toolbar\info.txt
c:\program files\Search Toolbar\lifestyle.png
c:\program files\Search Toolbar\maps.png
c:\program files\Search Toolbar\messenger.png
c:\program files\Search Toolbar\msn.png
c:\program files\Search Toolbar\news.png
c:\program files\Search Toolbar\twitter.png
c:\program files\Search Toolbar\version.txt
c:\program files\Search Toolbar\video.png
c:\program files\Search Toolbar\videos.png
c:\program files\Search Toolbar\weather.png
c:\program files\Search Toolbar\web.png
c:\windows\system32\ESQULzxspectrum
c:\windows\system32\SET3D5.tmp
c:\windows\system32\test
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_6TO4
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Created from 2012-04-23 to 2012-05-23 )))))))))))))))))))))))))))))))
.
.
2012-05-22 03:47 . 2012-05-22 03:47 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-21 10:50 . 2012-05-21 10:52 -------- d-----w- c:\program files\ERUNT
2012-05-18 05:53 . 2012-05-18 05:53 -------- d-----w- c:\windows\system32\WLANProfiles
2012-05-18 01:42 . 2012-05-18 01:42 -------- d-----w- c:\documents and settings\sshiigi\Local Settings\Application Data\{B26FA4AF-A08A-11E1-826F-B8AC6F996F26}
2012-05-18 00:16 . 2012-05-18 00:16 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Ad-Aware Antivirus
2012-05-16 07:01 . 2012-05-16 07:01 -------- d-----w- c:\documents and settings\Jason\Application Data\Ad-Aware Antivirus
2012-05-16 07:01 . 2012-05-16 07:01 -------- d-----w- c:\documents and settings\Jason\Local Settings\Application Data\adaware
2012-05-16 05:24 . 2012-05-16 05:24 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\documents and settings\sshiigi\Local Settings\Application Data\adaware
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection
2012-05-16 01:57 . 2011-12-19 22:44 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-16 01:57 . 2011-11-29 16:59 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-05-16 01:57 . 2011-11-29 16:59 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-05-16 01:57 . 2011-12-19 22:44 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-05-16 01:57 . 2011-12-19 22:44 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-16 01:57 . 2011-09-29 22:16 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\windows\system32\drivers\VDD
2012-05-16 01:57 . 2012-05-16 05:27 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-16 01:50 . 2012-05-16 21:00 -------- d-----w- c:\documents and settings\sshiigi\Application Data\Ad-Aware Antivirus
2012-05-15 20:14 . 2012-02-29 14:10 148480 -c----w- c:\windows\system32\dllcache\imagehlp.dll
2012-05-15 20:14 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-05-15 20:14 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-23 01:10 . 2009-03-07 02:42 0 ----a-w- c:\documents and settings\sshiigi\Local Settings\Application Data\WavXMapDrive.bat
2012-05-22 04:52 . 2009-03-12 05:51 0 ----a-w- c:\documents and settings\Jason\Local Settings\Application Data\WavXMapDrive.bat
2012-05-21 14:23 . 2011-10-04 12:14 230808 ----a-r- c:\windows\system32\cpnprt2.cid
2012-05-11 10:31 . 2009-03-12 02:27 0 ----a-w- c:\documents and settings\Kazuyo\Local Settings\Application Data\WavXMapDrive.bat
2012-05-04 19:00 . 2012-03-31 18:50 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 19:00 . 2011-05-20 03:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:26 . 2008-04-25 16:16 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:23 . 2008-04-25 16:16 1871360 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:42 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-05 01:56 . 2011-04-18 04:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-12 00:55 . 2009-03-07 02:31 88656 ----a-w- c:\windows\system32\cpwmon2k.dll
2012-03-01 11:01 . 2008-04-25 16:16 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-25 16:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-25 16:16 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-25 16:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-25 16:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-25 16:16 385024 ------w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{022F2F51-CDDA-4873-8A29-72C66C808A3F}"
[HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}]
2009-11-07 11:07 297808 ------w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{661963C1-99A1-44e7-A671-1CF3768AE9D4}"
[HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}]
2009-11-07 11:07 297808 ------w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-10-28 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-01 483420]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-12-01 471040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-28 86016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 105472]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-08-18 598016]
"DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-10-01 1454080]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-07-11 1351680]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-07-11 1191936]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-10-17 442536]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-08 98304]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-14 49152]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-09 46368]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-09 29984]
"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-06 62752]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2010-08-19 135168]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-05 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
