Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Redirect Virus Strikes Again, and again, and again...

Started by Alpo, Oct 18 2011 12:13 AM

This topic is locked
Go to first unread post

13 replies to this topic

#1
Alpo

Posted 18 October 2011 - 12:13 AM

New Member

Members
8 posts

Hello All! Newbie here. I have one of those redirect virus hiding out in my compy. MBM finds one every day and kills it, as does Avira. Everything runs well for a while and then after an hour the virus pops up again. I read the sticky at the top of the forum so here is my DDS:

Also, what exactly do you look for in these .txt files that help you decided what route to take as far choosing a cleaning solution?

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Geraldine at 21:55:44 on 2011-10-17
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\PSIService.exe
C:\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\n52te\n52teHid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\32788R22FWJFW\cmd.3XE
C:\32788R22FWJFW\handle.3XE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Documents and Settings\Geraldine\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ftaforall.net/forums
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: H - No File
BHO: {01c4a12c-6d67-45e5-a9b1-8add7a652dbd} - c:\documents and settings\geraldine\local settings\application data\TrayPTR.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: AhIeBho Class: {10384d0e-2bc1-48b6-844b-ad0e9e6d2511} - c:\program files\zoomtext 9.0\ahoi\ah_ie_bho.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: The Pirate Bay Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b313} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AdobeBridge]
uRun: [Yahoo! Pager] 1
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [cdloader] "c:\documents and settings\geraldine\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [MouseNotifierUpdate] rundll32.exe "c:\documents and settings\all users\application data\MouseNotifierUpdate.dll",DllRegisterServer
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"
mRun: [SoundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe"
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] "c:\program files\common files\adobe\switchboard\SwitchBoard.exe"
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "c:\program files\nvidia corporation\nview\nwiz.exe" /installquiet
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Jomantha] "c:\program files\n52te\n52teHid.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzc5MzQ3MzAwLUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1YTzM2KzEtRjlNN0MrNS1GOU0xMEIrMi1YTzkrMS1GOU0yKzEtRERUKzQyOTQ5MzAyMzEtREQ5MEYrMS1TVDkwRkFQUCsxLUY5ME0xMkFUKzEtRjkwTTEyQSsxLUY5ME0xMkFCKzEtVTk1KzEtRjkwTTEyQVRCKzEtU1QxMkZPSSsxLVNUMTJGQVBQKzEtU1RGOTBNMTJBVUYrMQ"&"prod=90"&"ver=2012.0.1831"&"mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a
IE: &Search
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: motive.com\patttbc.att
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://fnse.homedns.org/RtspVaPgDec.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B9A8AA49-78A2-43C3-908A-64C759770C64} : DhcpNameServer = 192.168.1.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\geraldine\application data\mozilla\firefox\profiles\rm40auqb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Beeb9112c-4de0-4b18-ad3f-79bc14e4cd01%7D&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a&ds=AVG&v=8.0.0.34.1&lang=en&pr=fr&d=2011-10-14%2008%3A25%3A07&sap=ku&q=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\geraldine\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npEModelPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
.
============= SERVICES / DRIVERS ===============
.
R? CoordinatorServiceHost;SW Distributed TS Coordinator Service
R? gupdate1c9aa87a7727d98;Google Update Service (gupdate1c9aa87a7727d98)
R? gupdatem;Google Update Service (gupdatem)
R? JmtFltr;n52te
R? LiveTurbineMessageService;Turbine Message Service - Live
R? LiveTurbineNetworkService;Turbine Network Service - Live
R? lwwbkgs;lwwbkgs
R? MrFilter;EasyWrite Driver
R? msvsmon80;Visual Studio 2005 Remote Debugger
R? SwitchBoard;Adobe SwitchBoard
R? vrdvqt;vrdvqt
S? Ai2sXP;Ai2sXP
S? AntiVirSchedulerService;Avira Scheduler
S? AntiVirService;Avira Realtime Protection
S? avgntflt;avgntflt
S? avkmgr;avkmgr
S? TomTomHOMEService;TomTomHOMEService
.
=============== Created Last 30 ================
.
2011-10-15 06:19:40 141824 ----a-w- c:\documents and settings\all users\application data\MouseNotifierUpdate.dll
2011-10-14 17:40:19 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-14 17:40:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-14 15:56:22 -------- d-----w- c:\documents and settings\geraldine\application data\Avira
2011-10-14 15:56:01 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-14 15:56:01 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-14 15:56:00 -------- d-----w- c:\program files\Avira
2011-10-14 15:56:00 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-10-14 15:50:52 98816 ----a-w- c:\windows\sed.exe
2011-10-14 15:50:52 518144 ----a-w- c:\windows\SWREG.exe
2011-10-14 15:50:52 256000 ----a-w- c:\windows\PEV.exe
2011-10-14 15:50:52 208896 ----a-w- c:\windows\MBR.exe
2011-10-14 15:41:28 -------- d-----w- c:\documents and settings\geraldine\application data\Malwarebytes
2011-10-14 15:41:22 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-10-14 05:44:29 -------- d-----w- c:\documents and settings\geraldine\application data\AVG2012
2011-10-14 00:44:20 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2011-10-13 16:27:19 0 ---ha-w- c:\documents and settings\geraldine\dymvzoigtl.tmp
2011-10-07 19:04:21 -------- d-----w- C:\StarCraft II
.
==================== Find3M ====================
.
.
============= FINISH: 22:00:42.34 ===============

