Alpo

Redirect Virus Strikes Again, and again, and again...

14 posts in this topic

Hello All! Newbie here. I have one of those redirect virus hiding out in my compy. MBM finds one every day and kills it, as does Avira. Everything runs well for a while and then after an hour the virus pops up again. I read the sticky at the top of the forum so here is my DDS:

Also, what exactly do you look for in these .txt files that help you decided what route to take as far choosing a cleaning solution?

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Run by Geraldine at 21:55:44 on 2011-10-17

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\crypserv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\PSIService.exe

C:\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\n52te\n52teHid.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\msdtc.exe

C:\32788R22FWJFW\cmd.3XE

C:\32788R22FWJFW\handle.3XE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wuauclt.exe

c:\program files\avira\antivir desktop\avcenter.exe

C:\Documents and Settings\Geraldine\Desktop\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ftaforall.net/forums

uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com

uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

mURLSearchHooks: H - No File

BHO: {01c4a12c-6d67-45e5-a9b1-8add7a652dbd} - c:\documents and settings\geraldine\local settings\application data\TrayPTR.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: AhIeBho Class: {10384d0e-2bc1-48b6-844b-ad0e9e6d2511} - c:\program files\zoomtext 9.0\ahoi\ah_ie_bho.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

TB: The Pirate Bay Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b313} -

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [AdobeBridge]

uRun: [Yahoo! Pager] 1

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear

uRun: [cdloader] "c:\documents and settings\geraldine\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [MouseNotifierUpdate] rundll32.exe "c:\documents and settings\all users\application data\MouseNotifierUpdate.dll",DllRegisterServer

mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"

mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe

mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"

mRun: [soundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe"

mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe

mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] "c:\program files\common files\adobe\switchboard\SwitchBoard.exe"

mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] "c:\program files\nvidia corporation\nview\nwiz.exe" /installquiet

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Jomantha] "c:\program files\n52te\n52teHid.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzc5MzQ3MzAwLUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1YTzM2KzEtRjlNN0MrNS1GOU0xMEIrMi1YTzkrMS1GOU0yKzEtRERUKzQyOTQ5MzAyMzEtREQ5MEYrMS1TVDkwRkFQUCsxLUY5ME0xMkFUKzEtRjkwTTEyQSsxLUY5ME0xMkFCKzEtVTk1KzEtRjkwTTEyQVRCKzEtU1QxMkZPSSsxLVNUMTJGQVBQKzEtU1RGOTBNMTJBVUYrMQ"&"prod=90"&"ver=2012.0.1831"&"mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a

IE: &Search

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

Trusted Zone: motive.com\patttbc.att

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://fnse.homedns.org/RtspVaPgDec.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{B9A8AA49-78A2-43C3-908A-64C759770C64} : DhcpNameServer = 192.168.1.1

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\geraldine\application data\mozilla\firefox\profiles\rm40auqb.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Beeb9112c-4de0-4b18-ad3f-79bc14e4cd01%7D&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a&ds=AVG&v=8.0.0.34.1〈=en&pr=fr&d=2011-10-14%2008%3A25%3A07&sap=ku&q=

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\documents and settings\geraldine\application data\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npEModelPlugin.dll

FF - plugin: c:\program files\veetle\player\npvlc.dll

FF - plugin: c:\program files\veetle\plugins\npVeetle.dll

FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll

FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll

FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll

.

============= SERVICES / DRIVERS ===============

.

R? CoordinatorServiceHost;SW Distributed TS Coordinator Service

R? gupdate1c9aa87a7727d98;Google Update Service (gupdate1c9aa87a7727d98)

R? gupdatem;Google Update Service (gupdatem)

R? JmtFltr;n52te

R? LiveTurbineMessageService;Turbine Message Service - Live

R? LiveTurbineNetworkService;Turbine Network Service - Live

R? lwwbkgs;lwwbkgs

R? MrFilter;EasyWrite Driver

R? msvsmon80;Visual Studio 2005 Remote Debugger

R? SwitchBoard;Adobe SwitchBoard

R? vrdvqt;vrdvqt

S? Ai2sXP;Ai2sXP

S? AntiVirSchedulerService;Avira Scheduler

S? AntiVirService;Avira Realtime Protection

S? avgntflt;avgntflt

S? avkmgr;avkmgr

S? TomTomHOMEService;TomTomHOMEService

.

=============== Created Last 30 ================

.

2011-10-15 06:19:40 141824 ----a-w- c:\documents and settings\all users\application data\MouseNotifierUpdate.dll

2011-10-14 17:40:19 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-14 17:40:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-14 15:56:22 -------- d-----w- c:\documents and settings\geraldine\application data\Avira

2011-10-14 15:56:01 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-10-14 15:56:01 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2011-10-14 15:56:00 -------- d-----w- c:\program files\Avira

2011-10-14 15:56:00 -------- d-----w- c:\documents and settings\all users\application data\Avira

2011-10-14 15:50:52 98816 ----a-w- c:\windows\sed.exe

2011-10-14 15:50:52 518144 ----a-w- c:\windows\SWREG.exe

2011-10-14 15:50:52 256000 ----a-w- c:\windows\PEV.exe

2011-10-14 15:50:52 208896 ----a-w- c:\windows\MBR.exe

2011-10-14 15:41:28 -------- d-----w- c:\documents and settings\geraldine\application data\Malwarebytes

2011-10-14 15:41:22 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-10-14 05:44:29 -------- d-----w- c:\documents and settings\geraldine\application data\AVG2012

2011-10-14 00:44:20 -------- d-----w- c:\documents and settings\all users\application data\AVG2012

2011-10-13 16:27:19 0 ---ha-w- c:\documents and settings\geraldine\dymvzoigtl.tmp

2011-10-07 19:04:21 -------- d-----w- C:\StarCraft II

.

==================== Find3M ====================

.

.

============= FINISH: 22:00:42.34 ===============

The attach Text is as follows:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 10/1/2007 7:46:49 PM

System Uptime: 10/16/2011 2:47:11 AM (44 hours ago)

.

Motherboard: Dell Inc. | | 0MD525

Processor: Intel® Pentium® 4 CPU 3.60GHz | Microprocessor | 3591/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 89 GiB total, 33.531 GiB free.

D: is FIXED (NTFS) - 74 GiB total, 35.72 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

I: is Removable

J: is Removable

N: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

Description: Nokia E51

Device ID: ROOT\WPD\0000

Manufacturer: Nokia

Name: Nokia E51

PNP Device ID: ROOT\WPD\0000

Service: WUDFRd

.

==== System Restore Points ===================

.

RP1530: 10/3/2011 5:32:11 PM - System Checkpoint

RP1531: 10/4/2011 7:07:29 PM - System Checkpoint

RP1532: 10/5/2011 8:56:57 PM - System Checkpoint

RP1533: 10/6/2011 9:41:25 PM - System Checkpoint

RP1534: 10/7/2011 10:17:07 PM - System Checkpoint

RP1535: 10/8/2011 11:52:51 PM - System Checkpoint

RP1536: 10/9/2011 11:54:26 PM - System Checkpoint

RP1537: 10/11/2011 12:38:14 AM - System Checkpoint

RP1538: 10/11/2011 9:56:25 AM - Avg Update

RP1539: 10/12/2011 10:30:42 AM - System Checkpoint

RP1540: 10/13/2011 10:13:26 AM - Removed Ask Toolbar.

RP1541: 10/13/2011 10:20:17 AM - Removed Zune

RP1542: 10/13/2011 10:20:42 AM - Quitado Zune Language Pack (ES)

RP1543: 10/13/2011 10:20:55 AM - Supprimé Zune Language Pack (FR)

RP1544: 10/13/2011 10:24:00 AM - Installed AVG 2012

RP1545: 10/13/2011 10:25:24 AM - Removed AVG Free 9.0

RP1546: 10/13/2011 5:44:12 PM - Installed AVG 2012

RP1547: 10/13/2011 6:10:48 PM - Removed AVG 2012

RP1548: 10/13/2011 6:11:19 PM - Removed AVG 2012

RP1549: 10/13/2011 6:18:51 PM - Installed AVG 2012

RP1550: 10/13/2011 6:26:55 PM - Installed AVG 2012

RP1551: 10/13/2011 10:39:47 PM - Restore Operation

RP1552: 10/13/2011 10:42:37 PM - Restore Operation

RP1553: 10/13/2011 10:45:38 PM - Restore Operation

RP1554: 10/13/2011 10:47:05 PM - Removed AVG 2012

RP1555: 10/13/2011 10:47:29 PM - Removed AVG 2012

RP1556: 10/14/2011 8:06:40 AM - Removed Security Update for CAPICOM (KB931906)

RP1557: 10/14/2011 8:22:41 AM - Installed AVG 2012

RP1558: 10/14/2011 8:24:49 AM - Installed AVG 2012

RP1559: 10/14/2011 8:54:59 AM - Removed AVG 2012

RP1560: 10/14/2011 8:55:23 AM - Removed AVG 2012

RP1561: 10/15/2011 12:05:10 PM - System Checkpoint

RP1562: 10/16/2011 12:26:14 PM - System Checkpoint

.