c:\documents and settings\sshiigi\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2008-11-11 950048]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 19:33 548352 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/26/2009 10:05 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/26/2009 10:05 AM 74480]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [5/15/2012 3:57 PM 21240]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/15/2012 3:57 PM 335224]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/26/2011 2:23 PM 101112]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [5/15/2012 3:57 PM 217976]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [5/3/2012 6:37 PM 1226096]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [4/19/2007 1:56 AM 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [9/4/2008 1:28 PM 406808]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [11/11/2008 12:35 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [11/11/2008 12:35 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [11/11/2008 11:00 AM 451872]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [5/9/2011 10:53 PM 10448]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/17/2011 6:39 PM 654408]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [3/9/2010 12:40 AM 144672]
R2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [12/19/2011 1:20 PM 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [5/15/2012 3:57 PM 77816]
R2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [10/1/2008 12:28 AM 90112]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2/27/2009 11:10 AM 112128]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2/22/2011 12:02 AM 71424]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2/22/2011 12:02 AM 11520]
R3 CCIDFILTER;Broadcom Smart Card Reader Filter Driver;c:\windows\system32\drivers\ccidflt.sys [2/27/2009 9:39 AM 12840]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2/27/2009 11:11 AM 32808]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2/27/2009 11:10 AM 244368]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [8/24/2010 7:30 AM 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [8/24/2010 7:30 AM 10448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/17/2011 6:39 PM 22344]
R3 OA001Afx;Provides a software interface to control audio effects of OA001 camera.;c:\windows\system32\drivers\OA001Afx.sys [2/27/2009 11:10 AM 134144]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2/27/2009 11:10 AM 133632]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2/27/2009 11:10 AM 281472]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/15/2012 3:57 PM 94584]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1c99ecddb6280e6;Google Update Service (gupdate1c99ecddb6280e6);c:\program files\Google\Update\GoogleUpdate.exe [3/6/2009 4:38 PM 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/31/2012 8:50 AM 257696]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2/22/2011 12:00 AM 245760]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/6/2009 4:38 PM 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/26/2009 10:05 AM 7408]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [5/15/2012 3:57 PM 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [5/15/2012 3:57 PM 93816]
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-20 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-05-04 04:37]
.
2012-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:00]
.
2012-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-07 02:38]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-07 02:38]
.
2012-05-23 c:\windows\Tasks\User_Feed_Synchronization-{FA4994F7-D9D9-49BE-BF8A-1123A84B76A0}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 14:31]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://members.naiglobal.com/Default.aspx
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: costar.com
Trusted Zone: intuit.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\sshiigi\Application Data\Mozilla\Firefox\Profiles\fu2922xy.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z007&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{0C8413C1-FAD1-446C-8584-BE50576F863E} - c:\program files\Search Toolbar\tbcore3.dll
WebBrowser-{0C8413C1-FAD1-446C-8584-BE50576F863E} - c:\program files\Search Toolbar\tbcore3.dll
Notify-NavLogon - (no file)
SafeBoot-klmdb.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-22 15:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1400)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'lsass.exe'(1456)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
- - - - - - - > 'explorer.exe'(5004)
c:\windows\system32\WININET.dll
c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll
c:\windows\system32\btmmhook.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\program files\Common Files\Roxio Shared\9.0\DLLShared\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\drivers\audio\r205445\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Intel\WiFi\bin\WLKeeper.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\AD-AWA~1\AdAware.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
.
**************************************************************************
.
Completion time: 2012-05-22 15:15:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-23 01:15
.