The attach Text is as follows:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/1/2007 7:46:49 PM
System Uptime: 10/16/2011 2:47:11 AM (44 hours ago)
.
Motherboard: Dell Inc. | | 0MD525
Processor: Intel® Pentium® 4 CPU 3.60GHz | Microprocessor | 3591/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 89 GiB total, 33.531 GiB free.
D: is FIXED (NTFS) - 74 GiB total, 35.72 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
I: is Removable
J: is Removable
N: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia E51
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia E51
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP1530: 10/3/2011 5:32:11 PM - System Checkpoint
RP1531: 10/4/2011 7:07:29 PM - System Checkpoint
RP1532: 10/5/2011 8:56:57 PM - System Checkpoint
RP1533: 10/6/2011 9:41:25 PM - System Checkpoint
RP1534: 10/7/2011 10:17:07 PM - System Checkpoint
RP1535: 10/8/2011 11:52:51 PM - System Checkpoint
RP1536: 10/9/2011 11:54:26 PM - System Checkpoint
RP1537: 10/11/2011 12:38:14 AM - System Checkpoint
RP1538: 10/11/2011 9:56:25 AM - Avg Update
RP1539: 10/12/2011 10:30:42 AM - System Checkpoint
RP1540: 10/13/2011 10:13:26 AM - Removed Ask Toolbar.
RP1541: 10/13/2011 10:20:17 AM - Removed Zune
RP1542: 10/13/2011 10:20:42 AM - Quitado Zune Language Pack (ES)
RP1543: 10/13/2011 10:20:55 AM - Supprimé Zune Language Pack (FR)
RP1544: 10/13/2011 10:24:00 AM - Installed AVG 2012
RP1545: 10/13/2011 10:25:24 AM - Removed AVG Free 9.0
RP1546: 10/13/2011 5:44:12 PM - Installed AVG 2012
RP1547: 10/13/2011 6:10:48 PM - Removed AVG 2012
RP1548: 10/13/2011 6:11:19 PM - Removed AVG 2012
RP1549: 10/13/2011 6:18:51 PM - Installed AVG 2012
RP1550: 10/13/2011 6:26:55 PM - Installed AVG 2012
RP1551: 10/13/2011 10:39:47 PM - Restore Operation
RP1552: 10/13/2011 10:42:37 PM - Restore Operation
RP1553: 10/13/2011 10:45:38 PM - Restore Operation
RP1554: 10/13/2011 10:47:05 PM - Removed AVG 2012
RP1555: 10/13/2011 10:47:29 PM - Removed AVG 2012
RP1556: 10/14/2011 8:06:40 AM - Removed Security Update for CAPICOM (KB931906)
RP1557: 10/14/2011 8:22:41 AM - Installed AVG 2012
RP1558: 10/14/2011 8:24:49 AM - Installed AVG 2012
RP1559: 10/14/2011 8:54:59 AM - Removed AVG 2012
RP1560: 10/14/2011 8:55:23 AM - Removed AVG 2012
RP1561: 10/15/2011 12:05:10 PM - System Checkpoint
RP1562: 10/16/2011 12:26:14 PM - System Checkpoint
.
==== Installed Programs ======================
.
.
µTorrent
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Illustrator CS5
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AT&T Yahoo! Applications
Avira Free Antivirus
Bonjour
Broadcom Gigabit Integrated Controller
BroadJump Client Foundation
Business PlanMaker
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CDisplay 1.8
ConvertHelper 2.2
Corel Paint Shop Pro Photo X2
Creative WebCam Instant Driver (1.01.02.0729)
Critical Update for Windows Media Player 11 (KB959772)
CutePDF Writer 2.8
Dell Resource CD
DiscAPI (Studio 10)
DivX Converter
DivX Plus DirectShow Filters
DivX Version Checker
Driver Detective
DWGeditor
EVGA OC Scanner 1.5.0
GameSpy Arcade
Google Chrome
Google Earth
Google Update Helper
Google Updater
HDClone 4 Free Edition
hereUareVoIP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Deskjet 3740
HP Software Update
i-PhoneHome
iTunes
Java Auto Updater
Java™ 6 Update 22
Java™ 6 Update 3
JD2 Tube Bend App.
Kurzweil 3000 v.11
Logitech SetPoint
magicJack
Malwarebytes' Anti-Malware version 1.51.2.1300
Mastercam X2 Demo
Medieval II Total War
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Halo
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2003 Web Components
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Motherboard Monitor 5
Move Media Player
Mozilla Firefox 6.0.2 (x86 en-US)
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Musicmatch® Jukebox
n52te Editor
NBC Direct
Netflix Movie Viewer
Nokia Connectivity Cable Driver
Nokia Map Loader
Nokia PC Suite
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
NVIDIA nTune
NVIDIA nView 135.50
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
PC Connectivity Solution
PDF Settings CS5
PhotoView 360
Pinnacle device drivers
Pinnacle Instant DVD Recorder
Portal
PowerISO
QuickTime
RAPID (Studio 10)
Roxio EasyWrite Reader
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Shockwave
Skype™ 4.2
SolidWorks 2010 SP0
SolidWorks eDrawings 2010
SolidWorks Explorer 2010 SP0
SoundMAX
Spotify
StarCraft II
Steam
Studio 10
The Rosetta Stone
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
Ventrilo Client
Veoh Web Player Beta
WebFldrs XP
WinAce Archiver
Windows Driver Package - Belkin (HidUsb) HIDClass (01/11/2007 1.0)
Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)
Windows Driver Package - Nokia Modem (03/05/2008 3.7)
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
World of Warcraft
XML Paper Specification Shared Components Pack 1.0
ZoomText 9.0
.
==== Event Viewer Messages From Past Week ========
.
10/13/2011 6:43:28 PM, error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: Access is denied.
10/13/2011 6:43:28 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service WebrootSpySweeperService with arguments "" in order to run the server: {1281A68F-9E75-418F-B3AC-D5B23DD86408}
10/13/2011 6:39:16 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
10/13/2011 6:37:54 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: Access is denied.
10/13/2011 6:36:55 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'cdrom.sys' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
10/13/2011 6:30:22 PM, error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

Thanks in advance

#2
jedi

Posted 18 October 2011 - 02:01 AM

New Member

Experts
17 posts

Hi,

Please update MBAM and run a quick scan. Please post that report here.

Next:

Please download TDSSKiller.zip and extract it to a folder on your Desktop.
>>> Double-click on TDSSKiller.exe to run the application.

Click on the Start Scan button and wait for the scan and disinfection process to be over.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

jedi

#3
Alpo

Posted 18 October 2011 - 12:23 PM

New Member

Members
8 posts

Thanks, jedi! The mbam log is as follows: I'm gonna run TDSSKiller after this post.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7947

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/18/2011 9:59:45 AM
mbam-log-2011-10-18 (09-59-45).txt

Scan type: Quick scan
Objects scanned: 243586
Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4
Alpo

Posted 18 October 2011 - 12:26 PM

New Member

Members
8 posts

Here is the Report from TDSSkiller:

10:24:02.0218 2996 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
10:24:02.0750 2996 ============================================================
10:24:02.0750 2996 Current date / time: 2011/10/18 10:24:02.0750
10:24:02.0750 2996 SystemInfo:
10:24:02.0750 2996
10:24:02.0750 2996 OS Version: 5.1.2600 ServicePack: 3.0
10:24:02.0750 2996 Product type: Workstation
10:24:02.0750 2996 ComputerName: DINING-PC
10:24:02.0750 2996 UserName: Geraldine
10:24:02.0750 2996 Windows directory: C:\WINDOWS
10:24:02.0750 2996 System windows directory: C:\WINDOWS
10:24:02.0750 2996 Processor architecture: Intel x86
10:24:02.0750 2996 Number of processors: 2
10:24:02.0750 2996 Page size: 0x1000
10:24:02.0750 2996 Boot type: Normal boot
10:24:02.0750 2996 ============================================================
10:24:04.0187 2996 Initialize success
10:24:23.0953 1796 ============================================================
10:24:23.0953 1796 Scan started
10:24:23.0953 1796 Mode: Manual;
10:24:23.0953 1796 ============================================================
10:24:24.0453 1796 1a3d5dcb - ok
10:24:24.0484 1796 2WIREPCP (6551c1cf190df3e12c435a085987fba0) C:\WINDOWS\system32\DRIVERS\2WirePCP.sys
10:24:24.0484 1796 2WIREPCP - ok
10:24:24.0515 1796 Abiosdsk - ok
10:24:24.0531 1796 abp480n5 - ok
10:24:24.0562 1796 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:24:24.0562 1796 ACPI - ok
10:24:24.0593 1796 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:24:24.0593 1796 ACPIEC - ok
10:24:24.0609 1796 adpu160m - ok
10:24:24.0640 1796 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:24:24.0640 1796 aec - ok
10:24:24.0671 1796 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
10:24:24.0671 1796 AFD - ok
10:24:24.0703 1796 Aha154x - ok
10:24:24.0718 1796 Ai2sXP (470de747281cf6279ec8923f77712617) C:\WINDOWS\System32\drivers\Ai2sXP.sys
10:24:24.0718 1796 Ai2sXP - ok
10:24:24.0750 1796 aic78u2 - ok
10:24:24.0781 1796 aic78xx - ok
10:24:24.0796 1796 AliIde - ok
10:24:24.0828 1796 amsint - ok
10:24:24.0859 1796 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapiw2k.sys
10:24:24.0859 1796 ASAPIW2K - ok
10:24:24.0890 1796 asc - ok
10:24:24.0906 1796 asc3350p - ok
10:24:24.0937 1796 asc3550 - ok
10:24:24.0968 1796 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:24:24.0968 1796 AsyncMac - ok
10:24:25.0000 1796 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:24:25.0000 1796 atapi - ok
10:24:25.0031 1796 Atdisk - ok
10:24:25.0046 1796 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:24:25.0046 1796 Atmarpc - ok
10:24:25.0078 1796 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:24:25.0078 1796 audstub - ok
10:24:25.0109 1796 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
10:24:25.0109 1796 avgntflt - ok
10:24:25.0140 1796 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys
10:24:25.0140 1796 avipbb - ok
10:24:25.0156 1796 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
10:24:25.0171 1796 avkmgr - ok
10:24:25.0187 1796 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:24:25.0187 1796 b57w2k - ok
10:24:25.0218 1796 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:24:25.0218 1796 Beep - ok
10:24:25.0250 1796 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:24:25.0250 1796 cbidf2k - ok
10:24:25.0281 1796 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:24:25.0281 1796 CCDECODE - ok
10:24:25.0312 1796 cd20xrnt - ok
10:24:25.0328 1796 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:24:25.0328 1796 Cdaudio - ok
10:24:25.0359 1796 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:24:25.0359 1796 Cdfs - ok
10:24:25.0390 1796 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:24:25.0390 1796 cdrom - ok
10:24:25.0406 1796 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
10:24:25.0406 1796 cercsr6 - ok
10:24:25.0437 1796 Changer - ok
10:24:25.0468 1796 CmdIde - ok
10:24:25.0500 1796 Cpqarray - ok
10:24:25.0531 1796 dac2w2k - ok
10:24:25.0546 1796 dac960nt - ok
10:24:25.0578 1796 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:24:25.0578 1796 Disk - ok
10:24:25.0625 1796 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:24:25.0625 1796 dmboot - ok
10:24:25.0656 1796 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:24:25.0656 1796 dmio - ok
10:24:25.0687 1796 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:24:25.0687 1796 dmload - ok
10:24:25.0718 1796 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:24:25.0718 1796 DMusic - ok
10:24:25.0734 1796 dpti2o - ok
10:24:25.0765 1796 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:24:25.0765 1796 drmkaud - ok
10:24:25.0796 1796 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:24:25.0812 1796 Fastfat - ok
10:24:25.0828 1796 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:24:25.0828 1796 Fdc - ok
10:24:25.0859 1796 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:24:25.0859 1796 Fips - ok
10:24:25.0890 1796 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:24:25.0890 1796 Flpydisk - ok
10:24:25.0921 1796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:24:25.0921 1796 FltMgr - ok
10:24:25.0953 1796 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:24:25.0953 1796 Fs_Rec - ok
10:24:25.0968 1796 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:24:25.0968 1796 Ftdisk - ok
10:24:26.0000 1796 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
10:24:26.0000 1796 GEARAspiWDM - ok
10:24:26.0031 1796 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:24:26.0031 1796 Gpc - ok
10:24:26.0062 1796 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys
10:24:26.0078 1796 Hardlock - ok
10:24:26.0109 1796 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:24:26.0109 1796 hidusb - ok
10:24:26.0125 1796 hpn - ok
10:24:26.0156 1796 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:24:26.0156 1796 HTTP - ok
10:24:26.0187 1796 i2omgmt - ok
10:24:26.0218 1796 i2omp - ok
10:24:26.0250 1796 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:24:26.0250 1796 Imapi - ok
10:24:26.0281 1796 ini910u - ok
10:24:26.0296 1796 IntelIde - ok
10:24:26.0328 1796 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:24:26.0328 1796 intelppm - ok
10:24:26.0359 1796 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:24:26.0359 1796 Ip6Fw - ok
10:24:26.0375 1796 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:24:26.0390 1796 IpFilterDriver - ok
10:24:26.0406 1796 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:24:26.0406 1796 IpInIp - ok
10:24:26.0437 1796 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:24:26.0437 1796 IpNat - ok
10:24:26.0468 1796 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:24:26.0468 1796 IPSec - ok
10:24:26.0500 1796 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:24:26.0500 1796 IRENUM - ok
10:24:26.0515 1796 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:24:26.0515 1796 isapnp - ok
10:24:26.0546 1796 JmtFltr (78cc22326e584d2c02e1ab8b38dbb00f) C:\WINDOWS\system32\Drivers\JmtFltr.sys
10:24:26.0546 1796 JmtFltr - ok
10:24:26.0578 1796 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:24:26.0578 1796 Kbdclass - ok
10:24:26.0609 1796 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:24:26.0609 1796 kbdhid - ok
10:24:26.0625 1796 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:24:26.0625 1796 kmixer - ok
10:24:26.0656 1796 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:24:26.0656 1796 KSecDD - ok
10:24:26.0687 1796 lbrtfdc - ok
10:24:26.0718 1796 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
10:24:26.0718 1796 LHidKe - ok
10:24:26.0750 1796 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
10:24:26.0750 1796 LMouKE - ok
10:24:26.0781 1796 lwwbkgs - ok
10:24:26.0796 1796 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
10:24:26.0812 1796 MarvinBus - ok
10:24:26.0828 1796 mbmiodrvr (290fb01f7f51eff0960599404a09f8d6) C:\WINDOWS\system32\mbmiodrvr.sys
10:24:26.0828 1796 mbmiodrvr - ok
10:24:26.0859 1796 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:24:26.0859 1796 mnmdd - ok
10:24:26.0890 1796 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:24:26.0890 1796 Modem - ok
10:24:26.0921 1796 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
10:24:26.0921 1796 motmodem - ok
10:24:26.0937 1796 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:24:26.0953 1796 Mouclass - ok
10:24:26.0968 1796 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:24:26.0968 1796 mouhid - ok
10:24:27.0000 1796 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:24:27.0000 1796 MountMgr - ok
10:24:27.0015 1796 mraid35x - ok
10:24:27.0031 1796 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:24:27.0031 1796 MREMP50 - ok
10:24:27.0031 1796 MREMP50a64 - ok