==== Installed Programs ======================

.

.

µTorrent

Adobe AIR

Adobe Community Help

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Illustrator CS5

Adobe Media Player

Adobe Photoshop CS5

Adobe Reader 9.4.3

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AT&T Yahoo! Applications

Avira Free Antivirus

Bonjour

Broadcom Gigabit Integrated Controller

BroadJump Client Foundation

Business PlanMaker

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

CDisplay 1.8

ConvertHelper 2.2

Corel Paint Shop Pro Photo X2

Creative WebCam Instant Driver (1.01.02.0729)

Critical Update for Windows Media Player 11 (KB959772)

CutePDF Writer 2.8

Dell Resource CD

DiscAPI (Studio 10)

DivX Converter

DivX Plus DirectShow Filters

DivX Version Checker

Driver Detective

DWGeditor

EVGA OC Scanner 1.5.0

GameSpy Arcade

Google Chrome

Google Earth

Google Update Helper

Google Updater

HDClone 4 Free Edition

hereUareVoIP

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Deskjet 3740

HP Software Update

i-PhoneHome

iTunes

Java Auto Updater

Java 6 Update 22

Java 6 Update 3

JD2 Tube Bend App.

Kurzweil 3000 v.11

Logitech SetPoint

magicJack

Malwarebytes' Anti-Malware version 1.51.2.1300

Mastercam X2 Demo

Medieval II Total War

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft ActiveSync

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Halo

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office 2003 Web Components

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.5

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual J# .NET Redistributable Package 1.1

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Motherboard Monitor 5

Move Media Player

Mozilla Firefox 6.0.2 (x86 en-US)

MSVC80_x86

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 6 Service Pack 2 (KB973686)

Musicmatch® Jukebox

n52te Editor

NBC Direct

Netflix Movie Viewer

Nokia Connectivity Cable Driver

Nokia Map Loader

Nokia PC Suite

NVIDIA Control Panel 266.58

NVIDIA Graphics Driver 266.58

NVIDIA Install Application

NVIDIA nTune

NVIDIA nView 135.50

NVIDIA nView Desktop Manager

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

PC Connectivity Solution

PDF Settings CS5

PhotoView 360

Pinnacle device drivers

Pinnacle Instant DVD Recorder

Portal

PowerISO

QuickTime

RAPID (Studio 10)

Roxio EasyWrite Reader

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB980376)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB982135)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360131)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Shockwave

Skype™ 4.2

SolidWorks 2010 SP0

SolidWorks eDrawings 2010

SolidWorks Explorer 2010 SP0

SoundMAX

Spotify

StarCraft II

Steam

Studio 10

The Rosetta Stone

TomTom HOME 2.7.3.1894

TomTom HOME Visual Studio Merge Modules

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Outlook 2007 Junk Email Filter (kb2202131)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB976749)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.4053

Veetle TV 0.9.18

Ventrilo Client

Veoh Web Player Beta

WebFldrs XP

WinAce Archiver

Windows Driver Package - Belkin (HidUsb) HIDClass (01/11/2007 1.0)

Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)

Windows Driver Package - Nokia Modem (03/05/2008 3.7)

Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)

Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)

Windows Genuine Advantage Notifications (KB905474)

Windows Imaging Component

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Presentation Foundation

Windows XP Service Pack 3

World of Warcraft

XML Paper Specification Shared Components Pack 1.0

ZoomText 9.0

.

==== Event Viewer Messages From Past Week ========

.

10/13/2011 6:43:28 PM, error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: Access is denied.

10/13/2011 6:43:28 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service WebrootSpySweeperService with arguments "" in order to run the server: {1281A68F-9E75-418F-B3AC-D5B23DD86408}

10/13/2011 6:39:16 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

10/13/2011 6:37:54 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: Access is denied.

10/13/2011 6:36:55 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'cdrom.sys' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

10/13/2011 6:30:22 PM, error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Thanks in advance

Share this post


Link to post
Share on other sites

Hi,

Please update MBAM and run a quick scan. Please post that report here.

Next:

Please download TDSSKiller.zip and extract it to a folder on your Desktop.

>>> Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

jedi

Share this post


Link to post
Share on other sites

Thanks, jedi! The mbam log is as follows: I'm gonna run TDSSKiller after this post.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7947

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/18/2011 9:59:45 AM

mbam-log-2011-10-18 (09-59-45).txt

Scan type: Quick scan

Objects scanned: 243586

Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

Here is the Report from TDSSkiller:

10:24:02.0218 2996 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23

10:24:02.0750 2996 ============================================================

10:24:02.0750 2996 Current date / time: 2011/10/18 10:24:02.0750

10:24:02.0750 2996 SystemInfo:

10:24:02.0750 2996

10:24:02.0750 2996 OS Version: 5.1.2600 ServicePack: 3.0

10:24:02.0750 2996 Product type: Workstation

10:24:02.0750 2996 ComputerName: DINING-PC

10:24:02.0750 2996 UserName: Geraldine

10:24:02.0750 2996 Windows directory: C:\WINDOWS

10:24:02.0750 2996 System windows directory: C:\WINDOWS

10:24:02.0750 2996 Processor architecture: Intel x86

10:24:02.0750 2996 Number of processors: 2

10:24:02.0750 2996 Page size: 0x1000

10:24:02.0750 2996 Boot type: Normal boot

10:24:02.0750 2996 ============================================================

10:24:04.0187 2996 Initialize success

10:24:23.0953 1796 ============================================================

10:24:23.0953 1796 Scan started

10:24:23.0953 1796 Mode: Manual;

10:24:23.0953 1796 ============================================================

10:24:24.0453 1796 1a3d5dcb - ok

10:24:24.0484 1796 2WIREPCP (6551c1cf190df3e12c435a085987fba0) C:\WINDOWS\system32\DRIVERS\2WirePCP.sys

10:24:24.0484 1796 2WIREPCP - ok

10:24:24.0515 1796 Abiosdsk - ok

10:24:24.0531 1796 abp480n5 - ok

10:24:24.0562 1796 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:24:24.0562 1796 ACPI - ok

10:24:24.0593 1796 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

10:24:24.0593 1796 ACPIEC - ok

10:24:24.0609 1796 adpu160m - ok

10:24:24.0640 1796 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:24:24.0640 1796 aec - ok

10:24:24.0671 1796 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

10:24:24.0671 1796 AFD - ok

10:24:24.0703 1796 Aha154x - ok

10:24:24.0718 1796 Ai2sXP (470de747281cf6279ec8923f77712617) C:\WINDOWS\System32\drivers\Ai2sXP.sys

10:24:24.0718 1796 Ai2sXP - ok

10:24:24.0750 1796 aic78u2 - ok

10:24:24.0781 1796 aic78xx - ok

10:24:24.0796 1796 AliIde - ok

10:24:24.0828 1796 amsint - ok

10:24:24.0859 1796 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapiw2k.sys

10:24:24.0859 1796 ASAPIW2K - ok

10:24:24.0890 1796 asc - ok

10:24:24.0906 1796 asc3350p - ok

10:24:24.0937 1796 asc3550 - ok

10:24:24.0968 1796 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:24:24.0968 1796 AsyncMac - ok

10:24:25.0000 1796 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:24:25.0000 1796 atapi - ok

10:24:25.0031 1796 Atdisk - ok

10:24:25.0046 1796 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:24:25.0046 1796 Atmarpc - ok

10:24:25.0078 1796 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:24:25.0078 1796 audstub - ok

10:24:25.0109 1796 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

10:24:25.0109 1796 avgntflt - ok

10:24:25.0140 1796 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys

10:24:25.0140 1796 avipbb - ok

10:24:25.0156 1796 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

10:24:25.0171 1796 avkmgr - ok

10:24:25.0187 1796 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

10:24:25.0187 1796 b57w2k - ok

10:24:25.0218 1796 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:24:25.0218 1796 Beep - ok

10:24:25.0250 1796 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:24:25.0250 1796 cbidf2k - ok

10:24:25.0281 1796 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

10:24:25.0281 1796 CCDECODE - ok

10:24:25.0312 1796 cd20xrnt - ok

10:24:25.0328 1796 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:24:25.0328 1796 Cdaudio - ok

10:24:25.0359 1796 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:24:25.0359 1796 Cdfs - ok

10:24:25.0390 1796 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:24:25.0390 1796 cdrom - ok