Pre-Run: 173,398,360,064 bytes free
Post-Run: 175,580,282,880 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - CC2079F0A545A5D25F441EA6FE5AB2B8
==========================
ComboFix 12-05-22.02 - sshiigi 05/22/2012 14:59:42.1.2 - x86
Running from: c:\documents and settings\sshiigi\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\DragToDiscUserNameD.txt
c:\documents and settings\All Users\Application Data\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\sshiigi\.COMMgr
c:\documents and settings\sshiigi\Application Data\~ygw.tmp
c:\documents and settings\sshiigi\g2mdlhlpx.exe
C:\install.exe
c:\program files\Retrogamer_2zEI
c:\program files\Search Toolbar
c:\program files\Search Toolbar\basis.xml
c:\program files\Search Toolbar\bg.bmp
c:\program files\Search Toolbar\bing_logo.png
c:\program files\Search Toolbar\celebrity.png
c:\program files\Search Toolbar\drop_images.png
c:\program files\Search Toolbar\drop_maps.png
c:\program files\Search Toolbar\drop_news.png
c:\program files\Search Toolbar\drop_videos.png
c:\program files\Search Toolbar\drop_web.png
c:\program files\Search Toolbar\facebook.png
c:\program files\Search Toolbar\favicon.png
c:\program files\Search Toolbar\games.png
c:\program files\Search Toolbar\hotmail.png
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\images.png
c:\program files\Search Toolbar\include.xml
c:\program files\Search Toolbar\info.txt
c:\program files\Search Toolbar\lifestyle.png
c:\program files\Search Toolbar\maps.png
c:\program files\Search Toolbar\messenger.png
c:\program files\Search Toolbar\msn.png
c:\program files\Search Toolbar\news.png
c:\program files\Search Toolbar\twitter.png
c:\program files\Search Toolbar\version.txt
c:\program files\Search Toolbar\video.png
c:\program files\Search Toolbar\videos.png
c:\program files\Search Toolbar\weather.png
c:\program files\Search Toolbar\web.png
c:\windows\system32\ESQULzxspectrum
c:\windows\system32\SET3D5.tmp
c:\windows\system32\test
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_6TO4
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Created from 2012-04-23 to 2012-05-23 )))))))))))))))))))))))))))))))
.
.
2012-05-22 03:47 . 2012-05-22 03:47 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-21 10:50 . 2012-05-21 10:52 -------- d-----w- c:\program files\ERUNT
2012-05-18 05:53 . 2012-05-18 05:53 -------- d-----w- c:\windows\system32\WLANProfiles
2012-05-18 01:42 . 2012-05-18 01:42 -------- d-----w- c:\documents and settings\sshiigi\Local Settings\Application Data\{B26FA4AF-A08A-11E1-826F-B8AC6F996F26}
2012-05-18 00:16 . 2012-05-18 00:16 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Ad-Aware Antivirus
2012-05-16 07:01 . 2012-05-16 07:01 -------- d-----w- c:\documents and settings\Jason\Application Data\Ad-Aware Antivirus
2012-05-16 07:01 . 2012-05-16 07:01 -------- d-----w- c:\documents and settings\Jason\Local Settings\Application Data\adaware
2012-05-16 05:24 . 2012-05-16 05:24 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\documents and settings\sshiigi\Local Settings\Application Data\adaware
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection
2012-05-16 01:57 . 2011-12-19 22:44 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-16 01:57 . 2011-11-29 16:59 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-05-16 01:57 . 2011-11-29 16:59 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-05-16 01:57 . 2011-12-19 22:44 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-05-16 01:57 . 2011-12-19 22:44 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-16 01:57 . 2011-09-29 22:16 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-16 01:57 . 2012-05-16 01:57 -------- d-----w- c:\windows\system32\drivers\VDD
2012-05-16 01:57 . 2012-05-16 05:27 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-16 01:50 . 2012-05-16 21:00 -------- d-----w- c:\documents and settings\sshiigi\Application Data\Ad-Aware Antivirus
2012-05-15 20:14 . 2012-02-29 14:10 148480 -c----w- c:\windows\system32\dllcache\imagehlp.dll
2012-05-15 20:14 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-05-15 20:14 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-23 01:10 . 2009-03-07 02:42 0 ----a-w- c:\documents and settings\sshiigi\Local Settings\Application Data\WavXMapDrive.bat
2012-05-22 04:52 . 2009-03-12 05:51 0 ----a-w- c:\documents and settings\Jason\Local Settings\Application Data\WavXMapDrive.bat
2012-05-21 14:23 . 2011-10-04 12:14 230808 ----a-r- c:\windows\system32\cpnprt2.cid
2012-05-11 10:31 . 2009-03-12 02:27 0 ----a-w- c:\documents and settings\Kazuyo\Local Settings\Application Data\WavXMapDrive.bat
2012-05-04 19:00 . 2012-03-31 18:50 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 19:00 . 2011-05-20 03:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:26 . 2008-04-25 16:16 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:23 . 2008-04-25 16:16 1871360 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:42 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-05 01:56 . 2011-04-18 04:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-12 00:55 . 2009-03-07 02:31 88656 ----a-w- c:\windows\system32\cpwmon2k.dll