10:24:27.0046 1796 MREMPR5 - ok
10:24:27.0046 1796 MRENDIS5 - ok
10:24:27.0046 1796 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:24:27.0062 1796 MRESP50 - ok
10:24:27.0062 1796 MRESP50a64 - ok
10:24:27.0093 1796 MrFilter (ae3c9fe5449eff5522d5688a1da5d08d) C:\WINDOWS\system32\drivers\MrFilter.sys
10:24:27.0093 1796 MrFilter - ok
10:24:27.0109 1796 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:24:27.0109 1796 MRxDAV - ok
10:24:27.0140 1796 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:24:27.0156 1796 MRxSmb - ok
10:24:27.0187 1796 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:24:27.0187 1796 Msfs - ok
10:24:27.0203 1796 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:24:27.0203 1796 MSKSSRV - ok
10:24:27.0234 1796 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:24:27.0234 1796 MSPCLOCK - ok
10:24:27.0265 1796 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:24:27.0265 1796 MSPQM - ok
10:24:27.0281 1796 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:24:27.0281 1796 mssmbios - ok
10:24:27.0312 1796 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:24:27.0312 1796 MSTEE - ok
10:24:27.0343 1796 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
10:24:27.0343 1796 Mup - ok
10:24:27.0375 1796 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:24:27.0375 1796 NABTSFEC - ok
10:24:27.0406 1796 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:24:27.0406 1796 NDIS - ok
10:24:27.0421 1796 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:24:27.0437 1796 NdisIP - ok
10:24:27.0453 1796 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:24:27.0453 1796 NdisTapi - ok
10:24:27.0484 1796 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:24:27.0484 1796 Ndisuio - ok
10:24:27.0500 1796 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:24:27.0515 1796 NdisWan - ok
10:24:27.0531 1796 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
10:24:27.0531 1796 NDProxy - ok
10:24:27.0562 1796 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:24:27.0562 1796 NetBIOS - ok
10:24:27.0593 1796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:24:27.0593 1796 NetBT - ok
10:24:27.0625 1796 NetworkX (32d13224ec94423c9fa35c21b0de03f0) C:\WINDOWS\system32\ckldrv.sys
10:24:27.0625 1796 NetworkX - ok
10:24:27.0656 1796 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\WINDOWS\system32\drivers\ccdcmb.sys
10:24:27.0656 1796 nmwcd - ok
10:24:27.0687 1796 nmwcdc (29af182734a247240d89a0fe63dbef03) C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:24:27.0687 1796 nmwcdc - ok
10:24:27.0703 1796 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:24:27.0703 1796 Npfs - ok
10:24:27.0734 1796 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:24:27.0750 1796 Ntfs - ok
10:24:27.0781 1796 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:24:27.0781 1796 Null - ok
10:24:27.0921 1796 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:24:28.0015 1796 nv - ok
10:24:28.0031 1796 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
10:24:28.0031 1796 NVR0Dev - ok
10:24:28.0062 1796 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:24:28.0062 1796 NwlnkFlt - ok
10:24:28.0093 1796 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:24:28.0093 1796 NwlnkFwd - ok
10:24:28.0125 1796 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:24:28.0125 1796 Parport - ok
10:24:28.0156 1796 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:24:28.0156 1796 PartMgr - ok
10:24:28.0171 1796 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:24:28.0171 1796 ParVdm - ok
10:24:28.0203 1796 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:24:28.0203 1796 pccsmcfd - ok
10:24:28.0234 1796 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:24:28.0234 1796 PCI - ok
10:24:28.0265 1796 PCIDump - ok
10:24:28.0281 1796 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:24:28.0281 1796 PCIIde - ok
10:24:28.0312 1796 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
10:24:28.0312 1796 PCLEPCI - ok
10:24:28.0343 1796 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:24:28.0343 1796 Pcmcia - ok
10:24:28.0359 1796 PD0620VID (4431f2fa27f56f4bc654b0af5810cc91) C:\WINDOWS\system32\DRIVERS\P0620Vid.sys
10:24:28.0375 1796 PD0620VID - ok
10:24:28.0390 1796 PDCOMP - ok
10:24:28.0421 1796 PDFRAME - ok
10:24:28.0437 1796 PDRELI - ok
10:24:28.0468 1796 PDRFRAME - ok
10:24:28.0500 1796 perc2 - ok
10:24:28.0515 1796 perc2hib - ok
10:24:28.0562 1796 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:24:28.0562 1796 PptpMiniport - ok
10:24:28.0593 1796 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:24:28.0593 1796 PSched - ok
10:24:28.0609 1796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:24:28.0625 1796 Ptilink - ok
10:24:28.0640 1796 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:24:28.0640 1796 PxHelp20 - ok
10:24:28.0671 1796 ql1080 - ok
10:24:28.0687 1796 Ql10wnt - ok
10:24:28.0718 1796 ql12160 - ok
10:24:28.0750 1796 ql1240 - ok
10:24:28.0765 1796 ql1280 - ok
10:24:28.0796 1796 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys
10:24:28.0796 1796 QV2KUX - ok
10:24:28.0828 1796 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:24:28.0828 1796 RasAcd - ok
10:24:28.0859 1796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:24:28.0859 1796 Rasl2tp - ok
10:24:28.0875 1796 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:24:28.0890 1796 RasPppoe - ok
10:24:28.0906 1796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:24:28.0906 1796 Raspti - ok
10:24:28.0937 1796 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:24:28.0937 1796 Rdbss - ok
10:24:28.0968 1796 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:24:28.0968 1796 RDPCDD - ok
10:24:29.0000 1796 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:24:29.0000 1796 rdpdr - ok
10:24:29.0031 1796 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
10:24:29.0031 1796 RDPWD - ok
10:24:29.0062 1796 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:24:29.0062 1796 redbook - ok
10:24:29.0093 1796 SCDEmu (612a3d69e603dbbe5c3c1079186a0393) C:\WINDOWS\system32\drivers\SCDEmu.sys
10:24:29.0093 1796 SCDEmu - ok
10:24:29.0125 1796 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:24:29.0125 1796 Secdrv - ok
10:24:29.0171 1796 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
10:24:29.0171 1796 senfilt - ok
10:24:29.0203 1796 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:24:29.0203 1796 serenum - ok
10:24:29.0234 1796 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:24:29.0234 1796 Serial - ok
10:24:29.0265 1796 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:24:29.0265 1796 Sfloppy - ok
10:24:29.0296 1796 Simbad - ok
10:24:29.0328 1796 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:24:29.0328 1796 SLIP - ok
10:24:29.0359 1796 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
10:24:29.0359 1796 smwdm - ok
10:24:29.0375 1796 Sparrow - ok
10:24:29.0406 1796 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:24:29.0406 1796 splitter - ok
10:24:29.0437 1796 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:24:29.0437 1796 sr - ok
10:24:29.0468 1796 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
10:24:29.0484 1796 Srv - ok
10:24:29.0500 1796 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
10:24:29.0500 1796 SSKBFD - ok
10:24:29.0531 1796 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
10:24:29.0531 1796 ssmdrv - ok
10:24:29.0562 1796 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
10:24:29.0562 1796 StillCam - ok
10:24:29.0593 1796 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:24:29.0593 1796 streamip - ok
10:24:29.0609 1796 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:24:29.0609 1796 swenum - ok
10:24:29.0640 1796 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:24:29.0640 1796 swmidi - ok
10:24:29.0671 1796 symc810 - ok
10:24:29.0703 1796 symc8xx - ok
10:24:29.0718 1796 sym_hi - ok
10:24:29.0750 1796 sym_u3 - ok
10:24:29.0781 1796 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:24:29.0781 1796 sysaudio - ok
10:24:29.0812 1796 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:24:29.0812 1796 Tcpip - ok
10:24:29.0843 1796 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:24:29.0843 1796 TDPIPE - ok
10:24:29.0875 1796 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:24:29.0875 1796 TDTCP - ok
10:24:29.0890 1796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:24:29.0890 1796 TermDD - ok
10:24:29.0937 1796 TosIde - ok
10:24:29.0968 1796 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:24:29.0968 1796 Udfs - ok
10:24:29.0984 1796 ultra - ok
10:24:30.0015 1796 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:24:30.0031 1796 Update - ok