10:24:25.0406 1796 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

10:24:25.0406 1796 cercsr6 - ok

10:24:25.0437 1796 Changer - ok

10:24:25.0468 1796 CmdIde - ok

10:24:25.0500 1796 Cpqarray - ok

10:24:25.0531 1796 dac2w2k - ok

10:24:25.0546 1796 dac960nt - ok

10:24:25.0578 1796 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:24:25.0578 1796 Disk - ok

10:24:25.0625 1796 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

10:24:25.0625 1796 dmboot - ok

10:24:25.0656 1796 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

10:24:25.0656 1796 dmio - ok

10:24:25.0687 1796 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:24:25.0687 1796 dmload - ok

10:24:25.0718 1796 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:24:25.0718 1796 DMusic - ok

10:24:25.0734 1796 dpti2o - ok

10:24:25.0765 1796 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:24:25.0765 1796 drmkaud - ok

10:24:25.0796 1796 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:24:25.0812 1796 Fastfat - ok

10:24:25.0828 1796 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

10:24:25.0828 1796 Fdc - ok

10:24:25.0859 1796 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

10:24:25.0859 1796 Fips - ok

10:24:25.0890 1796 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

10:24:25.0890 1796 Flpydisk - ok

10:24:25.0921 1796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

10:24:25.0921 1796 FltMgr - ok

10:24:25.0953 1796 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:24:25.0953 1796 Fs_Rec - ok

10:24:25.0968 1796 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:24:25.0968 1796 Ftdisk - ok

10:24:26.0000 1796 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

10:24:26.0000 1796 GEARAspiWDM - ok

10:24:26.0031 1796 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:24:26.0031 1796 Gpc - ok

10:24:26.0062 1796 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys

10:24:26.0078 1796 Hardlock - ok

10:24:26.0109 1796 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:24:26.0109 1796 hidusb - ok

10:24:26.0125 1796 hpn - ok

10:24:26.0156 1796 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:24:26.0156 1796 HTTP - ok

10:24:26.0187 1796 i2omgmt - ok

10:24:26.0218 1796 i2omp - ok

10:24:26.0250 1796 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:24:26.0250 1796 Imapi - ok

10:24:26.0281 1796 ini910u - ok

10:24:26.0296 1796 IntelIde - ok

10:24:26.0328 1796 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:24:26.0328 1796 intelppm - ok

10:24:26.0359 1796 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

10:24:26.0359 1796 Ip6Fw - ok

10:24:26.0375 1796 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:24:26.0390 1796 IpFilterDriver - ok

10:24:26.0406 1796 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:24:26.0406 1796 IpInIp - ok

10:24:26.0437 1796 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:24:26.0437 1796 IpNat - ok

10:24:26.0468 1796 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:24:26.0468 1796 IPSec - ok

10:24:26.0500 1796 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:24:26.0500 1796 IRENUM - ok

10:24:26.0515 1796 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:24:26.0515 1796 isapnp - ok

10:24:26.0546 1796 JmtFltr (78cc22326e584d2c02e1ab8b38dbb00f) C:\WINDOWS\system32\Drivers\JmtFltr.sys

10:24:26.0546 1796 JmtFltr - ok

10:24:26.0578 1796 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:24:26.0578 1796 Kbdclass - ok

10:24:26.0609 1796 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

10:24:26.0609 1796 kbdhid - ok

10:24:26.0625 1796 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:24:26.0625 1796 kmixer - ok

10:24:26.0656 1796 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:24:26.0656 1796 KSecDD - ok

10:24:26.0687 1796 lbrtfdc - ok

10:24:26.0718 1796 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys

10:24:26.0718 1796 LHidKe - ok

10:24:26.0750 1796 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

10:24:26.0750 1796 LMouKE - ok

10:24:26.0781 1796 lwwbkgs - ok

10:24:26.0796 1796 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys

10:24:26.0812 1796 MarvinBus - ok

10:24:26.0828 1796 mbmiodrvr (290fb01f7f51eff0960599404a09f8d6) C:\WINDOWS\system32\mbmiodrvr.sys

10:24:26.0828 1796 mbmiodrvr - ok

10:24:26.0859 1796 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:24:26.0859 1796 mnmdd - ok

10:24:26.0890 1796 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

10:24:26.0890 1796 Modem - ok

10:24:26.0921 1796 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys

10:24:26.0921 1796 motmodem - ok

10:24:26.0937 1796 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:24:26.0953 1796 Mouclass - ok

10:24:26.0968 1796 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:24:26.0968 1796 mouhid - ok

10:24:27.0000 1796 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:24:27.0000 1796 MountMgr - ok

10:24:27.0015 1796 mraid35x - ok

10:24:27.0031 1796 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

10:24:27.0031 1796 MREMP50 - ok

10:24:27.0031 1796 MREMP50a64 - ok

10:24:27.0046 1796 MREMPR5 - ok

10:24:27.0046 1796 MRENDIS5 - ok

10:24:27.0046 1796 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

10:24:27.0062 1796 MRESP50 - ok

10:24:27.0062 1796 MRESP50a64 - ok

10:24:27.0093 1796 MrFilter (ae3c9fe5449eff5522d5688a1da5d08d) C:\WINDOWS\system32\drivers\MrFilter.sys

10:24:27.0093 1796 MrFilter - ok

10:24:27.0109 1796 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:24:27.0109 1796 MRxDAV - ok

10:24:27.0140 1796 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:24:27.0156 1796 MRxSmb - ok

10:24:27.0187 1796 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:24:27.0187 1796 Msfs - ok

10:24:27.0203 1796 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:24:27.0203 1796 MSKSSRV - ok

10:24:27.0234 1796 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:24:27.0234 1796 MSPCLOCK - ok

10:24:27.0265 1796 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:24:27.0265 1796 MSPQM - ok

10:24:27.0281 1796 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:24:27.0281 1796 mssmbios - ok

10:24:27.0312 1796 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

10:24:27.0312 1796 MSTEE - ok

10:24:27.0343 1796 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

10:24:27.0343 1796 Mup - ok

10:24:27.0375 1796 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

10:24:27.0375 1796 NABTSFEC - ok

10:24:27.0406 1796 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:24:27.0406 1796 NDIS - ok

10:24:27.0421 1796 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

10:24:27.0437 1796 NdisIP - ok

10:24:27.0453 1796 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:24:27.0453 1796 NdisTapi - ok

10:24:27.0484 1796 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:24:27.0484 1796 Ndisuio - ok

10:24:27.0500 1796 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:24:27.0515 1796 NdisWan - ok

10:24:27.0531 1796 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

10:24:27.0531 1796 NDProxy - ok

10:24:27.0562 1796 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:24:27.0562 1796 NetBIOS - ok

10:24:27.0593 1796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:24:27.0593 1796 NetBT - ok

10:24:27.0625 1796 NetworkX (32d13224ec94423c9fa35c21b0de03f0) C:\WINDOWS\system32\ckldrv.sys

10:24:27.0625 1796 NetworkX - ok

10:24:27.0656 1796 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\WINDOWS\system32\drivers\ccdcmb.sys

10:24:27.0656 1796 nmwcd - ok

10:24:27.0687 1796 nmwcdc (29af182734a247240d89a0fe63dbef03) C:\WINDOWS\system32\drivers\ccdcmbo.sys

10:24:27.0687 1796 nmwcdc - ok

10:24:27.0703 1796 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:24:27.0703 1796 Npfs - ok

10:24:27.0734 1796 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:24:27.0750 1796 Ntfs - ok

10:24:27.0781 1796 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:24:27.0781 1796 Null - ok

10:24:27.0921 1796 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

10:24:28.0015 1796 nv - ok

10:24:28.0031 1796 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys

10:24:28.0031 1796 NVR0Dev - ok

10:24:28.0062 1796 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:24:28.0062 1796 NwlnkFlt - ok

10:24:28.0093 1796 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:24:28.0093 1796 NwlnkFwd - ok

10:24:28.0125 1796 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

10:24:28.0125 1796 Parport - ok

10:24:28.0156 1796 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:24:28.0156 1796 PartMgr - ok

10:24:28.0171 1796 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

10:24:28.0171 1796 ParVdm - ok

10:24:28.0203 1796 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

10:24:28.0203 1796 pccsmcfd - ok

10:24:28.0234 1796 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

10:24:28.0234 1796 PCI - ok

10:24:28.0265 1796 PCIDump - ok

10:24:28.0281 1796 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:24:28.0281 1796 PCIIde - ok

10:24:28.0312 1796 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys

10:24:28.0312 1796 PCLEPCI - ok

10:24:28.0343 1796 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:24:28.0343 1796 Pcmcia - ok

10:24:28.0359 1796 PD0620VID (4431f2fa27f56f4bc654b0af5810cc91) C:\WINDOWS\system32\DRIVERS\P0620Vid.sys