2012-03-01 11:01 . 2008-04-25 16:16 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-25 16:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-25 16:16 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-25 16:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-25 16:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-25 16:16 385024 ------w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{022F2F51-CDDA-4873-8A29-72C66C808A3F}"
[HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}]
2009-11-07 11:07 297808 ------w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{661963C1-99A1-44e7-A671-1CF3768AE9D4}"
[HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}]
2009-11-07 11:07 297808 ------w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-10-28 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-01 483420]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-12-01 471040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-28 13537280]
"nwiz"="nwiz.exe" [2008-08-28 1630208]
"NVHotkey"="nvHotkey.dll" [2008-08-28 90112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-28 86016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 105472]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-08-18 598016]
"DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-10-01 1454080]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-07-11 1351680]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-07-11 1191936]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-10-17 442536]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-08 98304]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-14 49152]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-09 46368]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-09 29984]
"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-06 62752]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2010-08-19 135168]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-05 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
c:\documents and settings\sshiigi\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2008-11-11 950048]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 19:33 548352 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/26/2009 10:05 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/26/2009 10:05 AM 74480]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [5/15/2012 3:57 PM 21240]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [5/15/2012 3:57 PM 335224]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/26/2011 2:23 PM 101112]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [5/15/2012 3:57 PM 217976]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [5/3/2012 6:37 PM 1226096]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [4/19/2007 1:56 AM 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [9/4/2008 1:28 PM 406808]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [11/11/2008 12:35 PM 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [11/11/2008 12:35 PM 20840]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [11/11/2008 11:00 AM 451872]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [5/9/2011 10:53 PM 10448]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/17/2011 6:39 PM 654408]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [3/9/2010 12:40 AM 144672]
R2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [12/19/2011 1:20 PM 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [5/15/2012 3:57 PM 77816]
R2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [10/1/2008 12:28 AM 90112]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2/27/2009 11:10 AM 112128]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2/22/2011 12:02 AM 71424]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2/22/2011 12:02 AM 11520]
R3 CCIDFILTER;Broadcom Smart Card Reader Filter Driver;c:\windows\system32\drivers\ccidflt.sys [2/27/2009 9:39 AM 12840]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2/27/2009 11:11 AM 32808]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2/27/2009 11:10 AM 244368]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [8/24/2010 7:30 AM 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [8/24/2010 7:30 AM 10448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/17/2011 6:39 PM 22344]
R3 OA001Afx;Provides a software interface to control audio effects of OA001 camera.;c:\windows\system32\drivers\OA001Afx.sys [2/27/2009 11:10 AM 134144]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2/27/2009 11:10 AM 133632]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2/27/2009 11:10 AM 281472]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [5/15/2012 3:57 PM 94584]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1c99ecddb6280e6;Google Update Service (gupdate1c99ecddb6280e6);c:\program files\Google\Update\GoogleUpdate.exe [3/6/2009 4:38 PM 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/31/2012 8:50 AM 257696]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2/22/2011 12:00 AM 245760]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/6/2009 4:38 PM 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/26/2009 10:05 AM 7408]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [5/15/2012 3:57 PM 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [5/15/2012 3:57 PM 93816]
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-20 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-05-04 04:37]
.