10:24:30.0046 1796 upperdev (2522747ba661514e3770e508cce45b64) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:24:30.0046 1796 upperdev - ok
10:24:30.0078 1796 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
10:24:30.0078 1796 USBAAPL - ok
10:24:30.0109 1796 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
10:24:30.0109 1796 usbaudio - ok
10:24:30.0140 1796 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:24:30.0140 1796 usbccgp - ok
10:24:30.0171 1796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:24:30.0171 1796 usbehci - ok
10:24:30.0187 1796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:24:30.0187 1796 usbhub - ok
10:24:30.0218 1796 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:24:30.0218 1796 usbprint - ok
10:24:30.0250 1796 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:24:30.0250 1796 usbscan - ok
10:24:30.0281 1796 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
10:24:30.0281 1796 usbser - ok
10:24:30.0296 1796 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:24:30.0296 1796 UsbserFilt - ok
10:24:30.0328 1796 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:24:30.0328 1796 USBSTOR - ok
10:24:30.0359 1796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:24:30.0359 1796 usbuhci - ok
10:24:30.0375 1796 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
10:24:30.0375 1796 usb_rndisx - ok
10:24:30.0406 1796 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:24:30.0406 1796 VgaSave - ok
10:24:30.0437 1796 vhidmini (dffab3374f554977c4bb1b575a7b6502) C:\WINDOWS\system32\DRIVERS\vhidmini.sys
10:24:30.0437 1796 vhidmini - ok
10:24:30.0468 1796 ViaIde - ok
10:24:30.0484 1796 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:24:30.0484 1796 VolSnap - ok
10:24:30.0515 1796 vrdvqt - ok
10:24:30.0546 1796 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:24:30.0546 1796 Wanarp - ok
10:24:30.0578 1796 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:24:30.0593 1796 Wdf01000 - ok
10:24:30.0609 1796 WDICA - ok
10:24:30.0640 1796 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:24:30.0640 1796 wdmaud - ok
10:24:30.0687 1796 WISTechVIDCAP (797454446c66ecdca790677f223d1e20) C:\WINDOWS\system32\drivers\wisgostrm.sys
10:24:30.0687 1796 WISTechVIDCAP - ok
10:24:30.0718 1796 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:24:30.0718 1796 WpdUsb - ok
10:24:30.0750 1796 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:24:30.0750 1796 WSTCODEC - ok
10:24:30.0781 1796 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:24:30.0781 1796 WudfPf - ok
10:24:30.0812 1796 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:24:30.0812 1796 WudfRd - ok
10:24:30.0843 1796 zumbus (21a96535dd0a118d5663e5adc5c90f9e) C:\WINDOWS\system32\DRIVERS\zumbus.sys
10:24:30.0843 1796 zumbus - ok
10:24:30.0859 1796 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:24:30.0921 1796 \Device\Harddisk0\DR0 - ok
10:24:30.0921 1796 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
10:24:30.0921 1796 \Device\Harddisk1\DR1 - ok
10:24:30.0921 1796 Boot (0x1200) (4b2ef833625393d80776e7cddc63f725) \Device\Harddisk0\DR0\Partition0
10:24:30.0921 1796 \Device\Harddisk0\DR0\Partition0 - ok
10:24:30.0937 1796 Boot (0x1200) (60e7be93ee554562e8bd2b8f9f2845ca) \Device\Harddisk1\DR1\Partition0
10:24:30.0937 1796 \Device\Harddisk1\DR1\Partition0 - ok
10:24:30.0937 1796 ============================================================
10:24:30.0937 1796 Scan finished
10:24:30.0937 1796 ============================================================
10:24:30.0937 1660 Detected object count: 0
10:24:30.0937 1660 Actual detected object count: 0
10:24:55.0531 1548 ============================================================
10:24:55.0531 1548 Scan started
10:24:55.0531 1548 Mode: Manual; SigCheck; TDLFS;
10:24:55.0531 1548 ============================================================
10:24:55.0968 1548 1a3d5dcb - ok
10:24:55.0984 1548 2WIREPCP (6551c1cf190df3e12c435a085987fba0) C:\WINDOWS\system32\DRIVERS\2WirePCP.sys
10:24:59.0000 1548 2WIREPCP - ok
10:24:59.0015 1548 Abiosdsk - ok
10:24:59.0046 1548 abp480n5 - ok
10:24:59.0078 1548 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:24:59.0312 1548 ACPI - ok
10:24:59.0343 1548 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:24:59.0453 1548 ACPIEC - ok
10:24:59.0484 1548 adpu160m - ok
10:24:59.0500 1548 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:24:59.0625 1548 aec - ok
10:24:59.0640 1548 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
10:24:59.0671 1548 AFD - ok
10:24:59.0687 1548 Aha154x - ok
10:24:59.0718 1548 Ai2sXP (470de747281cf6279ec8923f77712617) C:\WINDOWS\System32\drivers\Ai2sXP.sys
10:24:59.0718 1548 Ai2sXP ( UnsignedFile.Multi.Generic ) - warning
10:24:59.0718 1548 Ai2sXP - detected UnsignedFile.Multi.Generic (1)
10:24:59.0750 1548 aic78u2 - ok
10:24:59.0765 1548 aic78xx - ok
10:24:59.0796 1548 AliIde - ok
10:24:59.0828 1548 amsint - ok
10:24:59.0859 1548 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapiw2k.sys
10:24:59.0859 1548 ASAPIW2K ( UnsignedFile.Multi.Generic ) - warning
10:24:59.0859 1548 ASAPIW2K - detected UnsignedFile.Multi.Generic (1)
10:24:59.0890 1548 asc - ok
10:24:59.0906 1548 asc3350p - ok
10:24:59.0937 1548 asc3550 - ok
10:24:59.0968 1548 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:25:00.0078 1548 AsyncMac - ok
10:25:00.0109 1548 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:25:00.0218 1548 atapi - ok
10:25:00.0250 1548 Atdisk - ok
10:25:00.0265 1548 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:25:00.0375 1548 Atmarpc - ok
10:25:00.0406 1548 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:25:00.0515 1548 audstub - ok
10:25:00.0546 1548 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
10:25:00.0796 1548 avgntflt - ok
10:25:00.0812 1548 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys
10:25:00.0828 1548 avipbb - ok
10:25:00.0843 1548 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
10:25:00.0859 1548 avkmgr - ok
10:25:00.0890 1548 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:25:00.0906 1548 b57w2k - ok
10:25:00.0937 1548 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:25:01.0046 1548 Beep - ok
10:25:01.0078 1548 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:25:01.0203 1548 cbidf2k - ok
10:25:01.0234 1548 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:25:01.0343 1548 CCDECODE - ok
10:25:01.0359 1548 cd20xrnt - ok
10:25:01.0390 1548 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:25:01.0500 1548 Cdaudio - ok
10:25:01.0531 1548 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:25:01.0640 1548 Cdfs - ok
10:25:01.0656 1548 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:25:01.0781 1548 cdrom - ok
10:25:01.0796 1548 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
10:25:01.0812 1548 cercsr6 ( UnsignedFile.Multi.Generic ) - warning
10:25:01.0812 1548 cercsr6 - detected UnsignedFile.Multi.Generic (1)
10:25:01.0828 1548 Changer - ok
10:25:01.0859 1548 CmdIde - ok
10:25:01.0890 1548 Cpqarray - ok
10:25:01.0921 1548 dac2w2k - ok
10:25:01.0953 1548 dac960nt - ok
10:25:01.0984 1548 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:25:02.0093 1548 Disk - ok
10:25:02.0125 1548 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:25:02.0234 1548 dmboot - ok
10:25:02.0265 1548 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:25:02.0375 1548 dmio - ok
10:25:02.0406 1548 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:25:02.0515 1548 dmload - ok
10:25:02.0546 1548 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:25:02.0656 1548 DMusic - ok
10:25:02.0687 1548 dpti2o - ok
10:25:02.0703 1548 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:25:02.0812 1548 drmkaud - ok
10:25:02.0843 1548 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:25:02.0968 1548 Fastfat - ok
10:25:03.0000 1548 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:25:03.0109 1548 Fdc - ok
10:25:03.0125 1548 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:25:03.0250 1548 Fips - ok
10:25:03.0265 1548 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:25:03.0375 1548 Flpydisk - ok
10:25:03.0406 1548 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:25:03.0515 1548 FltMgr - ok
10:25:03.0546 1548 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:25:03.0656 1548 Fs_Rec - ok
10:25:03.0687 1548 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:25:03.0796 1548 Ftdisk - ok
10:25:03.0812 1548 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
10:25:03.0828 1548 GEARAspiWDM - ok
10:25:03.0859 1548 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:25:03.0968 1548 Gpc - ok
10:25:04.0000 1548 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys
10:25:04.0015 1548 Hardlock - ok
10:25:04.0046 1548 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:25:04.0156 1548 hidusb - ok
10:25:04.0187 1548 hpn - ok
10:25:04.0218 1548 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:25:04.0234 1548 HTTP - ok
10:25:04.0250 1548 i2omgmt - ok
10:25:04.0281 1548 i2omp - ok
10:25:04.0312 1548 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:25:04.0421 1548 Imapi - ok
10:25:04.0453 1548 ini910u - ok
10:25:04.0468 1548 IntelIde - ok
10:25:04.0500 1548 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:25:04.0609 1548 intelppm - ok
10:25:04.0640 1548 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:25:04.0750 1548 Ip6Fw - ok
10:25:04.0765 1548 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:25:04.0875 1548 IpFilterDriver - ok
10:25:04.0906 1548 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:25:05.0015 1548 IpInIp - ok
10:25:05.0046 1548 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:25:05.0156 1548 IpNat - ok
10:25:05.0187 1548 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:25:05.0296 1548 IPSec - ok
10:25:05.0312 1548 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:25:05.0421 1548 IRENUM - ok
10:25:05.0453 1548 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:25:05.0562 1548 isapnp - ok
10:25:05.0593 1548 JmtFltr (78cc22326e584d2c02e1ab8b38dbb00f) C:\WINDOWS\system32\Drivers\JmtFltr.sys
10:25:05.0609 1548 JmtFltr - ok
10:25:05.0625 1548 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:25:05.0734 1548 Kbdclass - ok
10:25:05.0765 1548 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:25:05.0875 1548 kbdhid - ok
10:25:05.0906 1548 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:25:06.0015 1548 kmixer - ok
10:25:06.0046 1548 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:25:06.0062 1548 KSecDD - ok
10:25:06.0078 1548 lbrtfdc - ok
10:25:06.0109 1548 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
10:25:06.0125 1548 LHidKe - ok
10:25:06.0156 1548 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
10:25:06.0171 1548 LMouKE - ok
10:25:06.0203 1548 lwwbkgs - ok
10:25:06.0218 1548 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
10:25:06.0234 1548 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
10:25:06.0234 1548 MarvinBus - detected UnsignedFile.Multi.Generic (1)
10:25:06.0250 1548 mbmiodrvr (290fb01f7f51eff0960599404a09f8d6) C:\WINDOWS\system32\mbmiodrvr.sys
10:25:06.0265 1548 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
10:25:06.0265 1548 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
10:25:06.0296 1548 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:25:06.0406 1548 mnmdd - ok
10:25:06.0437 1548 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:25:06.0531 1548 Modem - ok
10:25:06.0562 1548 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
10:25:06.0609 1548 motmodem - ok
10:25:06.0625 1548 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:25:06.0734 1548 Mouclass - ok
10:25:06.0765 1548 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:25:06.0875 1548 mouhid - ok
10:25:06.0906 1548 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:25:07.0015 1548 MountMgr - ok
10:25:07.0031 1548 mraid35x - ok
10:25:07.0046 1548 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:25:07.0046 1548 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:25:07.0046 1548 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:25:07.0046 1548 MREMP50a64 - ok
10:25:07.0062 1548 MREMPR5 - ok
10:25:07.0062 1548 MRENDIS5 - ok
10:25:07.0078 1548 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:25:07.0078 1548 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:25:07.0078 1548 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:25:07.0078 1548 MRESP50a64 - ok
10:25:07.0109 1548 MrFilter (ae3c9fe5449eff5522d5688a1da5d08d) C:\WINDOWS\system32\drivers\MrFilter.sys
10:25:07.0109 1548 MrFilter ( UnsignedFile.Multi.Generic ) - warning
10:25:07.0109 1548 MrFilter - detected UnsignedFile.Multi.Generic (1)
10:25:07.0140 1548 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:25:07.0250 1548 MRxDAV - ok
10:25:07.0281 1548 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:25:07.0296 1548 MRxSmb - ok
10:25:07.0328 1548 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:25:07.0437 1548 Msfs - ok
10:25:07.0468 1548 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:25:07.0562 1548 MSKSSRV - ok
10:25:07.0593 1548 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:25:07.0703 1548 MSPCLOCK - ok
10:25:07.0734 1548 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:25:07.0828 1548 MSPQM - ok
10:25:07.0859 1548 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:25:07.0968 1548 mssmbios - ok
10:25:08.0000 1548 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:25:08.0093 1548 MSTEE - ok
10:25:08.0125 1548 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
10:25:08.0234 1548 Mup - ok
10:25:08.0265 1548 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:25:08.0375 1548 NABTSFEC - ok
10:25:08.0390 1548 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:25:08.0500 1548 NDIS - ok
10:25:08.0531 1548 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:25:08.0640 1548 NdisIP - ok
10:25:08.0656 1548 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:25:08.0765 1548 NdisTapi - ok
10:25:08.0796 1548 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:25:08.0906 1548 Ndisuio - ok
10:25:08.0921 1548 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:25:09.0031 1548 NdisWan - ok
10:25:09.0062 1548 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
10:25:09.0171 1548 NDProxy - ok
10:25:09.0187 1548 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:25:09.0296 1548 NetBIOS - ok
10:25:09.0328 1548 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:25:09.0437 1548 NetBT - ok
10:25:09.0468 1548 NetworkX (32d13224ec94423c9fa35c21b0de03f0) C:\WINDOWS\system32\ckldrv.sys
10:25:09.0468 1548 NetworkX ( UnsignedFile.Multi.Generic ) - warning
10:25:09.0468 1548 NetworkX - detected UnsignedFile.Multi.Generic (1)
10:25:09.0500 1548 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\WINDOWS\system32\drivers\ccdcmb.sys
10:25:09.0546 1548 nmwcd - ok
10:25:09.0562 1548 nmwcdc (29af182734a247240d89a0fe63dbef03) C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:25:09.0609 1548 nmwcdc - ok
10:25:09.0625 1548 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:25:09.0734 1548 Npfs - ok
10:25:09.0765 1548 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:25:09.0875 1548 Ntfs - ok
10:25:09.0906 1548 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:25:10.0015 1548 Null - ok
10:25:10.0156 1548 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:25:10.0312 1548 nv - ok
10:25:10.0328 1548 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
10:25:10.0343 1548 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning
10:25:10.0343 1548 NVR0Dev - detected UnsignedFile.Multi.Generic (1)
10:25:10.0359 1548 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:25:10.0468 1548 NwlnkFlt - ok
10:25:10.0500 1548 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:25:10.0609 1548 NwlnkFwd - ok
10:25:10.0640 1548 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:25:10.0750 1548 Parport - ok
10:25:10.0781 1548 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:25:10.0875 1548 PartMgr - ok
10:25:10.0906 1548 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:25:11.0015 1548 ParVdm - ok
10:25:11.0046 1548 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:25:11.0062 1548 pccsmcfd - ok
10:25:11.0078 1548 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:25:11.0187 1548 PCI - ok
10:25:11.0218 1548 PCIDump - ok
10:25:11.0234 1548 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:25:11.0343 1548 PCIIde - ok
10:25:11.0375 1548 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
10:25:11.0375 1548 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
10:25:11.0375 1548 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
10:25:11.0406 1548 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:25:11.0515 1548 Pcmcia - ok
10:25:11.0546 1548 PD0620VID (4431f2fa27f56f4bc654b0af5810cc91) C:\WINDOWS\system32\DRIVERS\P0620Vid.sys
10:25:11.0546 1548 PD0620VID - ok
10:25:11.0578 1548 PDCOMP - ok
10:25:11.0609 1548 PDFRAME - ok
10:25:11.0625 1548 PDRELI - ok
10:25:11.0656 1548 PDRFRAME - ok
10:25:11.0687 1548 perc2 - ok
10:25:11.0703 1548 perc2hib - ok
10:25:11.0750 1548 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:25:11.0859 1548 PptpMiniport - ok
10:25:11.0890 1548 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:25:12.0000 1548 PSched - ok