10:24:28.0375 1796 PD0620VID - ok

10:24:28.0390 1796 PDCOMP - ok

10:24:28.0421 1796 PDFRAME - ok

10:24:28.0437 1796 PDRELI - ok

10:24:28.0468 1796 PDRFRAME - ok

10:24:28.0500 1796 perc2 - ok

10:24:28.0515 1796 perc2hib - ok

10:24:28.0562 1796 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:24:28.0562 1796 PptpMiniport - ok

10:24:28.0593 1796 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:24:28.0593 1796 PSched - ok

10:24:28.0609 1796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:24:28.0625 1796 Ptilink - ok

10:24:28.0640 1796 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:24:28.0640 1796 PxHelp20 - ok

10:24:28.0671 1796 ql1080 - ok

10:24:28.0687 1796 Ql10wnt - ok

10:24:28.0718 1796 ql12160 - ok

10:24:28.0750 1796 ql1240 - ok

10:24:28.0765 1796 ql1280 - ok

10:24:28.0796 1796 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys

10:24:28.0796 1796 QV2KUX - ok

10:24:28.0828 1796 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:24:28.0828 1796 RasAcd - ok

10:24:28.0859 1796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:24:28.0859 1796 Rasl2tp - ok

10:24:28.0875 1796 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:24:28.0890 1796 RasPppoe - ok

10:24:28.0906 1796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:24:28.0906 1796 Raspti - ok

10:24:28.0937 1796 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:24:28.0937 1796 Rdbss - ok

10:24:28.0968 1796 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:24:28.0968 1796 RDPCDD - ok

10:24:29.0000 1796 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:24:29.0000 1796 rdpdr - ok

10:24:29.0031 1796 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

10:24:29.0031 1796 RDPWD - ok

10:24:29.0062 1796 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:24:29.0062 1796 redbook - ok

10:24:29.0093 1796 SCDEmu (612a3d69e603dbbe5c3c1079186a0393) C:\WINDOWS\system32\drivers\SCDEmu.sys

10:24:29.0093 1796 SCDEmu - ok

10:24:29.0125 1796 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:24:29.0125 1796 Secdrv - ok

10:24:29.0171 1796 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

10:24:29.0171 1796 senfilt - ok

10:24:29.0203 1796 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

10:24:29.0203 1796 serenum - ok

10:24:29.0234 1796 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

10:24:29.0234 1796 Serial - ok

10:24:29.0265 1796 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:24:29.0265 1796 Sfloppy - ok

10:24:29.0296 1796 Simbad - ok

10:24:29.0328 1796 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

10:24:29.0328 1796 SLIP - ok

10:24:29.0359 1796 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

10:24:29.0359 1796 smwdm - ok

10:24:29.0375 1796 Sparrow - ok

10:24:29.0406 1796 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:24:29.0406 1796 splitter - ok

10:24:29.0437 1796 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

10:24:29.0437 1796 sr - ok

10:24:29.0468 1796 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

10:24:29.0484 1796 Srv - ok

10:24:29.0500 1796 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys

10:24:29.0500 1796 SSKBFD - ok

10:24:29.0531 1796 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

10:24:29.0531 1796 ssmdrv - ok

10:24:29.0562 1796 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

10:24:29.0562 1796 StillCam - ok

10:24:29.0593 1796 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

10:24:29.0593 1796 streamip - ok

10:24:29.0609 1796 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:24:29.0609 1796 swenum - ok

10:24:29.0640 1796 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:24:29.0640 1796 swmidi - ok

10:24:29.0671 1796 symc810 - ok

10:24:29.0703 1796 symc8xx - ok

10:24:29.0718 1796 sym_hi - ok

10:24:29.0750 1796 sym_u3 - ok

10:24:29.0781 1796 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:24:29.0781 1796 sysaudio - ok

10:24:29.0812 1796 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:24:29.0812 1796 Tcpip - ok

10:24:29.0843 1796 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:24:29.0843 1796 TDPIPE - ok

10:24:29.0875 1796 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:24:29.0875 1796 TDTCP - ok

10:24:29.0890 1796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:24:29.0890 1796 TermDD - ok

10:24:29.0937 1796 TosIde - ok

10:24:29.0968 1796 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:24:29.0968 1796 Udfs - ok

10:24:29.0984 1796 ultra - ok

10:24:30.0015 1796 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:24:30.0031 1796 Update - ok

10:24:30.0046 1796 upperdev (2522747ba661514e3770e508cce45b64) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

10:24:30.0046 1796 upperdev - ok

10:24:30.0078 1796 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

10:24:30.0078 1796 USBAAPL - ok

10:24:30.0109 1796 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

10:24:30.0109 1796 usbaudio - ok

10:24:30.0140 1796 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:24:30.0140 1796 usbccgp - ok

10:24:30.0171 1796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:24:30.0171 1796 usbehci - ok

10:24:30.0187 1796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:24:30.0187 1796 usbhub - ok

10:24:30.0218 1796 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:24:30.0218 1796 usbprint - ok

10:24:30.0250 1796 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:24:30.0250 1796 usbscan - ok

10:24:30.0281 1796 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys

10:24:30.0281 1796 usbser - ok

10:24:30.0296 1796 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

10:24:30.0296 1796 UsbserFilt - ok

10:24:30.0328 1796 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:24:30.0328 1796 USBSTOR - ok

10:24:30.0359 1796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:24:30.0359 1796 usbuhci - ok

10:24:30.0375 1796 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

10:24:30.0375 1796 usb_rndisx - ok

10:24:30.0406 1796 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:24:30.0406 1796 VgaSave - ok

10:24:30.0437 1796 vhidmini (dffab3374f554977c4bb1b575a7b6502) C:\WINDOWS\system32\DRIVERS\vhidmini.sys

10:24:30.0437 1796 vhidmini - ok

10:24:30.0468 1796 ViaIde - ok

10:24:30.0484 1796 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

10:24:30.0484 1796 VolSnap - ok

10:24:30.0515 1796 vrdvqt - ok

10:24:30.0546 1796 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:24:30.0546 1796 Wanarp - ok

10:24:30.0578 1796 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

10:24:30.0593 1796 Wdf01000 - ok

10:24:30.0609 1796 WDICA - ok

10:24:30.0640 1796 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:24:30.0640 1796 wdmaud - ok

10:24:30.0687 1796 WISTechVIDCAP (797454446c66ecdca790677f223d1e20) C:\WINDOWS\system32\drivers\wisgostrm.sys

10:24:30.0687 1796 WISTechVIDCAP - ok

10:24:30.0718 1796 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

10:24:30.0718 1796 WpdUsb - ok

10:24:30.0750 1796 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

10:24:30.0750 1796 WSTCODEC - ok

10:24:30.0781 1796 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:24:30.0781 1796 WudfPf - ok

10:24:30.0812 1796 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:24:30.0812 1796 WudfRd - ok

10:24:30.0843 1796 zumbus (21a96535dd0a118d5663e5adc5c90f9e) C:\WINDOWS\system32\DRIVERS\zumbus.sys

10:24:30.0843 1796 zumbus - ok

10:24:30.0859 1796 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

10:24:30.0921 1796 \Device\Harddisk0\DR0 - ok

10:24:30.0921 1796 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

10:24:30.0921 1796 \Device\Harddisk1\DR1 - ok

10:24:30.0921 1796 Boot (0x1200) (4b2ef833625393d80776e7cddc63f725) \Device\Harddisk0\DR0\Partition0

10:24:30.0921 1796 \Device\Harddisk0\DR0\Partition0 - ok

10:24:30.0937 1796 Boot (0x1200) (60e7be93ee554562e8bd2b8f9f2845ca) \Device\Harddisk1\DR1\Partition0

10:24:30.0937 1796 \Device\Harddisk1\DR1\Partition0 - ok

10:24:30.0937 1796 ============================================================

10:24:30.0937 1796 Scan finished

10:24:30.0937 1796 ============================================================

10:24:30.0937 1660 Detected object count: 0

10:24:30.0937 1660 Actual detected object count: 0

10:24:55.0531 1548 ============================================================

10:24:55.0531 1548 Scan started

10:24:55.0531 1548 Mode: Manual; SigCheck; TDLFS;

10:24:55.0531 1548 ============================================================

10:24:55.0968 1548 1a3d5dcb - ok

10:24:55.0984 1548 2WIREPCP (6551c1cf190df3e12c435a085987fba0) C:\WINDOWS\system32\DRIVERS\2WirePCP.sys

10:24:59.0000 1548 2WIREPCP - ok

10:24:59.0015 1548 Abiosdsk - ok

10:24:59.0046 1548 abp480n5 - ok

10:24:59.0078 1548 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:24:59.0312 1548 ACPI - ok