2012-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:00]
.
2012-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-07 02:38]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-07 02:38]
.
2012-05-23 c:\windows\Tasks\User_Feed_Synchronization-{FA4994F7-D9D9-49BE-BF8A-1123A84B76A0}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 14:31]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://members.naiglobal.com/Default.aspx
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: costar.com
Trusted Zone: intuit.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\sshiigi\Application Data\Mozilla\Firefox\Profiles\fu2922xy.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z007&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{0C8413C1-FAD1-446C-8584-BE50576F863E} - c:\program files\Search Toolbar\tbcore3.dll
WebBrowser-{0C8413C1-FAD1-446C-8584-BE50576F863E} - c:\program files\Search Toolbar\tbcore3.dll
Notify-NavLogon - (no file)
SafeBoot-klmdb.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-22 15:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1400)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'lsass.exe'(1456)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
- - - - - - - > 'explorer.exe'(5004)
c:\windows\system32\WININET.dll
c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll
c:\windows\system32\btmmhook.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\program files\Common Files\Roxio Shared\9.0\DLLShared\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\drivers\audio\r205445\stacsv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Intel\WiFi\bin\WLKeeper.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\AD-AWA~1\AdAware.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
.
**************************************************************************
.
Completion time: 2012-05-22 15:15:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-23 01:15
.
Pre-Run: 173,398,360,064 bytes free
Post-Run: 175,580,282,880 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - CC2079F0A545A5D25F441EA6FE5AB2B8
#12
Posted 23 May 2012 - 07:21 AM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Please Update and run a Quick Scan with MBAM, post the report.
Make sure that everything is checked, and click Remove Selected.
Please let me know how it is, MrC
Make sure that everything is checked, and click Remove Selected.
Please let me know how it is, MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#13
Posted 23 May 2012 - 01:09 PM
-
- Members
-
- 7 posts
New Member
MrC: We're running like a champ! Can I delete all from quarantine now?
Thanks, moonshadow56
==========
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.23.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/23/2012 7:14:05 AM
mbam-log-2012-05-23 (07-14-05).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 323599
Time elapsed: 9 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Thanks, moonshadow56
==========
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.23.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
sshiigi :: DFB69GJ1 [administrator]
Protection: Enabled
5/23/2012 7:14:05 AM
mbam-log-2012-05-23 (07-14-05).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 323599
Time elapsed: 9 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
#14
Posted 23 May 2012 - 01:14 PM
-
- Experts
-
- 17,514 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
That's Good News 
Here's what to do.....
Please Uninstall ComboFix:
Press the Windows logo key + R to bring up the "run box"
Copy and paste next command in the field:
ComboFix /uninstall
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point
---------------------------------
Please download OTL from one of the links below:
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com
Save it to your desktop.
Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)
Any other programs or logs you can manually delete.
-----------------------------------
Any questions...please post back.
If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.
Take a look at My Preventive Maintenance to avoid being infected again.
Good Luck and Thanks for using the forum, MrC
Here's what to do.....
Please Uninstall ComboFix:
Press the Windows logo key + R to bring up the "run box"
Copy and paste next command in the field:
ComboFix /uninstall
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point
---------------------------------
Please download OTL from one of the links below:
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com
Save it to your desktop.
Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)
Any other programs or logs you can manually delete.
-----------------------------------
Any questions...please post back.
If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.
Take a look at My Preventive Maintenance to avoid being infected again.
Good Luck and Thanks for using the forum, MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#15
Posted 24 May 2012 - 07:22 AM
-
- Moderators
-
- 13,229 posts
Eradicator de logiciels malveillants
- Gender:Male
- Location:USA
- Interests:Security, Windows, Windows Update, malware prevention
Glad we could help.
If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
~Maurice Naggar
I close my threads if there is 5 days without a response.
I close my threads if there is 5 days without a response.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