10:25:12.0015 1548 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:25:12.0125 1548 Ptilink - ok
10:25:12.0156 1548 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:25:12.0156 1548 PxHelp20 - ok
10:25:12.0187 1548 ql1080 - ok
10:25:12.0218 1548 Ql10wnt - ok
10:25:12.0234 1548 ql12160 - ok
10:25:12.0265 1548 ql1240 - ok
10:25:12.0296 1548 ql1280 - ok
10:25:12.0312 1548 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys
10:25:12.0437 1548 QV2KUX - ok
10:25:12.0453 1548 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:25:12.0562 1548 RasAcd - ok
10:25:12.0593 1548 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:25:12.0703 1548 Rasl2tp - ok
10:25:12.0718 1548 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:25:12.0828 1548 RasPppoe - ok
10:25:12.0859 1548 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:25:12.0968 1548 Raspti - ok
10:25:13.0000 1548 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:25:13.0109 1548 Rdbss - ok
10:25:13.0125 1548 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:25:13.0234 1548 RDPCDD - ok
10:25:13.0265 1548 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:25:13.0375 1548 rdpdr - ok
10:25:13.0406 1548 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
10:25:13.0515 1548 RDPWD - ok
10:25:13.0531 1548 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:25:13.0640 1548 redbook - ok
10:25:13.0687 1548 SCDEmu (612a3d69e603dbbe5c3c1079186a0393) C:\WINDOWS\system32\drivers\SCDEmu.sys
10:25:13.0687 1548 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
10:25:13.0687 1548 SCDEmu - detected UnsignedFile.Multi.Generic (1)
10:25:13.0718 1548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:25:13.0828 1548 Secdrv - ok
10:25:13.0859 1548 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
10:25:13.0890 1548 senfilt - ok
10:25:13.0906 1548 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:25:14.0031 1548 serenum - ok
10:25:14.0046 1548 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:25:14.0156 1548 Serial - ok
10:25:14.0187 1548 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:25:14.0296 1548 Sfloppy - ok
10:25:14.0328 1548 Simbad - ok
10:25:14.0343 1548 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:25:14.0453 1548 SLIP - ok
10:25:14.0484 1548 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
10:25:14.0500 1548 smwdm - ok
10:25:14.0531 1548 Sparrow - ok
10:25:14.0562 1548 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:25:14.0671 1548 splitter - ok
10:25:14.0687 1548 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:25:14.0796 1548 sr - ok
10:25:14.0828 1548 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
10:25:14.0843 1548 Srv - ok
10:25:14.0875 1548 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
10:25:14.0890 1548 SSKBFD - ok
10:25:14.0906 1548 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
10:25:14.0921 1548 ssmdrv - ok
10:25:14.0953 1548 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
10:25:15.0062 1548 StillCam - ok
10:25:15.0093 1548 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:25:15.0187 1548 streamip - ok
10:25:15.0218 1548 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:25:15.0328 1548 swenum - ok
10:25:15.0359 1548 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:25:15.0468 1548 swmidi - ok
10:25:15.0484 1548 symc810 - ok
10:25:15.0515 1548 symc8xx - ok
10:25:15.0546 1548 sym_hi - ok
10:25:15.0578 1548 sym_u3 - ok
10:25:15.0593 1548 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:25:15.0703 1548 sysaudio - ok
10:25:15.0734 1548 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:25:15.0750 1548 Tcpip - ok
10:25:15.0781 1548 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:25:15.0890 1548 TDPIPE - ok
10:25:15.0906 1548 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:25:16.0015 1548 TDTCP - ok
10:25:16.0046 1548 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:25:16.0156 1548 TermDD - ok
10:25:16.0187 1548 TosIde - ok
10:25:16.0218 1548 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:25:16.0328 1548 Udfs - ok
10:25:16.0343 1548 ultra - ok
10:25:16.0375 1548 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:25:16.0484 1548 Update - ok
10:25:16.0515 1548 upperdev (2522747ba661514e3770e508cce45b64) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:25:16.0546 1548 upperdev - ok
10:25:16.0578 1548 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
10:25:16.0593 1548 USBAAPL - ok
10:25:16.0625 1548 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
10:25:16.0734 1548 usbaudio - ok
10:25:16.0750 1548 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:25:16.0859 1548 usbccgp - ok
10:25:16.0890 1548 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:25:17.0000 1548 usbehci - ok
10:25:17.0031 1548 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:25:17.0125 1548 usbhub - ok
10:25:17.0156 1548 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:25:17.0265 1548 usbprint - ok
10:25:17.0281 1548 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:25:17.0390 1548 usbscan - ok
10:25:17.0421 1548 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
10:25:17.0531 1548 usbser - ok
10:25:17.0562 1548 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:25:17.0593 1548 UsbserFilt - ok
10:25:17.0625 1548 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:25:17.0718 1548 USBSTOR - ok
10:25:17.0750 1548 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:25:17.0859 1548 usbuhci - ok
10:25:17.0875 1548 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
10:25:17.0984 1548 usb_rndisx - ok
10:25:18.0015 1548 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:25:18.0125 1548 VgaSave - ok
10:25:18.0140 1548 vhidmini (dffab3374f554977c4bb1b575a7b6502) C:\WINDOWS\system32\DRIVERS\vhidmini.sys
10:25:18.0156 1548 vhidmini - ok
10:25:18.0187 1548 ViaIde - ok
10:25:18.0218 1548 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:25:18.0312 1548 VolSnap - ok
10:25:18.0343 1548 vrdvqt - ok
10:25:18.0375 1548 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:25:18.0484 1548 Wanarp - ok
10:25:18.0515 1548 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:25:18.0531 1548 Wdf01000 - ok
10:25:18.0562 1548 WDICA - ok
10:25:18.0593 1548 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:25:18.0687 1548 wdmaud - ok
10:25:18.0734 1548 WISTechVIDCAP (797454446c66ecdca790677f223d1e20) C:\WINDOWS\system32\drivers\wisgostrm.sys
10:25:18.0750 1548 WISTechVIDCAP - ok
10:25:18.0781 1548 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:25:18.0796 1548 WpdUsb - ok
10:25:18.0828 1548 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:25:18.0937 1548 WSTCODEC - ok
10:25:18.0968 1548 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:25:18.0984 1548 WudfPf - ok
10:25:19.0015 1548 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:25:19.0031 1548 WudfRd - ok
10:25:19.0062 1548 zumbus (21a96535dd0a118d5663e5adc5c90f9e) C:\WINDOWS\system32\DRIVERS\zumbus.sys
10:25:19.0078 1548 zumbus - ok
10:25:19.0093 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:25:19.0171 1548 \Device\Harddisk0\DR0 - ok
10:25:19.0171 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
10:25:19.0437 1548 \Device\Harddisk1\DR1 - ok
10:25:19.0437 1548 Boot (0x1200) (4b2ef833625393d80776e7cddc63f725) \Device\Harddisk0\DR0\Partition0
10:25:19.0437 1548 \Device\Harddisk0\DR0\Partition0 - ok
10:25:19.0437 1548 Boot (0x1200) (60e7be93ee554562e8bd2b8f9f2845ca) \Device\Harddisk1\DR1\Partition0
10:25:19.0437 1548 \Device\Harddisk1\DR1\Partition0 - ok
10:25:19.0437 1548 ============================================================
10:25:19.0437 1548 Scan finished
10:25:19.0437 1548 ============================================================
10:25:19.0546 2108 Detected object count: 12
10:25:19.0546 2108 Actual detected object count: 12
10:26:16.0796 2108 Ai2sXP ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0796 2108 Ai2sXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0796 2108 ASAPIW2K ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0796 2108 ASAPIW2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0796 2108 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0796 2108 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0796 2108 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0796 2108 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0796 2108 mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0796 2108 mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 MrFilter ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 MrFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:26:16.0812 2108 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
10:26:16.0812 2108 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip

#5
Alpo

Posted 18 October 2011 - 12:30 PM

New Member

Members
8 posts

By the way, what are you looking for? Avira found another 2 viruses about 20 minutes ago.

#6
jedi

Posted 18 October 2011 - 03:19 PM

New Member

Experts
17 posts

Hi again,

Quote

By the way, what are you looking for?

I'm looking for the cause of the redirects.

Quote

Everything runs well for a while and then after an hour the virus pops up again.

Can you be more specific? Please describe exactly what is happening.

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

jedi

#7
Alpo

Posted 18 October 2011 - 04:19 PM

New Member

Members
8 posts

Hey Jedi,

While combofix was running, it found a rootkit. I think it was zeroaccess. something. Anyway combofix said it would go ahead and take care of the problem. Here's the log:

ComboFix 11-10-18.04 - Geraldine 10/18/2011 13:59:16.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1560 [GMT -7:00]
Running from: c:\documents and settings\Geraldine\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js
c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf
c:\documents and settings\Geraldine\dymvzoigtl.tmp
c:\documents and settings\Geraldine\My Documents\~WRL1212.tmp
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js
c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf
c:\documents and settings\Jun\Application Data\Adobe\mushimu.exe
c:\documents and settings\Jun\Application Data\Google\T-Scan
c:\documents and settings\Jun\Application Data\Help\merman.exe
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js
c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf
c:\documents and settings\Jun\My Documents\~WRL0001.tmp
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js
c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf
c:\windows\$NtUninstallKB47113$
c:\windows\$NtUninstallKB47113$\1822774291
c:\windows\$NtUninstallKB47113$\440229323\@
c:\windows\$NtUninstallKB47113$\440229323\bckfg.tmp
c:\windows\$NtUninstallKB47113$\440229323\cfg.ini
c:\windows\$NtUninstallKB47113$\440229323\Desktop.ini
c:\windows\$NtUninstallKB47113$\440229323\keywords
c:\windows\$NtUninstallKB47113$\440229323\kwrd.dll
c:\windows\$NtUninstallKB47113$\440229323\L\mroazbgx
c:\windows\$NtUninstallKB47113$\440229323\lsflt7.ver
c:\windows\$NtUninstallKB47113$\440229323\U\00000001.@
c:\windows\$NtUninstallKB47113$\440229323\U\00000002.@
c:\windows\$NtUninstallKB47113$\440229323\U\80000000.@
c:\windows\$NtUninstallKB47113$\440229323\U\80000032.@
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf
c:\windows\jestertb.dll
c:\windows\system32\CddbCdda.dll
c:\windows\system32\d3d9caps.dat
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_1a3d5dcb
.
.
((((((((((((((((((((((((( Files Created from 2011-09-18 to 2011-10-18 )))))))))))))))))))))))))))))))
.
.
2011-10-16 15:22 . 2011-10-16 15:22 -------- d-----w- c:\documents and settings\Migi\Application Data\Avira
2011-10-14 17:40 . 2011-10-14 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-14 17:40 . 2011-09-01 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\documents and settings\Geraldine\Application Data\Avira
2011-10-14 15:56 . 2011-09-18 15:39 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-14 15:56 . 2011-09-16 06:55 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-14 15:56 . 2011-09-16 06:55 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\program files\Avira
2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-10-14 15:41 . 2011-10-14 15:41 -------- d-----w- c:\documents and settings\Geraldine\Application Data\Malwarebytes
2011-10-14 15:41 . 2011-10-14 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-10-14 05:44 . 2011-10-14 05:44 -------- d-----w- c:\documents and settings\Geraldine\Application Data\AVG2012
2011-10-14 00:44 . 2011-10-14 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2011-10-13 17:18 . 2011-10-13 17:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2011-10-07 19:04 . 2011-10-07 19:10 -------- d-----w- C:\StarCraft II
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 22:52 . 2011-03-25 01:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="1" [X]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-05 81920]
"cdloader"="c:\documents and settings\Geraldine\Application Data\mjusbsp\cdloader2.exe" [2011-08-23 50592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2005-07-23 172032]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-07-23 49152]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"Jomantha"="c:\program files\n52te\n52teHid.exe" [2008-06-13 159744]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzc5MzQ3MzAwLUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1YTzM2KzEtRjlNN0MrNS1GOU0xMEIrMi1YTzkrMS1GOU0yKzEtRERUKzQyOTQ5MzAyMzEtREQ5MEYrMS1TVDkwRkFQUCsxLUY5ME0xMkFUKzEtRjkwTTEyQSsxLUY5ME0xMkFCKzEtVTk1KzEtRjkwTTEyQVRCKzEtU1QxMkZPSSsxLVNUMTJGQVBQKzEtU1RGOTBNMTJBVUYrMQ&prod=90&ver=2012.0.1831&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a" [?]
.
c:\documents and settings\Geraldine\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
2002-09-11 04:26 368706 ----a-w- c:\program files\BroadJump\Client Foundation\CFD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 23:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-05-20 21:46 28160 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 23:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"d:\\Program Files\\Steam\\steamapps\\chucez\\team fortress classic\\hl.exe"=
"d:\\Program Files\\Steam\\steamapps\\chucez\\half-life\\hl.exe"=
"d:\\Program Files\\Steam\\steamapps\\chucez\\counter-strike\\hl.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\hereUareVoIP\\hereUareVoIP\\MyPhone.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\i-PhoneHome\\i-PhoneHome\\MyPhone.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\StarCraft II\\Versions\\Base19679\\SC2.exe"=
"c:\\Documents and Settings\\Geraldine\\Application Data\\mjusbsp\\magicJack.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Battle.net wc3
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 MrFilter;EasyWrite Driver;c:\windows\system32\drivers\MRFilter.sys [10/2/2007 1:38 PM 14592]
R1 Ai2sXP;Ai2sXP;c:\windows\system32\drivers\Ai2sXP.sys [10/1/2007 7:56 PM 7296]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10/14/2011 8:56 AM 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/14/2011 8:56 AM 86224]
R2 TomTomHOMEService;TomTomHOMEService;c:\tomtom home 2\TomTomHOMEService.exe [11/13/2009 4:31 AM 92008]
S0 lwwbkgs;lwwbkgs;c:\windows\system32\drivers\wvohewe.sys --> c:\windows\system32\drivers\wvohewe.sys [?]
S0 vrdvqt;vrdvqt;c:\windows\system32\drivers\mtxok.sys --> c:\windows\system32\drivers\mtxok.sys [?]
S2 gupdate1c9aa87a7727d98;Google Update Service (gupdate1c9aa87a7727d98);c:\program files\Google\Update\GoogleUpdate.exe [3/21/2009 5:46 PM 133104]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;"l:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe" --> l:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/21/2009 5:46 PM 133104]
S3 JmtFltr;n52te;c:\windows\system32\drivers\JmtFltr.sys [5/1/2011 2:59 PM 48896]
S3 LiveTurbineMessageService;Turbine Message Service - Live;"l:\program files\Turbine\Turbine Download Manager\TurbineMessageService.exe" --> l:\program files\Turbine\Turbine Download Manager\TurbineMessageService.exe [?]
S3 LiveTurbineNetworkService;Turbine Network Service - Live;"l:\program files\Turbine\Turbine Download Manager\TurbineNetworkService.exe" --> l:\program files\Turbine\Turbine Download Manager\TurbineNetworkService.exe [?]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 8:01 AM 2799808]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-17 c:\windows\Tasks\AdobeAAMUpdater-1.0-DINING-PC-Jun.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-19 10:44]
.
2011-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
2011-10-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 20:38]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 00:46]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 00:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ftaforall.net/forums
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: motive.com\patttbc.att
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://fnse.homedns.org/RtspVaPgDec.cab
FF - ProfilePath - c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Beeb9112c-4de0-4b18-ad3f-79bc14e4cd01%7D&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a&ds=AVG&v=8.0.0.34.1&lang=en&pr=fr&d=2011-10-14%2008%3A25%3A07&sap=ku&q=
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{01C4A12C-6D67-45E5-A9B1-8ADD7A652DBd} - c:\documents and settings\Geraldine\Local Settings\Application Data\TrayPTR.dll
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-MouseNotifierUpdate - (no file)
HKLM-Run-ATT-SST_McciTrayApp - c:\program files\ATT-SST\McciTrayApp.exe
Notify-NavLogon - (no file)
MSConfigStartUp-PCLEUSBTip - c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
MSConfigStartUp-YBrowser - c:\progra~1\Yahoo!\browser\ybrwicon.exe
MSConfigStartUp-Zune Launcher - c:\program files\Zune\ZuneLauncher.exe
AddRemove-Halo - d:\program files\Microsoft Games\Halo\UNINSTAL.EXE
AddRemove-SBC Self Support Tool - c:\docume~1\GERALD~1\LOCALS~1\Temp\SST\CustomUninstall.exe
AddRemove-Steam App 400 - l:\program files\Steam\steam.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-18 14:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(552)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng-us.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\PSIService.exe
c:\program files\HP\hpcoretech\comp\hptskmgr.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2011-10-18 14:16:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-18 21:16
.
Pre-Run: 35,702,226,944 bytes free
Post-Run: 38,519,365,632 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 6C3FC1A47BB2D75F10BF35866C69D9DF

#8
Alpo

Posted 18 October 2011 - 09:18 PM

New Member

Members
8 posts

Well it seems like the everything is ok. I think the rootkit was erased. I looked through the logs and looks as though there's nothing left. Unfortunately my eye is untrained. If you see anything, let me know. Thanks so much for your help, Jedi!

#9
jedi

Posted 19 October 2011 - 01:55 AM

New Member

Experts
17 posts

Hi again,

Quote

While combofix was running, it found a rootkit. I think it was zeroaccess.

ZeroAccess is a common redirect infection at the moment, and it does look like Combofix has taken care of it. I do suggest you run an on-line scan to pick up any potential left-overs:

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.

Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan
Wait for the scan to finish
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

jedi

#10
Alpo

Posted 19 October 2011 - 03:01 PM

New Member

Members
8 posts

Well it looks like ESET found more virii. Here's the log:

Thanks!

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=68e853c5baf8cc469234776a1f76fef3
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-19 07:55:59
# local_time=2011-10-19 12:55:59 (-0800, Pacific Daylight Time)
# country="United States"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1024 16777215 100 0 436894 436894 0 0
# compatibility_mode=1792 16777175 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=66510
# found=7
# cleaned=7
# scan_time=4224
C:\Documents and Settings\All Users\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\10\2f84494a-4ef2d65f Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\15\51660c8f-66f5131f Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\45\d81016d-34a5ed6c Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Geraldine\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Jun\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

#11
jedi

Posted 20 October 2011 - 03:47 AM

New Member

Experts
17 posts

Hi again,

I don't see any evidence there are any active infections remaining, but I suggest you update your definitions for MBAM and Avira and run a full scan with each, just to be safe.

When you have done so please let me know how your PC is running. If there are any remaining issues please describe them.

Also:

Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

jedi

#12
Alpo

Posted 21 October 2011 - 06:05 PM

New Member

Members
8 posts

Here's the check up:

So far so good.

Thanks, Jedi!

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira Free Antivirus
ESET Online Scanner v3
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java™ 6 Update 22
Java™ 6 Update 3
Out of date Java installed!
Adobe Flash Player ( 10.3.181.14) Flash Player Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````

#13
jedi

Posted 22 October 2011 - 01:57 AM

New Member

Experts
17 posts

Hi again,

You're welcome. The Security Check results are fairly self-explanatory, you need to keep peripheral software updated as it's an infection vector for Malware.

JavaRa will deal with the out-of-date Java:

Please download JavaRa and unzip it to your Desktop.
http://raproducts.or...dpress/software

Double click JavaRa.exe then click Remove Older Versions.

Follow any prompts.

Next, select Search For Updates.

Select Update Using Sun Java's Website --> Search, and continue the instructions for downloading and installing the latest Java version.

Flash Player can be updated here:
http://get.adobe.com/flashplayer/

I recommend Secunia for keeping software up-to-date, either with a regular scan with Secunia OSI or by installing Secunia PSI. It takes all the effort out of keeping everything updated.

It looks like you're clear of Malware. I'm glad we were able to help.

jedi

#14
LDTate

Posted 26 October 2011 - 01:41 PM

Forum Deity

Moderators
20,070 posts

Gender:Male
Location:Missouri, USA

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Larry Tate
Consumer Support Specialist