10:24:59.0343 1548 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

10:24:59.0453 1548 ACPIEC - ok

10:24:59.0484 1548 adpu160m - ok

10:24:59.0500 1548 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:24:59.0625 1548 aec - ok

10:24:59.0640 1548 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

10:24:59.0671 1548 AFD - ok

10:24:59.0687 1548 Aha154x - ok

10:24:59.0718 1548 Ai2sXP (470de747281cf6279ec8923f77712617) C:\WINDOWS\System32\drivers\Ai2sXP.sys

10:24:59.0718 1548 Ai2sXP ( UnsignedFile.Multi.Generic ) - warning

10:24:59.0718 1548 Ai2sXP - detected UnsignedFile.Multi.Generic (1)

10:24:59.0750 1548 aic78u2 - ok

10:24:59.0765 1548 aic78xx - ok

10:24:59.0796 1548 AliIde - ok

10:24:59.0828 1548 amsint - ok

10:24:59.0859 1548 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapiw2k.sys

10:24:59.0859 1548 ASAPIW2K ( UnsignedFile.Multi.Generic ) - warning

10:24:59.0859 1548 ASAPIW2K - detected UnsignedFile.Multi.Generic (1)

10:24:59.0890 1548 asc - ok

10:24:59.0906 1548 asc3350p - ok

10:24:59.0937 1548 asc3550 - ok

10:24:59.0968 1548 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:25:00.0078 1548 AsyncMac - ok

10:25:00.0109 1548 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:25:00.0218 1548 atapi - ok

10:25:00.0250 1548 Atdisk - ok

10:25:00.0265 1548 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:25:00.0375 1548 Atmarpc - ok

10:25:00.0406 1548 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:25:00.0515 1548 audstub - ok

10:25:00.0546 1548 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

10:25:00.0796 1548 avgntflt - ok

10:25:00.0812 1548 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys

10:25:00.0828 1548 avipbb - ok

10:25:00.0843 1548 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

10:25:00.0859 1548 avkmgr - ok

10:25:00.0890 1548 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

10:25:00.0906 1548 b57w2k - ok

10:25:00.0937 1548 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:25:01.0046 1548 Beep - ok

10:25:01.0078 1548 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:25:01.0203 1548 cbidf2k - ok

10:25:01.0234 1548 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

10:25:01.0343 1548 CCDECODE - ok

10:25:01.0359 1548 cd20xrnt - ok

10:25:01.0390 1548 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:25:01.0500 1548 Cdaudio - ok

10:25:01.0531 1548 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:25:01.0640 1548 Cdfs - ok

10:25:01.0656 1548 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:25:01.0781 1548 cdrom - ok

10:25:01.0796 1548 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

10:25:01.0812 1548 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

10:25:01.0812 1548 cercsr6 - detected UnsignedFile.Multi.Generic (1)

10:25:01.0828 1548 Changer - ok

10:25:01.0859 1548 CmdIde - ok

10:25:01.0890 1548 Cpqarray - ok

10:25:01.0921 1548 dac2w2k - ok

10:25:01.0953 1548 dac960nt - ok

10:25:01.0984 1548 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:25:02.0093 1548 Disk - ok

10:25:02.0125 1548 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

10:25:02.0234 1548 dmboot - ok

10:25:02.0265 1548 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

10:25:02.0375 1548 dmio - ok

10:25:02.0406 1548 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:25:02.0515 1548 dmload - ok

10:25:02.0546 1548 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:25:02.0656 1548 DMusic - ok

10:25:02.0687 1548 dpti2o - ok

10:25:02.0703 1548 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:25:02.0812 1548 drmkaud - ok

10:25:02.0843 1548 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:25:02.0968 1548 Fastfat - ok

10:25:03.0000 1548 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

10:25:03.0109 1548 Fdc - ok

10:25:03.0125 1548 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

10:25:03.0250 1548 Fips - ok

10:25:03.0265 1548 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

10:25:03.0375 1548 Flpydisk - ok

10:25:03.0406 1548 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

10:25:03.0515 1548 FltMgr - ok

10:25:03.0546 1548 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:25:03.0656 1548 Fs_Rec - ok

10:25:03.0687 1548 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:25:03.0796 1548 Ftdisk - ok

10:25:03.0812 1548 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

10:25:03.0828 1548 GEARAspiWDM - ok

10:25:03.0859 1548 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:25:03.0968 1548 Gpc - ok

10:25:04.0000 1548 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys

10:25:04.0015 1548 Hardlock - ok

10:25:04.0046 1548 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:25:04.0156 1548 hidusb - ok

10:25:04.0187 1548 hpn - ok

10:25:04.0218 1548 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:25:04.0234 1548 HTTP - ok

10:25:04.0250 1548 i2omgmt - ok

10:25:04.0281 1548 i2omp - ok

10:25:04.0312 1548 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:25:04.0421 1548 Imapi - ok

10:25:04.0453 1548 ini910u - ok

10:25:04.0468 1548 IntelIde - ok

10:25:04.0500 1548 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:25:04.0609 1548 intelppm - ok

10:25:04.0640 1548 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

10:25:04.0750 1548 Ip6Fw - ok

10:25:04.0765 1548 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:25:04.0875 1548 IpFilterDriver - ok

10:25:04.0906 1548 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:25:05.0015 1548 IpInIp - ok

10:25:05.0046 1548 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:25:05.0156 1548 IpNat - ok

10:25:05.0187 1548 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:25:05.0296 1548 IPSec - ok

10:25:05.0312 1548 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:25:05.0421 1548 IRENUM - ok

10:25:05.0453 1548 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:25:05.0562 1548 isapnp - ok

10:25:05.0593 1548 JmtFltr (78cc22326e584d2c02e1ab8b38dbb00f) C:\WINDOWS\system32\Drivers\JmtFltr.sys

10:25:05.0609 1548 JmtFltr - ok

10:25:05.0625 1548 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:25:05.0734 1548 Kbdclass - ok

10:25:05.0765 1548 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

10:25:05.0875 1548 kbdhid - ok

10:25:05.0906 1548 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:25:06.0015 1548 kmixer - ok

10:25:06.0046 1548 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:25:06.0062 1548 KSecDD - ok

10:25:06.0078 1548 lbrtfdc - ok

10:25:06.0109 1548 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys

10:25:06.0125 1548 LHidKe - ok

10:25:06.0156 1548 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

10:25:06.0171 1548 LMouKE - ok

10:25:06.0203 1548 lwwbkgs - ok

10:25:06.0218 1548 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys

10:25:06.0234 1548 MarvinBus ( UnsignedFile.Multi.Generic ) - warning

10:25:06.0234 1548 MarvinBus - detected UnsignedFile.Multi.Generic (1)

10:25:06.0250 1548 mbmiodrvr (290fb01f7f51eff0960599404a09f8d6) C:\WINDOWS\system32\mbmiodrvr.sys

10:25:06.0265 1548 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning

10:25:06.0265 1548 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)

10:25:06.0296 1548 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:25:06.0406 1548 mnmdd - ok

10:25:06.0437 1548 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

10:25:06.0531 1548 Modem - ok

10:25:06.0562 1548 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys

10:25:06.0609 1548 motmodem - ok

10:25:06.0625 1548 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:25:06.0734 1548 Mouclass - ok

10:25:06.0765 1548 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:25:06.0875 1548 mouhid - ok

10:25:06.0906 1548 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:25:07.0015 1548 MountMgr - ok

10:25:07.0031 1548 mraid35x - ok

10:25:07.0046 1548 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

10:25:07.0046 1548 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

10:25:07.0046 1548 MREMP50 - detected UnsignedFile.Multi.Generic (1)

10:25:07.0046 1548 MREMP50a64 - ok

10:25:07.0062 1548 MREMPR5 - ok

10:25:07.0062 1548 MRENDIS5 - ok

10:25:07.0078 1548 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

10:25:07.0078 1548 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

10:25:07.0078 1548 MRESP50 - detected UnsignedFile.Multi.Generic (1)

10:25:07.0078 1548 MRESP50a64 - ok

10:25:07.0109 1548 MrFilter (ae3c9fe5449eff5522d5688a1da5d08d) C:\WINDOWS\system32\drivers\MrFilter.sys

10:25:07.0109 1548 MrFilter ( UnsignedFile.Multi.Generic ) - warning

10:25:07.0109 1548 MrFilter - detected UnsignedFile.Multi.Generic (1)

10:25:07.0140 1548 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:25:07.0250 1548 MRxDAV - ok

10:25:07.0281 1548 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:25:07.0296 1548 MRxSmb - ok

10:25:07.0328 1548 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:25:07.0437 1548 Msfs - ok

10:25:07.0468 1548 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:25:07.0562 1548 MSKSSRV - ok

10:25:07.0593 1548 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:25:07.0703 1548 MSPCLOCK - ok

10:25:07.0734 1548 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:25:07.0828 1548 MSPQM - ok

10:25:07.0859 1548 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:25:07.0968 1548 mssmbios - ok

10:25:08.0000 1548 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

10:25:08.0093 1548 MSTEE - ok

10:25:08.0125 1548 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

10:25:08.0234 1548 Mup - ok

10:25:08.0265 1548 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

10:25:08.0375 1548 NABTSFEC - ok

10:25:08.0390 1548 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:25:08.0500 1548 NDIS - ok

10:25:08.0531 1548 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

10:25:08.0640 1548 NdisIP - ok

10:25:08.0656 1548 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:25:08.0765 1548 NdisTapi - ok

10:25:08.0796 1548 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:25:08.0906 1548 Ndisuio - ok

10:25:08.0921 1548 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:25:09.0031 1548 NdisWan - ok

10:25:09.0062 1548 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

10:25:09.0171 1548 NDProxy - ok

10:25:09.0187 1548 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:25:09.0296 1548 NetBIOS - ok

10:25:09.0328 1548 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:25:09.0437 1548 NetBT - ok

10:25:09.0468 1548 NetworkX (32d13224ec94423c9fa35c21b0de03f0) C:\WINDOWS\system32\ckldrv.sys

10:25:09.0468 1548 NetworkX ( UnsignedFile.Multi.Generic ) - warning

10:25:09.0468 1548 NetworkX - detected UnsignedFile.Multi.Generic (1)

10:25:09.0500 1548 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\WINDOWS\system32\drivers\ccdcmb.sys

10:25:09.0546 1548 nmwcd - ok

10:25:09.0562 1548 nmwcdc (29af182734a247240d89a0fe63dbef03) C:\WINDOWS\system32\drivers\ccdcmbo.sys

10:25:09.0609 1548 nmwcdc - ok

10:25:09.0625 1548 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:25:09.0734 1548 Npfs - ok

10:25:09.0765 1548 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:25:09.0875 1548 Ntfs - ok

10:25:09.0906 1548 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:25:10.0015 1548 Null - ok

10:25:10.0156 1548 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

10:25:10.0312 1548 nv - ok

10:25:10.0328 1548 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys

10:25:10.0343 1548 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning

10:25:10.0343 1548 NVR0Dev - detected UnsignedFile.Multi.Generic (1)

10:25:10.0359 1548 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:25:10.0468 1548 NwlnkFlt - ok

10:25:10.0500 1548 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:25:10.0609 1548 NwlnkFwd - ok

10:25:10.0640 1548 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

10:25:10.0750 1548 Parport - ok

10:25:10.0781 1548 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:25:10.0875 1548 PartMgr - ok

10:25:10.0906 1548 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

10:25:11.0015 1548 ParVdm - ok

10:25:11.0046 1548 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

10:25:11.0062 1548 pccsmcfd - ok

10:25:11.0078 1548 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

10:25:11.0187 1548 PCI - ok

10:25:11.0218 1548 PCIDump - ok

10:25:11.0234 1548 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:25:11.0343 1548 PCIIde - ok

10:25:11.0375 1548 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys

10:25:11.0375 1548 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning

10:25:11.0375 1548 PCLEPCI - detected UnsignedFile.Multi.Generic (1)

10:25:11.0406 1548 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:25:11.0515 1548 Pcmcia - ok

10:25:11.0546 1548 PD0620VID (4431f2fa27f56f4bc654b0af5810cc91) C:\WINDOWS\system32\DRIVERS\P0620Vid.sys

10:25:11.0546 1548 PD0620VID - ok

10:25:11.0578 1548 PDCOMP - ok

10:25:11.0609 1548 PDFRAME - ok

10:25:11.0625 1548 PDRELI - ok

10:25:11.0656 1548 PDRFRAME - ok

10:25:11.0687 1548 perc2 - ok

10:25:11.0703 1548 perc2hib - ok

10:25:11.0750 1548 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:25:11.0859 1548 PptpMiniport - ok

10:25:11.0890 1548 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:25:12.0000 1548 PSched - ok

10:25:12.0015 1548 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:25:12.0125 1548 Ptilink - ok

10:25:12.0156 1548 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:25:12.0156 1548 PxHelp20 - ok

10:25:12.0187 1548 ql1080 - ok

10:25:12.0218 1548 Ql10wnt - ok

10:25:12.0234 1548 ql12160 - ok

10:25:12.0265 1548 ql1240 - ok

10:25:12.0296 1548 ql1280 - ok

10:25:12.0312 1548 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys

10:25:12.0437 1548 QV2KUX - ok

10:25:12.0453 1548 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:25:12.0562 1548 RasAcd - ok

10:25:12.0593 1548 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:25:12.0703 1548 Rasl2tp - ok

10:25:12.0718 1548 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:25:12.0828 1548 RasPppoe - ok

10:25:12.0859 1548 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:25:12.0968 1548 Raspti - ok

10:25:13.0000 1548 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:25:13.0109 1548 Rdbss - ok

10:25:13.0125 1548 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:25:13.0234 1548 RDPCDD - ok

10:25:13.0265 1548 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:25:13.0375 1548 rdpdr - ok

10:25:13.0406 1548 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

10:25:13.0515 1548 RDPWD - ok

10:25:13.0531 1548 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:25:13.0640 1548 redbook - ok

10:25:13.0687 1548 SCDEmu (612a3d69e603dbbe5c3c1079186a0393) C:\WINDOWS\system32\drivers\SCDEmu.sys

10:25:13.0687 1548 SCDEmu ( UnsignedFile.Multi.Generic ) - warning

10:25:13.0687 1548 SCDEmu - detected UnsignedFile.Multi.Generic (1)

10:25:13.0718 1548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:25:13.0828 1548 Secdrv - ok

10:25:13.0859 1548 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

10:25:13.0890 1548 senfilt - ok

10:25:13.0906 1548 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

10:25:14.0031 1548 serenum - ok

10:25:14.0046 1548 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

10:25:14.0156 1548 Serial - ok

10:25:14.0187 1548 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:25:14.0296 1548 Sfloppy - ok

10:25:14.0328 1548 Simbad - ok

10:25:14.0343 1548 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

10:25:14.0453 1548 SLIP - ok

10:25:14.0484 1548 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

10:25:14.0500 1548 smwdm - ok

10:25:14.0531 1548 Sparrow - ok

10:25:14.0562 1548 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:25:14.0671 1548 splitter - ok

10:25:14.0687 1548 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

10:25:14.0796 1548 sr - ok

10:25:14.0828 1548 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

10:25:14.0843 1548 Srv - ok

10:25:14.0875 1548 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys

10:25:14.0890 1548 SSKBFD - ok

10:25:14.0906 1548 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

10:25:14.0921 1548 ssmdrv - ok

10:25:14.0953 1548 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

10:25:15.0062 1548 StillCam - ok

10:25:15.0093 1548 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

10:25:15.0187 1548 streamip - ok

10:25:15.0218 1548 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:25:15.0328 1548 swenum - ok

10:25:15.0359 1548 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:25:15.0468 1548 swmidi - ok

10:25:15.0484 1548 symc810 - ok

10:25:15.0515 1548 symc8xx - ok

10:25:15.0546 1548 sym_hi - ok

10:25:15.0578 1548 sym_u3 - ok

10:25:15.0593 1548 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:25:15.0703 1548 sysaudio - ok

10:25:15.0734 1548 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:25:15.0750 1548 Tcpip - ok

10:25:15.0781 1548 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:25:15.0890 1548 TDPIPE - ok

10:25:15.0906 1548 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:25:16.0015 1548 TDTCP - ok

10:25:16.0046 1548 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:25:16.0156 1548 TermDD - ok

10:25:16.0187 1548 TosIde - ok

10:25:16.0218 1548 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:25:16.0328 1548 Udfs - ok

10:25:16.0343 1548 ultra - ok

10:25:16.0375 1548 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:25:16.0484 1548 Update - ok

10:25:16.0515 1548 upperdev (2522747ba661514e3770e508cce45b64) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

10:25:16.0546 1548 upperdev - ok

10:25:16.0578 1548 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

10:25:16.0593 1548 USBAAPL - ok

10:25:16.0625 1548 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

10:25:16.0734 1548 usbaudio - ok

10:25:16.0750 1548 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:25:16.0859 1548 usbccgp - ok

10:25:16.0890 1548 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:25:17.0000 1548 usbehci - ok

10:25:17.0031 1548 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:25:17.0125 1548 usbhub - ok

10:25:17.0156 1548 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:25:17.0265 1548 usbprint - ok

10:25:17.0281 1548 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:25:17.0390 1548 usbscan - ok

10:25:17.0421 1548 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys

10:25:17.0531 1548 usbser - ok

10:25:17.0562 1548 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

10:25:17.0593 1548 UsbserFilt - ok

10:25:17.0625 1548 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:25:17.0718 1548 USBSTOR - ok

10:25:17.0750 1548 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:25:17.0859 1548 usbuhci - ok

10:25:17.0875 1548 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

10:25:17.0984 1548 usb_rndisx - ok

10:25:18.0015 1548 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:25:18.0125 1548 VgaSave - ok

10:25:18.0140 1548 vhidmini (dffab3374f554977c4bb1b575a7b6502) C:\WINDOWS\system32\DRIVERS\vhidmini.sys

10:25:18.0156 1548 vhidmini - ok

10:25:18.0187 1548 ViaIde - ok

10:25:18.0218 1548 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

10:25:18.0312 1548 VolSnap - ok

10:25:18.0343 1548 vrdvqt - ok

10:25:18.0375 1548 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:25:18.0484 1548 Wanarp - ok

10:25:18.0515 1548 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

10:25:18.0531 1548 Wdf01000 - ok

10:25:18.0562 1548 WDICA - ok

10:25:18.0593 1548 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:25:18.0687 1548 wdmaud - ok

10:25:18.0734 1548 WISTechVIDCAP (797454446c66ecdca790677f223d1e20) C:\WINDOWS\system32\drivers\wisgostrm.sys

10:25:18.0750 1548 WISTechVIDCAP - ok

10:25:18.0781 1548 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

10:25:18.0796 1548 WpdUsb - ok

10:25:18.0828 1548 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

10:25:18.0937 1548 WSTCODEC - ok

10:25:18.0968 1548 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:25:18.0984 1548 WudfPf - ok

10:25:19.0015 1548 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:25:19.0031 1548 WudfRd - ok

10:25:19.0062 1548 zumbus (21a96535dd0a118d5663e5adc5c90f9e) C:\WINDOWS\system32\DRIVERS\zumbus.sys

10:25:19.0078 1548 zumbus - ok

10:25:19.0093 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

10:25:19.0171 1548 \Device\Harddisk0\DR0 - ok

10:25:19.0171 1548 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

10:25:19.0437 1548 \Device\Harddisk1\DR1 - ok

10:25:19.0437 1548 Boot (0x1200) (4b2ef833625393d80776e7cddc63f725) \Device\Harddisk0\DR0\Partition0

10:25:19.0437 1548 \Device\Harddisk0\DR0\Partition0 - ok

10:25:19.0437 1548 Boot (0x1200) (60e7be93ee554562e8bd2b8f9f2845ca) \Device\Harddisk1\DR1\Partition0

10:25:19.0437 1548 \Device\Harddisk1\DR1\Partition0 - ok

10:25:19.0437 1548 ============================================================

10:25:19.0437 1548 Scan finished

10:25:19.0437 1548 ============================================================

10:25:19.0546 2108 Detected object count: 12

10:25:19.0546 2108 Actual detected object count: 12

10:26:16.0796 2108 Ai2sXP ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0796 2108 Ai2sXP ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0796 2108 ASAPIW2K ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0796 2108 ASAPIW2K ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0796 2108 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0796 2108 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0796 2108 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0796 2108 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0796 2108 mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0796 2108 mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 MrFilter ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 MrFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:26:16.0812 2108 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user

10:26:16.0812 2108 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip

Share this post


Link to post
Share on other sites

By the way, what are you looking for? Avira found another 2 viruses about 20 minutes ago.

Share this post


Link to post
Share on other sites

Hi again,

By the way, what are you looking for?

I'm looking for the cause of the redirects. :)

Everything runs well for a while and then after an hour the virus pops up again.

Can you be more specific? Please describe exactly what is happening.

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

cfRC_screen_2.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

jedi

Share this post


Link to post
Share on other sites

Hey Jedi,

While combofix was running, it found a rootkit. I think it was zeroaccess. something. Anyway combofix said it would go ahead and take care of the problem. Here's the log:

ComboFix 11-10-18.04 - Geraldine 10/18/2011 13:59:16.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1560 [GMT -7:00]

Running from: c:\documents and settings\Geraldine\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js

c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf

c:\documents and settings\Geraldine\dymvzoigtl.tmp

c:\documents and settings\Geraldine\My Documents\~WRL1212.tmp

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js

c:\documents and settings\Guest\Application Data\Mozilla\Firefox\Profiles\3ku6a73f.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf

c:\documents and settings\Jun\Application Data\Adobe\mushimu.exe

c:\documents and settings\Jun\Application Data\Google\T-Scan

c:\documents and settings\Jun\Application Data\Help\merman.exe

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js

c:\documents and settings\Jun\Application Data\Mozilla\Firefox\Profiles\770wt78n.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf

c:\documents and settings\Jun\My Documents\~WRL0001.tmp

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome.manifest

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\chrome\xulcache.jar

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\defaults\preferences\xulcache.js

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{ba54aa5f-7671-4cb4-a4dc-f9c8a8bd36ca}\install.rdf

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome.manifest

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\chrome\xulcache.jar

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\defaults\preferences\xulcache.js

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{d6c87722-9f9b-41fb-974a-e0a020d22f96}\install.rdf

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome.manifest

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\chrome\xulcache.jar

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\defaults\preferences\xulcache.js

c:\documents and settings\Migi\Application Data\Mozilla\Firefox\Profiles\zm733qnw.default\extensions\{df0d92ce-127c-4a68-80c1-5207b04b06d3}\install.rdf

c:\windows\$NtUninstallKB47113$

c:\windows\$NtUninstallKB47113$\1822774291

c:\windows\$NtUninstallKB47113$\440229323\@

c:\windows\$NtUninstallKB47113$\440229323\bckfg.tmp

c:\windows\$NtUninstallKB47113$\440229323\cfg.ini

c:\windows\$NtUninstallKB47113$\440229323\Desktop.ini

c:\windows\$NtUninstallKB47113$\440229323\keywords

c:\windows\$NtUninstallKB47113$\440229323\kwrd.dll

c:\windows\$NtUninstallKB47113$\440229323\L\mroazbgx

c:\windows\$NtUninstallKB47113$\440229323\lsflt7.ver

c:\windows\$NtUninstallKB47113$\440229323\U\00000001.@

c:\windows\$NtUninstallKB47113$\440229323\U\00000002.@

c:\windows\$NtUninstallKB47113$\440229323\U\80000000.@

c:\windows\$NtUninstallKB47113$\440229323\U\80000032.@

c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf

c:\windows\jestertb.dll

c:\windows\system32\CddbCdda.dll

c:\windows\system32\d3d9caps.dat

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_1a3d5dcb

.

.

((((((((((((((((((((((((( Files Created from 2011-09-18 to 2011-10-18 )))))))))))))))))))))))))))))))

.

.

2011-10-16 15:22 . 2011-10-16 15:22 -------- d-----w- c:\documents and settings\Migi\Application Data\Avira

2011-10-14 17:40 . 2011-10-14 17:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-14 17:40 . 2011-09-01 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\documents and settings\Geraldine\Application Data\Avira

2011-10-14 15:56 . 2011-09-18 15:39 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-10-14 15:56 . 2011-09-16 06:55 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2011-10-14 15:56 . 2011-09-16 06:55 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\program files\Avira

2011-10-14 15:56 . 2011-10-14 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2011-10-14 15:41 . 2011-10-14 15:41 -------- d-----w- c:\documents and settings\Geraldine\Application Data\Malwarebytes

2011-10-14 15:41 . 2011-10-14 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-10-14 05:44 . 2011-10-14 05:44 -------- d-----w- c:\documents and settings\Geraldine\Application Data\AVG2012

2011-10-14 00:44 . 2011-10-14 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012

2011-10-13 17:18 . 2011-10-13 17:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp

2011-10-07 19:04 . 2011-10-07 19:10 -------- d-----w- C:\StarCraft II

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-07 22:52 . 2011-03-25 01:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Yahoo! Pager"="1" [X]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-05 81920]

"cdloader"="c:\documents and settings\Geraldine\Application Data\mjusbsp\cdloader2.exe" [2011-08-23 50592]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2005-07-23 172032]

"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-07-23 49152]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]

"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"Jomantha"="c:\program files\n52te\n52teHid.exe" [2008-06-13 159744]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzc5MzQ3MzAwLUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1YTzM2KzEtRjlNN0MrNS1GOU0xMEIrMi1YTzkrMS1GOU0yKzEtRERUKzQyOTQ5MzAyMzEtREQ5MEYrMS1TVDkwRkFQUCsxLUY5ME0xMkFUKzEtRjkwTTEyQSsxLUY5ME0xMkFCKzEtVTk1KzEtRjkwTTEyQVRCKzEtU1QxMkZPSSsxLVNUMTJGQVBQKzEtU1RGOTBNMTJBVUYrMQ∏=90&ver=2012.0.1831&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a" [?]

.

c:\documents and settings\Geraldine\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]

2002-09-11 04:26 368706 ----a-w- c:\program files\BroadJump\Client Foundation\CFD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-01-25 23:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

2005-05-20 21:46 28160 ----a-w- c:\windows\KHALMNPR.Exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-05-13 23:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=

"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=

"d:\\Program Files\\Steam\\steamapps\\chucez\\team fortress classic\\hl.exe"=

"d:\\Program Files\\Steam\\steamapps\\chucez\\half-life\\hl.exe"=

"d:\\Program Files\\Steam\\steamapps\\chucez\\counter-strike\\hl.exe"=

"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"d:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=

"c:\\Program Files\\hereUareVoIP\\hereUareVoIP\\MyPhone.exe"=

"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=

"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=

"c:\\Program Files\\i-PhoneHome\\i-PhoneHome\\MyPhone.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Spotify\\spotify.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\StarCraft II\\Versions\\Base19679\\SC2.exe"=

"c:\\Documents and Settings\\Geraldine\\Application Data\\mjusbsp\\magicJack.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"6112:TCP"= 6112:TCP:Battle.net wc3

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

.

R0 MrFilter;EasyWrite Driver;c:\windows\system32\drivers\MRFilter.sys [10/2/2007 1:38 PM 14592]

R1 Ai2sXP;Ai2sXP;c:\windows\system32\drivers\Ai2sXP.sys [10/1/2007 7:56 PM 7296]

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10/14/2011 8:56 AM 36000]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/14/2011 8:56 AM 86224]

R2 TomTomHOMEService;TomTomHOMEService;c:\tomtom home 2\TomTomHOMEService.exe [11/13/2009 4:31 AM 92008]

S0 lwwbkgs;lwwbkgs;c:\windows\system32\drivers\wvohewe.sys --> c:\windows\system32\drivers\wvohewe.sys [?]

S0 vrdvqt;vrdvqt;c:\windows\system32\drivers\mtxok.sys --> c:\windows\system32\drivers\mtxok.sys [?]

S2 gupdate1c9aa87a7727d98;Google Update Service (gupdate1c9aa87a7727d98);c:\program files\Google\Update\GoogleUpdate.exe [3/21/2009 5:46 PM 133104]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;"l:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe" --> l:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/21/2009 5:46 PM 133104]

S3 JmtFltr;n52te;c:\windows\system32\drivers\JmtFltr.sys [5/1/2011 2:59 PM 48896]

S3 LiveTurbineMessageService;Turbine Message Service - Live;"l:\program files\Turbine\Turbine Download Manager\TurbineMessageService.exe" --> l:\program files\Turbine\Turbine Download Manager\TurbineMessageService.exe [?]

S3 LiveTurbineNetworkService;Turbine Network Service - Live;"l:\program files\Turbine\Turbine Download Manager\TurbineNetworkService.exe" --> l:\program files\Turbine\Turbine Download Manager\TurbineNetworkService.exe [?]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]

S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 8:01 AM 2799808]

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-17 c:\windows\Tasks\AdobeAAMUpdater-1.0-DINING-PC-Jun.job

- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-19 10:44]

.

2011-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

.

2011-10-18 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 20:38]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 00:46]

.

2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 00:46]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://ftaforall.net/forums

mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

uInternet Settings,ProxyOverride = *.local

IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: motive.com\patttbc.att

TCP: DhcpNameServer = 192.168.1.1

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://fnse.homedns.org/RtspVaPgDec.cab

FF - ProfilePath - c:\documents and settings\Geraldine\Application Data\Mozilla\Firefox\Profiles\rm40auqb.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Beeb9112c-4de0-4b18-ad3f-79bc14e4cd01%7D&mid=43e520fb676b56ebd52f83f31b2a03f5-d73da1d84c5ae80949d87611c24efccb76c1b24a&ds=AVG&v=8.0.0.34.1〈=en&pr=fr&d=2011-10-14%2008%3A25%3A07&sap=ku&q=

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{01C4A12C-6D67-45E5-A9B1-8ADD7A652DBd} - c:\documents and settings\Geraldine\Local Settings\Application Data\TrayPTR.dll

HKCU-Run-AdobeBridge - (no file)

HKCU-Run-MouseNotifierUpdate - (no file)

HKLM-Run-ATT-SST_McciTrayApp - c:\program files\ATT-SST\McciTrayApp.exe

Notify-NavLogon - (no file)

MSConfigStartUp-PCLEUSBTip - c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

MSConfigStartUp-YBrowser - c:\progra~1\Yahoo!\browser\ybrwicon.exe

MSConfigStartUp-Zune Launcher - c:\program files\Zune\ZuneLauncher.exe

AddRemove-Halo - d:\program files\Microsoft Games\Halo\UNINSTAL.EXE

AddRemove-SBC Self Support Tool - c:\docume~1\GERALD~1\LOCALS~1\Temp\SST\CustomUninstall.exe

AddRemove-Steam App 400 - l:\program files\Steam\steam.exe

AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-10-18 14:10

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(552)

c:\windows\system32\ieframe.dll

c:\windows\system32\OneX.DLL

c:\windows\system32\eappprxy.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll

c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng-us.nlr

c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\crypserv.exe

c:\windows\system32\RUNDLL32.EXE

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\progra~1\MI3AA1~1\rapimgr.exe

c:\program files\NVIDIA Corporation\nTune\nTuneService.exe

c:\windows\system32\PSIService.exe

c:\program files\HP\hpcoretech\comp\hptskmgr.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2011-10-18 14:16:37 - machine was rebooted

ComboFix-quarantined-files.txt 2011-10-18 21:16

.

Pre-Run: 35,702,226,944 bytes free

Post-Run: 38,519,365,632 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 6C3FC1A47BB2D75F10BF35866C69D9DF

Share this post


Link to post
Share on other sites

Well it seems like the everything is ok. I think the rootkit was erased. I looked through the logs and looks as though there's nothing left. Unfortunately my eye is untrained. If you see anything, let me know. Thanks so much for your help, Jedi!

Share this post


Link to post
Share on other sites

Hi again,

While combofix was running, it found a rootkit. I think it was zeroaccess.

ZeroAccess is a common redirect infection at the moment, and it does look like Combofix has taken care of it. I do suggest you run an on-line scan to pick up any potential left-overs:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

jedi :)

Share this post


Link to post
Share on other sites

Well it looks like ESET found more virii. Here's the log:

Thanks!

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=68e853c5baf8cc469234776a1f76fef3

# end=stopped

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-10-19 07:55:59

# local_time=2011-10-19 12:55:59 (-0800, Pacific Daylight Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1024 16777215 100 0 436894 436894 0 0

# compatibility_mode=1792 16777175 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=66510

# found=7

# cleaned=7

# scan_time=4224

C:\Documents and Settings\All Users\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\10\2f84494a-4ef2d65f Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\15\51660c8f-66f5131f Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Geraldine\Application Data\Sun\Java\Deployment\cache\6.0\45\d81016d-34a5ed6c Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Geraldine\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\Jun\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\eobnagenicipcmhlfhpcnineicdndmoj\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Share this post


Link to post
Share on other sites

Hi again,

I don't see any evidence there are any active infections remaining, but I suggest you update your definitions for MBAM and Avira and run a full scan with each, just to be safe.

When you have done so please let me know how your PC is running. If there are any remaining issues please describe them.

Also:

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

jedi

Share this post


Link to post
Share on other sites

Here's the check up:

So far so good. :D Thanks, Jedi!

Results of screen317's Security Check version 0.99.24

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

Avira Free Antivirus

ESET Online Scanner v3

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 22

Java 6 Update 3

Out of date Java installed!

Adobe Flash Player ( 10.3.181.14) Flash Player Out of Date!

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

``````````End of Log````````````

Share this post


Link to post
Share on other sites

Hi again,

You're welcome. The Security Check results are fairly self-explanatory, you need to keep peripheral software updated as it's an infection vector for Malware.

JavaRa will deal with the out-of-date Java:

Please download JavaRa and unzip it to your Desktop.

http://raproducts.org/wordpress/software

Double click JavaRa.exe then click Remove Older Versions.

Follow any prompts.

Next, select Search For Updates.

Select Update Using Sun Java's Website --> Search, and continue the instructions for downloading and installing the latest Java version.

Flash Player can be updated here:

http://get.adobe.com/flashplayer/

I recommend Secunia for keeping software up-to-date, either with a regular scan with Secunia OSI or by installing Secunia PSI. It takes all the effort out of keeping everything updated.

It looks like you're clear of Malware. I'm glad we were able to help. :)

jedi

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.